* Set up secure ldap server
* ldap: Added client cert options
Shamelessly copied from https://github.com/andrewshulgin/ldap_search
* Added tests for ldap client authentication
* Add changelog fragment
* Make sure the openssl commands work on older versions of openssl
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove aliases for new arguments
* Add required_together to ldap module declerations
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add composites to keycloak_role module
* Add composites support for realm role in keycloak module_utils
* Clean f.write from keycloak_role module
* keycloak_role support state for realm role composites
* Add support for composites in client role for keycloak_role module
* Add changelog fragment for keycloak role composites PR
* Fix pep8 and validate-modules tests errors
* Update changelogs/fragments/6469-add-composites-support-for-keycloak-role.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
I will try it
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test_keycloak_role assertion
* Fix role composite compare before update in keycloak_role module
* Fix realm problem with update_role_composites in keycloak.py module_utils
* Add units tests for composites and client roles in keycloak_role module
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change try in is_struct_included and add unit tests for keycloak.py module_utils
* Add integration tests for composites roles and fix bug with non master roles in keycloak_role module
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* is_struct_included refactor
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix composites comparison for role in is_struct_included keycloak.py function
* Add changelog fragment and unit tests
* Update changelogs/fragments/6688-is-struct-included-bug-in-keycloak-py.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called,
factorizing the kwargs for run_command() so there is less repetition.
There should be no behaviour changes.
The two RegistrationBase & Rhsm classes were copied from the ones in the
shared module_utils.redhat module; that said:
- the versions here got improvements over the years
- the RegistrationBase in module_utils.redhat is used only by the RHN
modules, which are deprecated and slated for removal
Hence, the classes here can be kept and simplified a bit:
- fold the non-dummy content of RegistrationBase into Rhsm: there is no
more need for the separate RegistrationBase base class
- drop the init arguments "username", "password", and "token": the
instance variables of them are not used anywhere, as the needed
credentials (together with other variables) are passed to the
register() method
- create the Rhsm object later in main(), after the AnsibleModule
creation and the uid check: this avoids the creation of Rhsm with a
null module variable, changing it later
There should be no behaviour change.
* MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified
* rollback empty "patch" on license markers to prevent test error
* disable test in ansible 2.12
* add changelog frag
* [WIP] snap: aware of channel in installed snaps
* parse snap list output and assert whether channel matches
* undo test
* fail rightfully when install with different channel does not work
* transparetent refresh
* rollback comment in integration test
* rollback comment in integration test
* add changelog frag
* Update plugins/modules/snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* New Proxmox VE modules to handle pools and their membership
* Fix pep8 linting errors
* Fix pep8 and compatibility errors
* Add required fields in the documentation
* Typo fix
* Fix pylint errors
* Fix the last one error
* Address review comments
* Fix linting error
* Add integration tests playbook
* Add assert for the diff mode
* Address review comments
* Fix typo in the word
* Fail for non-empty pool even in check_mode
* ini_file: Don't creates new file instead of following symlink
This is a bug fix that address a situation where `community.general.ini_file`
was destroying symlinks instead of updating of updating their targets.
Closes: #6470
* ini_file: add the follow parameter
If `poth` points on a symlink and `follow` is true, the `ini_file` plugin
will preserve the symlink and modify the target file.
* adjust the documentation of the new key
- yes/no -> true/false.
- new key will be introduced in 7.1.0.
- clean up the `state=link` part.
* vardict: easy hadling of module variables
* fix copyright year
* initial tests passing
* small adjustments
* add tests
* add to BOTMETA
* remove unused import pytest
* Update plugins/module_utils/vardict.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* minor refactor and documentation
* minor adjustments
* rename VarDict.var() to VarDict._var()
- plus add more docs
* fix method name in tests
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add FreeBSD 13.2.
* Skip FreeBSD 13.2 for iso_extract tests.
* Fix autoremove test: m4 is no longer a dependency, or it was already installed beforehand.
* Also disable the jail tests for FreeBSD 13.2.
* nmcli: added new module option 'slave_type' to allow create non-ethernet slave connections
* argument specs updated
* documentation updated
* examples updated
* added warning message when using type='bridge-slave'
* remove trailing whitespace
* Added warnings about rewrite 'slave-type' property when using type one of 'bond-slave', 'bridge-slave', 'team-slave'.
Added module fails when user sets contradicting values of 'slave-type' for types 'bond-slave', 'bridge-slave', 'team-slave'.
Returned back checking for types that can be a slave to assign 'master' and 'slave-type' properties.
* Extending list of slave-conn-types
* Update plugins/modules/nmcli.py
Version updated
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/nmcli.py
Updated documentation for `slave_type`
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Updated argspec's 'required_by' for 'master' property.
* Fixed mistake in property naming in module argspec.
* changelog fragment and module docs updated
* Validation of 'master', 'slave_type' options improved. (rebased)
* Validation of 'master' and 'slave_type' separated to special method.
* Wrote 6 tests for slave_type option behaviour
* Removed erroneously added property 'hairpin'
* Update version_added for 'slave_type'
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update changelogs/fragments/473-nmcli-slave-type-implemented.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Let master be without slave_type
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: Allow non-returning SQL statements
- The current implementation fails out when certain statements or
batches do not have resultsets - this limits the usefulness of the
module
- Instead, it is known that statements without resultsets return then
OperationalError exception with text "Statement not executed or
executed statement has no resultset". We will utilize these facts to
accept these statements
- The implementation also assumes that users will always use best-
practices for the script syntax; that is, "GO" will always be
capitalized but this is not strictly required -- update to allow "GO"
to be any mixed-case
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Add changelog fragment for change
- Add changelog fragment for PR 6192
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Improve batching
- Previous batching had shortcomings like making strict assumptions
about the format of the incoming script and did not handle Windows-
based scripts (e.g. \r characters). It also did not handle cases where
there were trailing or leading whitespace characters round the 'GO'
- Added a special case for removing the Byte Order Mark (BOM) character
that may come as part of a script when slurped from some hosts.
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Use str.splitlines()
- Use of this method is cleaner
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* Update changelogs/fragments/6192-allow-empty-resultsets.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix: Update transcribing errors
- Replace local namespace with project namespace
- Remove 'return' statement from the module.fail_json call
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
---------
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
Co-authored-by: Lesley Kimmel <lesleyk@vmware.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
This fix ensures that in case of a project quota, the corresponding project gets initialized, if required.
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
* gconftool2: fix change output
* add changelog frag
* gconftool2: improve visibility on the output
* fix obtaining updated value after `set`
* use issue URL in the changelog fragment
* fix further issues
* fix return value docs + changelog frag
* Update plugins/modules/gconftool2.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix return value doc
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add keycloak_authz_authorization scope module
This module allows managing Keycloak client authorization scopes. The client has
to have authorization enable for this to work.
* botmeta: make mattock maintainer of keycloak_authz_authorization_scope
* botmeta: add mattock to team_keycloak
* keycloak_authz_authorization_scope: documentation and code layout fixes
* keycloak_authz_authorization_scope: do not fail on names with whitespace
* keycloak_authz_authorization_scope: use url quote method
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authz_authorization_scope: style fixes to documentation
* keycloak_authz_authorization_scope: do not claim check/diff mode support
* keycloak_authz_authorization_scope: fix documentation
* keycloak_authz_authorization_scope: support check_mode and diff_mode
* keycloak_authz_authorization_scope: use more common terminology
Most keycloak modules use before_<object_type> and desired_<object_type> to
designate current and desired states of objects. Do the same for authorization
scopes.
* keycloak_authz_authorization_scope: fixes to check_mode and docs
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx and pipx_info: Document that modules require pipx 0.16.2.1 or above
Since their introduction, these modules rely on 'pipx list --json' to
return machine-readable output about installed pipx applications. That
functionality was introduced in 0.16.2, along with a critical bug fix
(invalid json) in 0.16.2.1.
* pipx: fix state=latest with install_deps=true
"pipx upgrade" stopped supporting the "--include-deps" option
("install_deps" in the ansible module) in pipx 0.15
(https://pypa.github.io/pipx/changelog/#01500).
The lack of support causes the pipx module to fail if attempting to use
state=latest with install_deps, since the parameter is passed to both
pipx install (fine) and pipx upgrade (fails).
* Add changelog fragment
* Initial implementation for new modules btrfs_subvolume and btrfs_info
* Improve/flesh out documentation. Add ability to target filesystem by uuid, label or device. Update tests to test targeting filesystem by each supported parameter and when only mountpoint.
* Updates for btrfs modules. Add missing copyright notices. Switch options to contains in return documentation. Update btrfs_subvolume to always use closest parent mount.
* Add maintainers for btrfs module(s) and remove unused class member cause lint failure.
* Add changelog fragment. Attempt to only run against the VMs as part of CI.
* Updates per code review. Remove changelog fragment. Switch use of map to list comprehension. Add trailing comma to last item in multi-line dicts. Clean up documentation with complete senstences for descriptions and correct/consistent use of macros.
* Improved error handling in btrfs_subvolume module: add custom exception type, favor exceptions over immediate call to fail_json and add single top level return for failure scenarios. Normalize name and snapshot_source parameters early in module execution and remove unecessary duplicate normalization throughout processing.
* Add azp/posix/3 to aliases per feedback
* Clean up automatic mounting. Prevent automount when check_mode=True. Immediately fail if a mount is identified as required and automount=True. Identify the minimal subset of subvolumes that need to be mounted instead of just finding a single common root.
* Skip btrfs_subvolume integration tests if btrfs-progs isn't successfully installed.
* Bump version_added for btrfs modules to 6.6.0. Ensure consistent trailing punctuation for module descriptions and document check_mode behavior as attribute description rather than a module level note.
* Remove unused imports from btrfs_subvolume module.
* Fix import.
* Docs improvements.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Do extra docs validation. Explicitly disallow semantic markup in docs.
* Forgot to add new requirement.
* Fix prefixes.
* Remove superfluous condition.
* TEMP - make CI fail.
* Revert "TEMP - make CI fail."
This reverts commit 14f4d6b503.
* Remove unnecessary import.
* Make sure ANSIBLE_COLLECTIONS_PATH is set.
* Make sure sanity tests from older Ansible versions don't complain.
* one_vm: fix syntax error when creating VMs with a more complex template
with more complex templates that make use of quoted strings the new
"render" method fails to produce a template that is accepted by
OpenNebula. ==> escape double quotes in strings to make OpenNebula
happy again.
I also tested whether newlines need to be escaped, looks like they are
fine as they are.
Fixes#6225
* module_utils/opennebula: skip empty values in render