New lookup plug-in: Bitwarden Secrets Manager (#6389)
* add Bitwarden Secrets Manager lookup
* fix pep8 and yamllint complaints
* fix version_added, add maintainer and copyright notice
* document BWS_ACCESS_TOKEN env var and declare as required
* avoid returning nested list
* update 'value of a secret' example after f6c4492c
* update copyright notice in bitwarden_secrets_manager plugin
thx felixfontein
Co-authored-by: Felix Fontein <felix@fontein.de>
* rename classes to distinguish from existing bw plugin
* use AnsibleLookupError, formatting
* bump version_added to 7.0.0
Co-authored-by: Felix Fontein <felix@fontein.de>
* ci fix: python style guide calls for excessive blank lines
https://peps.python.org/pep-0008/#blank-lines
* first attempt at unit tests for bws lookup
* ci fix: remove trailing newline
* attempt to fix tests object not callable error
* address formatting, tests and pyright suggestions
* reduce scope of mocked code for more real test coverage
only the actual bws CLI call is mocked now, this should enable the
exception thrown test to succeed if I didn't add new problems
* fix undefined variable 'expected_rc'
* fix mocked _run method to return correct data types
* keep list of one element for test case comparison
* bump version_added to 7.2.0
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: jantari <jantari@github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5365647ee7)
Co-authored-by: jantari <jantari@outlook.de>
snap: add track 'latest' if no track is specified (#6835)
* snap: add track 'latest' if no track is specified
See https://snapcraft.io/docs/channels for more details.
* snap: assume track latest if channel does not specify it
(cherry picked from commit dc0d00452f)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
[proxmox_vm_info] New module to retrieve virtual machines information from Proxmox VE API (#6852)
* [proxmox_vm_info] New module to retrieve virtual machines information from Proxmox VE API
* Address review comments
* Fix seealso fragment
* Update plugins/modules/proxmox_vm_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 7adb99855a)
Co-authored-by: Sergei Antipov <greendayonfire@gmail.com>
chroot: added an example (#6824)
* chroot: added an example
Added a simple example of chroot connection plugin
Fixes: #6365
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 59479b4abd)
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
proxmox: default value when checking for dict key (#6838)
* proxmox: default value when checking for dict key
* add changelog frag
(cherry picked from commit 49349fce5e)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Refactor consul_session to support authentication with tokens (#6755)
* Split into separate PR
* Refactor test, add author to inactive maintainers
* Add changelog fragment and correct requirements section on module documentation
* Add changelog fragment and correct requirements section on module documentation
* Update changelogs/fragments/6755-refactor-consul-session-to-use-requests-lib-instead-of-consul.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Valerio Poggi <vrpoggigmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 242258eb53)
Co-authored-by: Valerio Poggi <106782233+valeriopoggi@users.noreply.github.com>
proxmox_kvm: Add required timeout arg when force deleting (#6827)
* Add required timeout arg when force deleting
* Add changelog fragment
* Update changelogs/fragments/6827-proxmox_kvm-force-delete-bug-fix.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 216962a98c)
Co-authored-by: Drew Brown <drew@drewburr.com>
Add example for github_key in a single task (#6854)
* Add example for github_key in a single task
* Update plugins/modules/github_key.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 99a35b1664)
Co-authored-by: Seige <charliefjennings+git@gmail.com>
npm: replace test with required_if (#6848)
* npm: replace test with required_if
* add changelog frag
(cherry picked from commit 11406715f5)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
proxmox module utils: better error msg when token fails with old proxmoxer (#6839)
* proxmox module utils: clear msg when token fails with old proxmoxer
* add changelog frag
* better way to determine version
(cherry picked from commit e5dc697887)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
htpasswd: minor updates in the docs (#6840)
* htpasswd: minor updates in the docs
* remove double spaces
(cherry picked from commit b6883492c7)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Revert "proxmox_kvm: remove non-working example (#6498)" (#6832)
This reverts commit 61a0dc4370.
(cherry picked from commit 92ea63e20b)
Co-authored-by: Felix Fontein <felix@fontein.de>
[proxmox_template] Fix error while uploading big ISO to Proxmox VE cluster (#6757)
* [proxmox_template] Fix error while uploading big ISO to Proxmox VE cluster
* Fix pep8 test
* Add changelog fragment
* Add notes about requests_toolbelt
* Check versions and file size
* Fix typo in notes
* Add unit test. Move try inside of each function.
* Fix sanity tests
* Add proxmoxer in requirements file
* Update integration tests
* Add proxmoxer into constraints.txt
* Address review comments
* Don't run tests on 2.6 python
* Disable Python 2.6 tests for other proxmox modules
(cherry picked from commit 2d6e369d81)
Co-authored-by: Sergei Antipov <greendayonfire@gmail.com>
rhsm_repository: refactor handling of subscription-manager (#6783)
Create a small helper class Rhsm, so all the logic related to the
interaction with subscription-manager is grouped there:
- create the Rhsm object in main(), once the initial checks are done
- search subscription-manager as required (so there is no need to
manually check it), and store its path for reuse
- store the common arguments for running subscription-manager
- move run_subscription_manager() to Rhsm as run_repos()
- get rid of the different list parameters: we list only all the
repositories, so the other cases are not needed (and can be added
easily, if needed)
- move get_repository_list() to Rhsm as list_repositories()
The execution of subscription-manager is improved as well:
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- move the "repos" parameter directly in run_repos()
- explicitly disable the shell, already off by default
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called.
There should be no behaviour changes.
(cherry picked from commit 867704dd75)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
locale_gen: works with C.UTF-8 (#6774)
* locale_gen: fix
* test working with C.UTF-8
* working with locale eo
* handle C.UTF-8 edge cases
* grammatic pedantism
* add changelog frag
* add doc about specific OS support
* update changelog frag
(cherry picked from commit 3fd4cdb119)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
random_string docs to say it's cryptographically secure (#6691)
Modify random_string docs to state that randomness is cryptographically secure
(cherry picked from commit 89ad18d1a7)
Co-authored-by: Matthew Davis <7035647+mdavis-xyz@users.noreply.github.com>
Module `proxmox_kvm` `restarted` state bug fix (#6773)
* Change proxmox_kvm restart to use new method
Previously, the `restarted` state used both stop and start vm functions to restart a vm.
This change introduces the a new function that utilizes the proxmox reboot endpoint instead for a more reliable method of restarting a vm.
* Create 6773-proxmox_kvm-restarted-state-bug-fix.yaml
* Fix typo
* Add link to PR
* Chanel log fragment formatting changes
* Move try/catch to `restart_vm` function
* Update changelogs/fragments/6773-proxmox_kvm-restarted-state-bug-fix.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 3571df837d)
Co-authored-by: Juan Estupinan <65736594+juan210012@users.noreply.github.com>
Fix multiple issues with the TSS lookup plugin when using fetch_attachments (#6720)
* Treat files as binary when downloading attachments
* Raise a warning when the attachment can't be read
* Set the 'itemValue' for files, even when they can't be read
* Always return the original secret content
* Add changelog
* Fix changelog
* Update changelog
Co-authored-by: Felix Fontein <felix@fontein.de>
* Revert "Always return the original secret content"
This reverts commit a9fb96e165.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 6bff57ee6e)
Co-authored-by: laszlojau <49835454+laszlojau@users.noreply.github.com>
rhsm_repository: update returned "repositories" when using "purge=true" (#6676)
In case the "purge" option was enabled, the "repositories" element in
the returned JSON was not updated with the repositories disabled by that
option.
(cherry picked from commit ffb9b6ff96)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
lvg_rename: New module to support VG renaming (#6721)
* lvg_rename: New module to support VG renaming
* Remove vg option aliases
Fix YAML boolean case-formatting
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4871140696)
Co-authored-by: Laszlo Szomor <laszomor@gmail.com>
filesystem: add UUID change feature (#6680)
* filesystem: add UUID change feature
* Add changelog fragment for 6680
* Do not test XFS filesystem UUID reset on FreeBSD
FreeBSD error: xfs_admin: only 'rewrite' supported on V5 fs
* Apply suggestions from code review #1
Co-authored-by: Felix Fontein <felix@fontein.de>
* Set filesystem UUID on FS creation
* Fix tests - switch to ansible.builtion.to_uuid
* Fix tests - Refactor to avoid FS remove tasks
* Fail if uuid option not yet supported for fstype
* Set resizefs and uuid options mutually exclusive
* Apply suggestions from code review no 2.
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 5d9eb8be95)
Co-authored-by: Laszlo Szomor <laszomor@gmail.com>
lvg: add UUID reset and active state management feature (#6682)
* lvg: add UUID reset, rename, active switch feature
* Add changelog fragment for 6682
* Fix Sanity 2.15,devel tests
* Fix issue with LVM autoactivation
* Remove rename implementation
Add active/inactive states
Fix errors when a PV is missing
Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/lvg.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 24aeedbc15)
Co-authored-by: Laszlo Szomor <laszomor@gmail.com>
proxmox_kvm - Allow creation of VM with existing name but new vmid (#6709)
* proxmox_kvm - Allow creation of VM with existing name but new vmid
* Fix pylint and pep8 errors
* Add changelog fragment
* Move status variable outside of try block
* Add assertion for calling get_vm_node function
* Use try/catch for module_utils functions
* Update changelogs/fragments/6709-proxmox-create-vm-with-existing-name.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit fb04dc3db2)
Co-authored-by: Sergei Antipov <greendayonfire@gmail.com>
ini_file: try using inactive option before creating a new one (#6575)
* ini_file: make inactive options as active if they exist, instead of creating a new option entry
Add changelog fragment
* Update changelogs/fragments/ini_file-use-inactive-options-when-possible.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test
* Update tests
* Fix spelling
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f710a10f25)
Co-authored-by: njutn95 <njutn95@yahoo.com>
plugins/inventory/cobbler: Collect IP addresses for hosts and add opt… (#6711)
plugins/inventory/cobbler: Collect IP addresses for hosts and add option to collect all DNS name to IP address mappings
(cherry picked from commit 24f27a0bdf)
Co-authored-by: Orion Poplawski <orion@nwra.com>
gitlab_group => Make most options optional (#6712)
* Make most options optional as they should be
* Add filter to create_group instead
* Remove whitespace
* Add changelog fragment
* Added description and extension to fragment
* Update changelogs/fragments/6712-gitlab_group-filtered-for-none-values.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/gitlab_group.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make Python 2.6 compatible.
* Another shot at compatibility.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e85b008036)
Co-authored-by: Intellium <w.moeken@moeken.eu>
keycloak_client_rolemapping.py: add support for subgroups (#6687)
* keycloak_client_rolemapping.py: add support for subgroups
* Add PR number after creating a PR to 6687-support-subgroups-for-keycloak-client-rolemapping.yml
* Update changelogs/fragments/6687-support-subgroups-for-keycloak-client-rolemapping.yml
Add missing URL
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Set a correct version_added (previously it was a copy-paste)
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_client_rolemapping.py
Fix typo after copy-paste
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Mikhail Putilov <Mikhail.Putilov@dimoco.eu>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e06a0e22f7)
Co-authored-by: Mikhail Putilov <post.snowy@gmail.com>
Onepassword lookup add service accounts (#6660)
* add service account token and bypass required fields when service account token is set
* add token to base class
* add Info
* add service_account_token
* add service_account_token
* add documentation
* add service_account_token
* fix E111: indentation is not a multiple of 4
* fix lint problems
* Update plugins/lookup/onepassword_raw.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/onepassword_info.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/onepassword.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add changelog fragment
* change type service_account_token to align to domain option
* add fragment value
* Update changelogs/fragments/6660-onepassword-lookup-service-account.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/onepassword.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* remove service_account_token from onepassword_info.py
* adjust V1 to raise error if service_account_token is set
* adjust V1 to raise error if service_account_token is set
* adjust V1 to raise error if service_account_token is set
* adjust if assert_logged_in
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove double return
* remove new line
* remove new line
* remove new line
* remove spaces
* remove new line
* remove spaces
* Update plugins/lookup/onepassword_raw.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* add _check_required_params
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove _check_required_params
* remove spaces
* Update plugins/lookup/onepassword.py
Co-authored-by: Sam Doran <github@samdoran.com>
* remove code
---------
Co-authored-by: Jan Sagurna <jan.sagurna@sag-solutions.com>
Co-authored-by: Jan Sagurna <58932831+jansagurna@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Doran <github@samdoran.com>
(cherry picked from commit 473e557c2f)
Co-authored-by: Dominik Haßelkuss <Domi-cc@users.noreply.github.com>
Use semantic markup (modules r-s) (#6683)
* Use semantic markup.
* Use 'ignore:' for alias reference.
* Ignore sanity errors for older ansible-core versions.
* Improve markup for RHSM modules.
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
* 'ignore:' is no longer needed.
* E() now works better.
---------
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
(cherry picked from commit eff0cb0ed9)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules o-p) (#6681)
* Use semantic markup.
* Use real option, not alias.
* E() now works better.
(cherry picked from commit 45eb1e3915)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules k-l) (#6678)
* Use semantic markup.
* Use option instead of alias.
(cherry picked from commit c694abbdf9)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules h-j) (#6677)
* Use semantic markup.
* Use 'ignore:' until a new version of antsibull-docs is released.
* 'ignore:' is no longer needed.
* E() now works better.
(cherry picked from commit 3e0d84bdda)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules d-g) (#6672)
* Use semantic markup.
* 'ignore:' is no longer needed.
* E() now works better.
(cherry picked from commit 2ed82e0318)
Co-authored-by: Felix Fontein <felix@fontein.de>
Use semantic markup (modules a-c) (#6671)
* Use semantic markup.
* E() now works better.
(cherry picked from commit 6fc1df9b83)
Co-authored-by: Felix Fontein <felix@fontein.de>
Semantic markup: use E() in more places (#6699)
Use semantic markup.
(cherry picked from commit 7ae8cc9902)
Co-authored-by: Felix Fontein <felix@fontein.de>
ldap: Add client certificate support (#6668)
* Set up secure ldap server
* ldap: Added client cert options
Shamelessly copied from https://github.com/andrewshulgin/ldap_search
* Added tests for ldap client authentication
* Add changelog fragment
* Make sure the openssl commands work on older versions of openssl
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove aliases for new arguments
* Add required_together to ldap module declerations
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit f3ecf4c7f8)
Co-authored-by: Gnonthgol <gnonthgol+github@gmail.com>
plugins/modules/ldap_search: Add support for multipage searches (#6648)
* Add more integration tests for ldap_search
* Add new page_size option to ldap_search
* Add changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Simplify if statement to reduce negatives
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 8801463575)
Co-authored-by: Gnonthgol <gnonthgol+github@gmail.com>
Inspq keycloak role composites (#6469)
* Add composites to keycloak_role module
* Add composites support for realm role in keycloak module_utils
* Clean f.write from keycloak_role module
* keycloak_role support state for realm role composites
* Add support for composites in client role for keycloak_role module
* Add changelog fragment for keycloak role composites PR
* Fix pep8 and validate-modules tests errors
* Update changelogs/fragments/6469-add-composites-support-for-keycloak-role.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
I will try it
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix test_keycloak_role assertion
* Fix role composite compare before update in keycloak_role module
* Fix realm problem with update_role_composites in keycloak.py module_utils
* Add units tests for composites and client roles in keycloak_role module
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change try in is_struct_included and add unit tests for keycloak.py module_utils
* Add integration tests for composites roles and fix bug with non master roles in keycloak_role module
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_role.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* is_struct_included refactor
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 9395df1c6f)
Co-authored-by: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
Fix composites comparison for role in is_struct_included keycloak.py … (#6688)
* Fix composites comparison for role in is_struct_included keycloak.py function
* Add changelog fragment and unit tests
* Update changelogs/fragments/6688-is-struct-included-bug-in-keycloak-py.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 032996e005)
Co-authored-by: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
Proxmox inventory plugin: support composite variables (#6641)
* Added composite var support for proxmox inventory plugin
* Composite variables support for Proxmox nodes in dynamic inventory plugin
Fixes#6640
* Composite variables support for Proxmox nodes in dynamic inventory plugin
Fixes#6640
* Added composite var support for proxmox inventory plugin
* Added composite var support for proxmox inventory plugin
* Update changelogs/fragments/6640-proxmox-composite-variables-support.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 1f6d404deb)
Co-authored-by: Paul Levytskyi <25350788+levytskyip@users.noreply.github.com>
rhsm_repository: deprecate "state=present" and "state=absent" (#6673)
"state=present" is broken, and acts like "disabled"; also, the
subscription repositories cannot be really "added" or "removed", which
is what "present" and "absent" would imply, but only enabled or
disabled. Hence, deprecate both these states, slating them for removal
in community.general 10.0.0.
(cherry picked from commit 2dbe529a90)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
rhsm_release: improve the execution of subscription-manager (#6669)
- pass the arguments to run_command() directly as list, rather than
joining the arguments to string, which run_command() will need to
split again
- disable the expansions of variables, as there are none
Adapt the unit test to the different way run_command() is called,
factorizing the kwargs for run_command() so there is less repetition.
There should be no behaviour changes.
(cherry picked from commit 74ffb29573)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: refactor of internal Rhsm class (#6658)
The two RegistrationBase & Rhsm classes were copied from the ones in the
shared module_utils.redhat module; that said:
- the versions here got improvements over the years
- the RegistrationBase in module_utils.redhat is used only by the RHN
modules, which are deprecated and slated for removal
Hence, the classes here can be kept and simplified a bit:
- fold the non-dummy content of RegistrationBase into Rhsm: there is no
more need for the separate RegistrationBase base class
- drop the init arguments "username", "password", and "token": the
instance variables of them are not used anywhere, as the needed
credentials (together with other variables) are passed to the
register() method
- create the Rhsm object later in main(), after the AnsibleModule
creation and the uid check: this avoids the creation of Rhsm with a
null module variable, changing it later
There should be no behaviour change.
(cherry picked from commit 42f7531f21)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Deprecate module_utils.redhat (#6663)
This module contains bits that are either unused (the Rhsm* classes), or
used only by deprecated modules (the RegistrationBase class).
Considering that the bits here have not seen updates in years, it is
unlikely that anyone is actually using them as "library".
Hence, deprecate the whole module altogether:
- the Rhsm* classes, as not used by anything, are slated for removal in
9.0.0
- the RegistrationBase class is slated for removal in 10.0.0, together
with its only user (i.e. the rhn_register module)
(cherry picked from commit 78c42def04)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
Start using semantic markup (#6627)
* Start using semantic markup.
* Forgot some places.
* Fix typo.
* Use 'ignore:' prefix until https://github.com/ansible-community/antsibull-docs/pull/155 is out.
* Break too long line.
(cherry picked from commit 011b2f8bdc)
Co-authored-by: Felix Fontein <felix@fontein.de>
Fetch secret id's which are in folder by folder id (#6652)
Added function to fetch secret id's by folder id
(cherry picked from commit eddd1ba4f2)
Co-authored-by: delinea-sagar <131447653+delinea-sagar@users.noreply.github.com>
redhat_subscription: deprecate "pool" (#6650)
The "pool" option is slower to use, and the regexp may expand to broader
results than wanted. Because of that, deprecate it in favour of the
"pool_ids" options (which is much better), slating it for removal in
community.general 10.0.0.
(cherry picked from commit 61b889749e)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
redhat_subscription: officially deprecate "autosubscribe" (#6646)
The "autosubscribe" alias for the "auto_attach" option has been
deprecated for many years, although only in the documentation.
Officially mark it as deprecated also in the module parameters spec,
slating it for removal in 9.0.0.
(cherry picked from commit 621bedf751)
Co-authored-by: Pino Toscano <ptoscano@redhat.com>
proxmox_snap: allow set retention for snapshots (#6577)
* proxmox_snap: allow to trim snapshots
* proxmox_snap: add changelog fragment for trim parameter
* proxmox_snap: fix linter issues
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6576-proxmox-snap-allow-trimming.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* proxmox_snap: rename 'trim' into 'retention'
* proxmox_snap: improve docu, as suggested by felixfontein
* proxmox_snap: rename 'trim' in changelog
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/proxmox_snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 7216286466)
Co-authored-by: Alexander Petermann <petermann.a@gmx.net>
MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified (#6644)
* MH mh/mixins/deps.py: prevent deprecation warning when no deps are specified
* rollback empty "patch" on license markers to prevent test error
* disable test in ansible 2.12
* add changelog frag
(cherry picked from commit 494909aba5)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
opentelemetry: add span event attributes (#6531)
* add span event attributes (task name and host name)
* add fragment
* refactor: use set_attributes
* Add same span attributes to the event
* chore: change description in the fragment
* as mentioned in the code review
* use flag to disable the attributes in logs
there are some vendors that might not require those attributes since those details are shown in the UI when accessing the spans, i.e.: jaeger
* Update plugins/callback/opentelemetry.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 58958fc417)
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
snap: aware of channel in installed snaps (#6435)
* [WIP] snap: aware of channel in installed snaps
* parse snap list output and assert whether channel matches
* undo test
* fail rightfully when install with different channel does not work
* transparetent refresh
* rollback comment in integration test
* rollback comment in integration test
* add changelog frag
* Update plugins/modules/snap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b78d1999e1)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
New Proxmox VE modules to handle pools and their membership (#6604)
* New Proxmox VE modules to handle pools and their membership
* Fix pep8 linting errors
* Fix pep8 and compatibility errors
* Add required fields in the documentation
* Typo fix
* Fix pylint errors
* Fix the last one error
* Address review comments
* Fix linting error
* Add integration tests playbook
* Add assert for the diff mode
* Address review comments
* Fix typo in the word
* Fail for non-empty pool even in check_mode
(cherry picked from commit 16abb96bd8)
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
Minor bitwarden plugin req. docs addition (#6613)
The Bitwarden CLI requires a `login` followed by an `unlock` operation.
The later will display a message regarding setting (and exporting) the
`$BW_SESSION` env. var. When using the `bitwarden` lookup plugin, having
the env. var. set and available (exported) to Ansible is critical.
Without it, the plugin will simply return the error:
`Bitwarden Vault locked. Run 'bw unlock'.`
Make this clearer in the requirement documentation.
Signed-off-by: Chris Evich <cevich@redhat.com>
(cherry picked from commit 36e8653cf7)
Co-authored-by: Chris Evich <1183438+cevich@users.noreply.github.com>
proxmox: support param `timezone` when creating container (#6510)
* proxmox: support param `timezone` when creating container
* add changelog fragments for #6510
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Improved param description
* Use major.minor version comparison for options
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
(cherry picked from commit f71a474726)
Co-authored-by: nxet <nxet821@protonmail.com>
proxmox_kvm | Expose timeout param to stopped state (#6570)
* Expose timeout param to stopped state
Forcefully stop virtual machine using timeout param for proxmox vm
shutdown api call.
* Add changelog fragment
* Typo fix in timeout param description
* Update changelogs/fragments/6570-handle-shutdown-timeout.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/proxmox_kvm.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Revert back exception message
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b133aa40c6)
Co-authored-by: Sergei Antipov <s.antipov@mulesoft.com>
proxmox_kvm: support for tpmstate0 parameter (#6533)
* proxmox_kvm: added support for tmpstate
adds hash of options for a TPM state disk, which is required for Windows 11 installations
* updated wrong version in docs
* bump version 7.1.0 -> 7.1.1
* fixed parameter name typo
* updated to pass sanity; assumed version_added to be next major (7.2.0)
* replaced 'tpmstate' with 'tpmstate0'; added suboptions to kvm_args
* fixed line too long
* use get() instead of pop() to preserve verbose invocation.module_args
* update comment to include tpmstate0
* added changelog fragment
* Revert "bump version 7.1.0 -> 7.1.1"
This reverts commit 772ed98dba.
* Include PR link in changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Corrected version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* corrected semantic markup for option name
Co-authored-by: Felix Fontein <felix@fontein.de>
* set suboptions of tpmstate0 to required
* set default for tpmstate0.version (2.0)
* fixed typo
Co-authored-by: Felix Fontein <felix@fontein.de>
* wrapped default version string in quotes
Co-authored-by: Felix Fontein <felix@fontein.de>
* Improve changelog formatting.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 01f21b1d46)
Co-authored-by: Jeff Turner <jeff@torusoft.com>
ini_file: Don't creates new file instead of following symlink (#6546)
* ini_file: Don't creates new file instead of following symlink
This is a bug fix that address a situation where `community.general.ini_file`
was destroying symlinks instead of updating of updating their targets.
Closes: #6470
* ini_file: add the follow parameter
If `poth` points on a symlink and `follow` is true, the `ini_file` plugin
will preserve the symlink and modify the target file.
* adjust the documentation of the new key
- yes/no -> true/false.
- new key will be introduced in 7.1.0.
- clean up the `state=link` part.
(cherry picked from commit c76af60a73)
Co-authored-by: Gonéri Le Bouder <goneri@lebouder.net>
plugins/inventory/cobbler: Add option to use system name for inventory (#6502)
* plugins/inventory/cobbler: Add option to use system name for inventory hostname (#6492)
* plugins/inventory/cobbler: Add warning for systems with empty profiles
(cherry picked from commit 8586adcd51)
Co-authored-by: Orion Poplawski <orion@nwra.com>
mas: disable sign-in check for macOS 12+ (#6520)
* disable sign-in check for macOS 12+
* move is_version_greater func outside class Mas
* fix formatting
* remove trailing whitespace
* make use of LooseVersion to compare versions
* update requirement description
Co-authored-by: Felix Fontein <felix@fontein.de>
* update requirement description link
Co-authored-by: Felix Fontein <felix@fontein.de>
* update constant of macOS version
Co-authored-by: Felix Fontein <felix@fontein.de>
* use updated constant
Co-authored-by: Felix Fontein <felix@fontein.de>
* update getting macOS version
Co-authored-by: Felix Fontein <felix@fontein.de>
* add changelog fragment
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 4373f2f33b)
Co-authored-by: Justine Jose <59870720+justinpjose@users.noreply.github.com>
opkg: remove useless default value for force (#6513)
* opkg: remove useless default value for force
* add changelog frag
* Update changelogs/fragments/6513-opkg-default-force.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* add to force param description
* typo
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e588e675d9)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Fix get_user_by_username in keycloak library (#6568)
* Fix get_user_by_username in keycloak library for keycloak_user_rolemapping module
* Add changelog fragment for keycloak.py bug fix
(cherry picked from commit 27fe14bfc1)
Co-authored-by: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
added handling of zypper exitcode 102: ZYPPER_EXIT_INF_REBOOT_NEEDED (#6534)
* added handling of zypper exitcode 102: ZYPPER_EXIT_INF_REBOOT_NEEDED - Returned after a successful installation of a patch which requires reboot of computer.
The exitcode 102 will be treated exactly like 0 by the module internally now, and the changed status will be reported correctly. However, since I preserve the rc 102 in the retvals to allow the playbook to react to the requested reboot, the task must still include a "failed_when: zypper_cmd.rc not in [0, 102]" to not fail in this case.
* removed trailing whitespaces
* added changelogs fragment
* Fix typo.
Co-authored-by: Alex <alexgubin@gmx.de>
* Add URL.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alex <alexgubin@gmx.de>
(cherry picked from commit a9fd9f8982)
Co-authored-by: tover99 <101673769+tover99@users.noreply.github.com>
Don't require api_password when api_token_id is used in proxmox_tasks_info (#6554)
* Don't require api_password when api_token_id is used in proxmox_tasks_info
* Add changelog fragment
* Fix casing.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 29790df583)
Co-authored-by: Sergei Antipov <greendayonfire@gmail.com>
They are useful only with RHN, which Red Hat discontinued many years
ago, and with Spacewalk 5, which is EOL for more than 3 years;
while they could be potentially used with Uyuni / SUSE Manager (fork of
Spacewalk 5), we have not heard about anyone using it in those setups.
Hence, deprecate these two modules, with their removal planned for
10.0.0 in case there are no reports about being still useful, and
potentially noone that steps up to maintain them.
* nmcli: added new module option 'slave_type' to allow create non-ethernet slave connections
* argument specs updated
* documentation updated
* examples updated
* added warning message when using type='bridge-slave'
* remove trailing whitespace
* Added warnings about rewrite 'slave-type' property when using type one of 'bond-slave', 'bridge-slave', 'team-slave'.
Added module fails when user sets contradicting values of 'slave-type' for types 'bond-slave', 'bridge-slave', 'team-slave'.
Returned back checking for types that can be a slave to assign 'master' and 'slave-type' properties.
* Extending list of slave-conn-types
* Update plugins/modules/nmcli.py
Version updated
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/nmcli.py
Updated documentation for `slave_type`
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Updated argspec's 'required_by' for 'master' property.
* Fixed mistake in property naming in module argspec.
* changelog fragment and module docs updated
* Validation of 'master', 'slave_type' options improved. (rebased)
* Validation of 'master' and 'slave_type' separated to special method.
* Wrote 6 tests for slave_type option behaviour
* Removed erroneously added property 'hairpin'
* Update version_added for 'slave_type'
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update changelogs/fragments/473-nmcli-slave-type-implemented.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Let master be without slave_type
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* dconf - Try to find a Python interpreter that has gi.repository.GLib
If we're invoked in a Python interpreter that doesn't have access to
`gi.repository.GLib`, try to find one that does and respawn the task
in that interpreter.
* ChangeLog fragment for #6491
* Update changelogs/fragments/6491-dconf-respawn.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Simplify import code
* Get rid of ModuleNotFoundError
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat: Allow non-returning SQL statements
- The current implementation fails out when certain statements or
batches do not have resultsets - this limits the usefulness of the
module
- Instead, it is known that statements without resultsets return then
OperationalError exception with text "Statement not executed or
executed statement has no resultset". We will utilize these facts to
accept these statements
- The implementation also assumes that users will always use best-
practices for the script syntax; that is, "GO" will always be
capitalized but this is not strictly required -- update to allow "GO"
to be any mixed-case
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Add changelog fragment for change
- Add changelog fragment for PR 6192
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Improve batching
- Previous batching had shortcomings like making strict assumptions
about the format of the incoming script and did not handle Windows-
based scripts (e.g. \r characters). It also did not handle cases where
there were trailing or leading whitespace characters round the 'GO'
- Added a special case for removing the Byte Order Mark (BOM) character
that may come as part of a script when slurped from some hosts.
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* feat: Use str.splitlines()
- Use of this method is cleaner
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
* Update changelogs/fragments/6192-allow-empty-resultsets.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix: Update transcribing errors
- Replace local namespace with project namespace
- Remove 'return' statement from the module.fail_json call
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
---------
Signed-off-by: Lesley Kimmel <lesley.j.kimmel@gmail.com>
Co-authored-by: Lesley Kimmel <lesleyk@vmware.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
This fix ensures that in case of a project quota, the corresponding project gets initialized, if required.
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
* gconftool2: fix change output
* add changelog frag
* gconftool2: improve visibility on the output
* fix obtaining updated value after `set`
* use issue URL in the changelog fragment
* fix further issues
* fix return value docs + changelog frag
* Update plugins/modules/gconftool2.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix return value doc
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Using ``withbdeps: false`` was causing the underlying emerge command to
fail due to not passing an argument to the ``--with-bdeps`` flag. Fix
by updating the logic for generating the emerge command arguments to
ensure that ``withbdeps: false`` results in a passing an ``n`` argument
with the ``--with-bdeps`` emerge flag.
* office_365_connector_card: Remove references to dev.outlook.com
Remove references to the deprecated dev.outlook.com and update them to the relevant learn.microsoft.com links.
Closed#6262
* Fix PEP 8 line length issue
* Apply suggestions from PR review
* Update plugins/modules/office_365_connector_card.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add keycloak_authz_authorization scope module
This module allows managing Keycloak client authorization scopes. The client has
to have authorization enable for this to work.
* botmeta: make mattock maintainer of keycloak_authz_authorization_scope
* botmeta: add mattock to team_keycloak
* keycloak_authz_authorization_scope: documentation and code layout fixes
* keycloak_authz_authorization_scope: do not fail on names with whitespace
* keycloak_authz_authorization_scope: use url quote method
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authz_authorization_scope: style fixes to documentation
* keycloak_authz_authorization_scope: do not claim check/diff mode support
* keycloak_authz_authorization_scope: fix documentation
* keycloak_authz_authorization_scope: support check_mode and diff_mode
* keycloak_authz_authorization_scope: use more common terminology
Most keycloak modules use before_<object_type> and desired_<object_type> to
designate current and desired states of objects. Do the same for authorization
scopes.
* keycloak_authz_authorization_scope: fixes to check_mode and docs
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* udm_dns_record: minor refactor
* remove unused import
* improve ptr_record zone validation
* add changelog frag
* undo zone validation change as it breaks for IPv6 addresses
* keycloak: Improve API error message
* keycloak: Fix API error message
They key 'provider' is undefined.
* keycloak: Allow the creation of 'form-flow' authentication sub flows
To create something like keycloak's built-in registration flow,
we need to create a subflow with the type 'form-flow'.
* Add changelog fragment 6318
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_authentication: Don't compare subFlowType
It is only useful for creation.
* Update changelogs/fragments/6318-add-form-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx and pipx_info: Document that modules require pipx 0.16.2.1 or above
Since their introduction, these modules rely on 'pipx list --json' to
return machine-readable output about installed pipx applications. That
functionality was introduced in 0.16.2, along with a critical bug fix
(invalid json) in 0.16.2.1.
* pipx: fix state=latest with install_deps=true
"pipx upgrade" stopped supporting the "--include-deps" option
("install_deps" in the ansible module) in pipx 0.15
(https://pypa.github.io/pipx/changelog/#01500).
The lack of support causes the pipx module to fail if attempting to use
state=latest with install_deps, since the parameter is passed to both
pipx install (fine) and pipx upgrade (fails).
* Add changelog fragment
* Initial implementation for new modules btrfs_subvolume and btrfs_info
* Improve/flesh out documentation. Add ability to target filesystem by uuid, label or device. Update tests to test targeting filesystem by each supported parameter and when only mountpoint.
* Updates for btrfs modules. Add missing copyright notices. Switch options to contains in return documentation. Update btrfs_subvolume to always use closest parent mount.
* Add maintainers for btrfs module(s) and remove unused class member cause lint failure.
* Add changelog fragment. Attempt to only run against the VMs as part of CI.
* Updates per code review. Remove changelog fragment. Switch use of map to list comprehension. Add trailing comma to last item in multi-line dicts. Clean up documentation with complete senstences for descriptions and correct/consistent use of macros.
* Improved error handling in btrfs_subvolume module: add custom exception type, favor exceptions over immediate call to fail_json and add single top level return for failure scenarios. Normalize name and snapshot_source parameters early in module execution and remove unecessary duplicate normalization throughout processing.
* Add azp/posix/3 to aliases per feedback
* Clean up automatic mounting. Prevent automount when check_mode=True. Immediately fail if a mount is identified as required and automount=True. Identify the minimal subset of subvolumes that need to be mounted instead of just finding a single common root.
* Skip btrfs_subvolume integration tests if btrfs-progs isn't successfully installed.
* Bump version_added for btrfs modules to 6.6.0. Ensure consistent trailing punctuation for module descriptions and document check_mode behavior as attribute description rather than a module level note.
* Remove unused imports from btrfs_subvolume module.
* Fix import.
* Docs improvements.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* icinga2_host: make use of templates, append vars instead of replacing all vars array.
* Initialize `template` variable. Add changelog fragment.
* Update changelogs/fragments/6286-icinga2_host-template-and-template-vars.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Redfish iDRAC: Added job_id to response for CreateBiosConfigJob
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
* YAML fix to changelog fragment
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
---------
Signed-off-by: Mike Raineri <michael.raineri@dell.com>
* dig: Support multiple domains in a single lookup (#6334)
The docs for this plugin indicated that multiple domains could be
specified at once, but the code did not support multiple domains.
* Address review feedback.
* one_vm: fix syntax error when creating VMs with a more complex template
with more complex templates that make use of quoted strings the new
"render" method fails to produce a template that is accepted by
OpenNebula. ==> escape double quotes in strings to make OpenNebula
happy again.
I also tested whether newlines need to be escaped, looks like they are
fine as they are.
Fixes#6225
* module_utils/opennebula: skip empty values in render
* add nmcli macvlan type
* changelog
* improve docs
* macvlan params
* fix linter and improve module params
* improve_docs
* raise error if type macvlan and macvlan options not set
It turns out that the 'environments' that the D-Bus Register*() APIs
accept are the IDs of the environments, and not the user-facing names of
the environments (which is what the module has been accepting so far).
Since there is no easy way to do the mapping manually, for now use again
the subscription-manager CLI for registering when environments are
specified.
* remote state file exists check
In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists.
```bash
# Test command
terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one
terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy
```
* Update terraform.py
add 1 blank line to function end
* Create 6296-LanceNero-Terraform_statefile_check
remove file exists check (https://github.com/ansible-collections/community.general/pull/6296)
* resolve if case issue
* Add blank line
* Update 6296-LanceNero-Terraform_statefile_check
* Update changelogs/fragments/6296-LanceNero-Terraform_statefile_check
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* update code style
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update suffix to correct CI issue
* Update Code Style
* Update bug-fix to feature release
---------
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* dconf: Correctly handle setting a key that has no value in DB
We need to check if the value in the database is None before we try to
parse it, because the GVariant parser won't accept None as an input
value. By definition if the value is None, i.e., there's no value in
the database, than any value the user is trying to set is a change, so
just indicate that it's a change without trying to compare the None to
whatever the user specified as the value.x
* dconf: Give a more useful error when writing a key fails
if writing a key fails, then include in the error that is returned the
exact key and value aguments that were given to the dconf command, to
assist in diagnosing failures caused by providing the key or value in
the wrong format.x
* dconf: Convert boolean values into the format that dconf expects
Even though we warn users to be careful to specify GVariant strings
for values, a common error is to be trying to specify a boolean string
which ends up getting converted into a boolean by the YAML parser or
Ansible. Then it gets converted to "True" or "False", the string
representations of Python booleans, which are not valid GVariants.
Rather than just failing with an obscure error when this happens,
let's be more user-friendly and detect when the user has specified a
boolean and convert it into the correct GVariant forms, "true" or
"false", so it just works. There's no good reason to be more pedantic
than that.
* Add Puppet skip_tags option
* Include changelog fragment
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* archive: Generate crc32 over 16MiB chunks
Running crc32 over the whole content of the compressed file potentially
requires a lot of RAM. The crc32 function in zlib allows for calculating
the checksum in chunks. This changes the code to calculate the checksum
over 16 MiB chunks instead. 16 MiB is the value also used by
shutil.copyfileobj().
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Change the type of change to bugfix
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6199-archive-generate-checksum-in-chunks.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Factorize the current logic to determine whether use 'environments' as
D-Bus registration option (rather than 'environment') in an own
function, so it is easier to read it and maintain it.
With the small helper function in place, extend the logic to support
CentOS: it is in practice the same as the RHEL one, with an additional
check to support CentOS Stream 8 (which is a rolling release, and not
versioned).
When registering using D-Bus and using a version of subscription-manager
with an unimplemented 'force' option, then unregister manually the
system only if it is registered. 'subscription-manager unregister'
errors out when trying to unregister an already unregistered system.
* pipx: Document parameters supported with state=latest
* pipx: Support "include_injected" with states "upgrade" and "latest"
- Contrary to documentation, "include_injected" doesn't appear to have
worked with state=upgrade since it was introduced.
- Add support for include_injected with "latest", since "latest" is
specified as being install+upgrade.
* Add changelog fragment
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* pipx: Update to correct target release of community.general
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add module to manipulate KDE config files using kwriteconfig
* Fix license issues
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add smeso as kdeconfig.py maintainer
* Fix attributes fragment name
* Fix test
* Do not use shutil.chown
It isn't available on old Python versions
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Added call method to select proper response from xo server
* Added changelog fragment
* Removed excess blank lines
* Moved period in changelog fragment
* Made suggested changes
* Remove f-strings for Python 2.7 compatibility
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Linus Kirkwood <lkirkwood@allette.com.au>
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: fixed idempotency issue with 'may_fail4' when 'method' is 'disabled'
* added note to documentation
* updated changelog fragment
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* add runner_fast_rate option
* unset default value for runner_fast_rate parameter
* add some commas
* Remove default in copy of argspec.
Co-authored-by: Sam Potekhin <eax24@ya.ru>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Sam Potekhin <eax24@ya.ru>
* pipx: Allow injected modules to add apps
Add support for pipx inject's "--include-apps" parameter.
* add changelog fragment
* fix pipx test ("install_apps", not "include_apps")
* fix pipx test -- add a second invocation for install_apps
* Update changelogs/fragments/6198-pipx-inject-install-apps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/pipx.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(ssh_config): proxyjump option
* feat(ssh_config: add proxyjump test
* CamelCase ProxyJump
* add changelog fragment
* Update plugins/modules/ssh_config.py
add version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* update task name to include new proxyjump option
* adding tests for proxyjump option
* fixing assert variable name
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
We simply add a param to allow proxmox administrator to restore VM from
an archives. This new option will be useful to automate automatic
creation and restore of VM.
Co-authored-by: Julian Vanden Broeck <julian.vandenbroeck@dalibo.com>
* clean performs apt-get clean.
* dist_upgrade performs apt-get dist-upgrade.
* update_kernel performs update-kernel to upgrade kernel packages.
* update_cache, clean, dist_upgrade and update_kernel can be used with and without specified packages.
The module currently has a static 'required_if' statement for its
parameters that forces any of 'username' or 'activationkey' or 'token'
in case state=present; while this is generally a good idea, it can be
an extra requirements in some cases. In particular, if the system is
already registered, there is no need for credentials -- some of the
operations of the module, such as manipulating pools, can be done
perfectly without credentials.
Hence:
- change the static 'required_if' to require credentials only when
forcing the registration
- check for credentials manually when a registration is needed, i.e.
on an unregistered system; the fail message is the same as the one
shown by 'required_if'
Adapt the tests to this new situation:
- test_without_required_parameters now needs to mock an unregistered
system
- add a new version of test_without_required_parameters to test an
already registered system
- add a simple test case for only state=present usable on an already
registered system
- remove the credentials from a test case for pool attachment that
mocks an already registered system
subscription-manager on RHEL installs a symlink in /usr/bin to
console-helper (part of usermode), which triggers an interactive prompt
for root credentials when run as user. It seems that console-helper
does not handle well non-interactive contexts (e.g. without a TTY for
input), and thus it will hang waiting for input when run as user in an
Ansible task.
Since subscription-manager requires root already anyway (and it will
fail when explicitly run as user), then apply the same logic locally on
all the modules that interact with it: redhat_subscription,
rhsm_release, and rhsm_repository.
* Replace deprecated error with BadZipFile
* Use imported BadZipFile
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add news fragment
* Update new fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix influxdb_user grants in check mode
When running in check mode, `influxdb_user` will return error when the user doesn't exist yet, instead of reporting `changed` state.
* Update changelogs/fragments/6111-influxdb_user-check-mode.yaml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding support for `-p` option to specify port(s) to scan
* Adding changelog fragment file
* Corrected appending options
* Edit to doc section
* Correction in documentation type
* Fixed `:` use in doc breaking yaml
* Update changelogs/fragments/6165-nmap-port.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Adding usage example
* Adding comment to example that was missed
* Breaking line up, was too long for sanity test 160 char limit
* Still too long since spaces are counted
* Changed type to string to work for a single entry as well as comma separated values
* Update changelogs/fragments/6165-nmap-port.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/inventory/nmap.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* openbsd_pkg: set TERM to 'dumb' in execute_command
Keeps pkg_add happy when someone running ansible is using a TERM that
the managed OpenBSD host does not know about.
Fixes#5738.
Selection of specific TERM from discussion at
https://marc.info/?l=openbsd-tech&m=167290482630534&w=2
* Add changelog fragment for openbsd_pkg TERM fix
* Update changelogs/fragments/6149-openbsd_pkg-term.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Updating yarn.list to not fail when when warnings are emitted
* Adding changelog fragment
* Adding _process_yarn_error function
* - Adding back changes to the changelog fragment
- Fixing formatting
* Fix trailing whitespace
* Update plugins/modules/yarn.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
subscription-manager currently does not have a way to get credentials
(username, password, activation keys, organization ID) in a secure way:
the existing command line parameters can be easily spotted when running
a process listing while 'subscription-manager register' runs.
There is a D-Bus service, which is used by e.g. cockpit and Anaconda to
interface with RHSM (at least for registration and common queries).
Try to perform the registration using D-Bus, in a way very similar to
the work done in convert2rhel [1] (with my help):
- try to do a simple signal test to check whether the system bus works;
inspired by the login in the dconf module
- pass most of the options as registration options; for the few that are
not part of the registration, execute 'subscription-manager' manually
- add quirks for differently working (or not) registration options for
the D-Bus Register*() methods depending on the version of RHEL
- 'subscription-manager register' is used only in case the signal test
is not working; silent fallback in case of D-Bus errors during the
registration is not done on purpose to avoid silent fallback to a less
secure registration
[1] https://github.com/oamg/convert2rhel/pull/540/
It may happen operator wants to get the built command instead of all the
parameters. This change injects a new entry in the dict output, showing
what command way actually launched.
This patch also takes the opportunity to add missing dots to some
documentation lines.
This change reorder the parameters so that we get the mandatory one at
the top, then alphabetically order the other bellow.
It also adds the returned values.
dconf: parse GVariant values to check for equality whenever possible
Direct string comparisons are an inaccurate way to compare two
GVariant representations. For example, 'foo' and "foo" (including the
quote marks, which are part of the representation) are equal GVariants
but if you just do a string compare (remember, including the quotes)
they'll be interpreted.
We therefore want to use the `gi.repository` Python library to parse
GVariant representations before comparing them whenever possible.
However, we don't want to assume that this library will always be
available or require it for Ansible to function, so we use a straight
string comparison as a fallback when the library isn't available. This
may result in some false positives, i.e., Ansible thinking a value is
changing when it actually isn't, but will not result in incorrect
values being written into `dconf`.
Co-authored-by: Jonathan Kamens <jik@jik5.kamens.us>
The fix ensures that no 'KeyError' is raised, when 'access_level' is not provided as module parameter or when 'access_level_on_creation' is false.
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Co-authored-by: Christoph Fiehe <c.fiehe@eurodata.de>
This fixes the following warning on FreeBSD:
[WARNING]: The "jail" connection plugin has an improperly configured
remote target value, forcing "inventory_hostname" templated value
instead of the string
* add persistent option for modprobe
* add suggested changes + fix broken test
* change modprobe module path in tests due to rebase
* change persistent option type from bool to str with choices
* fix unused import
* add example with persistent option
* fix some minor issues after review
- move regexps compiling to __init__
- move AnsibleModule to build_module function and use this function in tests instead of AnsibleModule
- fix terminlogy issue in documentation
* fix unused-import
* Add new project features to API
* add changelog fragment
* remove extra line from changelog
* Update changelog formatting
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* sefcontext: add path substitution support (#1193)
First commit for feedback, missing docs and tests.
* sefcontext: add documentation
* Add changelog fragment
* Documentation formatting
* Delete extra newline
* pep8 fixes
Fix indentation
* Add version_added to arg docs
* Add examples
* Don't delete non-matching path substitutions
* Add integration tests
* Delete only substitutions if such arg passed
Don't delete existing regular file context mappings if deletion of
a path substitution was requested with the presence of the
`equal` arg - delete only path substitutions in such case.
Path substitutions and regular mappings may overlap.
* Can only add args in minor releases
:(
* Cleanup before tests
* Fix deletion using substitution
Was comparing wrong var.
* Fix test checking wrong var
* Improve args documentation and examples
List the default values for selevel, seuser.
Add example for deleting path substitutions only.
* Add attributes documentation block
Not sure if should add become/delegate/async,
shouldn't those work just like that without any
specific code added for them?
* and fix indentation on attribute block
* Consistent indentation for attributes
Confusing, most plugins indent with 4 spaces.
But some use 2 like the rest of the code, so use 2.
* Add missing ref for attribute block
* Use correct c.g version in doc block
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add full stop to changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Streamline documentation
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Support limiting deletion to setype
Deleting file context mappings may be limited by
passing setype or equal, if neither arg is passed
then delete either setype/equal mappings that match.
* Change arg name, diff mode output fix
Change arg name from equal to substitute.
Print target = subsitute in diff mode same way as
semanage does.
Also put back platform attribute, try to improve
clumsy language in the substitute arg docs.
* Delete even if arg setype not match existing
Test 5 indicates that deletion is supposed to not check that
the arg setype passed when deleting matches the setype
of the mapping to delete.
Delete any mapping that matches target, regardless of
setype arg value.
* Update arg name in tests
* Too eager replacing
Accidentally replaced seobject function names so fix them back
* 4564: Fix invalid setype in doc example
Change from httpd_git_rw_content_t which
does not exist to httpd_sys_rw_content_t
Fixes#4564
* Fix documentation attributes
Additional fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update version_added in docs
Bumping minor to 6.4.0 since it didn't make 6.3.0.
* Add more description to the new arg docs
Try to improve discoverability of the new feature and make it easier to understand without deep SELinux understanding.
* Update platform to Linux in documentation
* Add equal as alias for the new argument
Improve discoverability of the new feature by adding an alias to the new module argument. The argument name "equal" will be easy to find for users who are not familiar with SELinux and who just try to match to the CLI tool `semanage`.
* And add alias argument properly
Previous commit missed actually adding the alias (added to docs only).
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* cloudflare_dns: Fix setting SRV records with a root level entry
* cloudflare_dns: Remove the part which deletes the zone from the SRV record name
The cloudflare API accepts the record name + zone name to be sent. Removing that, will guarantee the module to be idempotent even though that line was added ~7 years ago for that specific reason: 7477fe5141
It seems the most logical explanition is that Cloudflare changed their API response somewhere over the last 7 years.
* cloudflare_dns: Update the changelog fragment
* stop passing loader/dataloader since it has been deprecated by ansible
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* add changelog fragment
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* explicitly pass None to keep compatibility to older Ansible versions
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* use try/except to keep things compatible
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
* Update plugins/lookup/cartesian.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/flattened.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/flattened.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/lookup/cartesian.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/6074-loader_in_listify.yml.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(module/keycloak_group): add support for ...
... handling subgroups
* added changelog fragment and fixing sanity ...
... test issues
* more sanity fixes
* fix missing version and review issues
* added missing licence header
* fix docu
* fix line beeing too long
* replaced suboptimal string type prefixing ...
... with better subdict based approach
* fix sanity issues
* more sanity fixing
* fixed more review issues
* fix argument list too long
* why is it failing? something wrong with the docu?
* is it this line then?
* undid group attribute removing, it does not ...
... belong into this PR
* fix version_added for parents parameter
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
* github_webhook: Don't include secret in the config if it's absent
* Add changelogs
* Fix indentation
* Apply suggestion to simplify the check
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: dima1206 <32818228+dima1206@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
When setting allow permissions for particular users or groups
there will be circumstances when that user is not known to the
host system.
In that case the output of `zfs allow <pool/dataset>`
looks similar to this:
$ sudo zfs allow tank/test
---- Permissions on tank/test ---------------------------------------
Local+Descendent permissions:
user (unknown: 1002) hold
user zfsuser receive
The fix in this commit removes ' (unknown: '+')' from the output
leaving only the uid/gid.
This allows the current parser to continue even if the uid/gid
is not known.
This situation occurs most often when moving a zpool from one system
to another that may not have the same users/groups. Simply adding
permissions to a user/group and then deleting the user/group
from the system will cause this situation to occur.
* nmcli: Treat order as significant when comparing address lists
Don't sort the old and new values for ipv4.addresses and
ipv6.addresses before comparing them, because order matters in these
parameters: the first address specified is the default source address
for outbound connections.
* Changelog fragment for #6048
* Update changelogs/fragments/6048-nmcli-addres-order.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update osx_defaults documentation examples
* Include stderr in errors from osx_defaults
* Add Changelog Fragment
* Update changelogs/fragments/6011-osx-defaults-errors.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change format of examples
* Update plugins/modules/osx_defaults.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(modules/keycloak_user_federation): mapper ...
... provider type should have a default value
* add changelog fragment
---------
Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
* fix(zypper): Added condition to check for transactional-update binary to support microos
closes#5615
* style(changelog): Made zypper-change uppercase
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix(zypper): Removed check for /var/lib/misc/transactional-update.state
* feat(zypper): Aligned transactional-update checks with zypper's
* refactor(zypper): Removed dependency to psutil and made use of parsing /proc/mount
* refactor(zypper): Removed need for regex, plus small refactoring
---------
Co-authored-by: André Dörscheln <ad@itesign.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* nmcli: Convert current value of wifi.wake-on-wlan before comparing
The new value of wifi.wake-on-wlan is specified as an integer, but in
the nmcli output it's specified as a hex string followed by a textual
description of it. Therefore, to determine properly whether it's being
changed we need to pull the hex string out of the current value,
convert it into an integer, and finally convert the integer back to a
string so that we can compare it to the new specified value. Without
this change, whenever wifi.wake-on-wlan is specified in the module
arguments the module will think the value is being changed even when
it isn't.
* nmcli: Handle wifi options correctly when connection type not specified
When an nmcli task does not specify the connection type and the module
ask nmcli for it, the module needs to convert nmcli's
`802-11-wireless` to `wifi`, the term for this connection type used by
the module.
* nmcli: Correctly detect values changed to the integer 0
If the user specifies a value of 0 (without quotes) in a task, we
should interpret that as an actual value, not empty, when comparing
the new value to the old one. Otherwise we incorrectly conclude that
there was no change.
* Changelog fragment for #5431
* Add plugin parser functionality to JC Filter Plugin
The parse function was added in jc v1.18.0 which allows plugin parsers to be used. This change will try the new API if available, else fallback to the old API so there is no change in behavior.
* remove whitespace from blank line
* Add changelog fragment for JC plugin parser support
* add .yml extension to file name
* Formatting
* add period at end
* Add attributes to more modules.
* Adjust indentation.
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
---------
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
* Add attributes to more modules.
* Apply suggestions from code review.
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
---------
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>