Force a complete CI run. (#1905)

ci_complete

.azure-pipelines/README.md

@@ -0,0 +1,3 @@
+## Azure Pipelines Configuration
+
+Please see the [Documentation](https://github.com/ansible/community/wiki/Testing:-Azure-Pipelines) for more information.

.azure-pipelines/azure-pipelines.yml

@@ -0,0 +1,323 @@
+trigger:
+  batch: true
+  branches:
+    include:
+      - main
+      - stable-*
+
+pr:
+  autoCancel: true
+  branches:
+    include:
+      - main
+      - stable-*
+
+schedules:
+  - cron: 0 8 * * *
+    displayName: Nightly
+    always: true
+    branches:
+      include:
+        - main
+        - stable-*
+
+variables:
+  - name: checkoutPath
+    value: ansible_collections/community/general
+  - name: coverageBranches
+    value: main
+  - name: pipelinesCoverage
+    value: coverage
+  - name: entryPoint
+    value: tests/utils/shippable/shippable.sh
+  - name: fetchDepth
+    value: 0
+
+resources:
+  containers:
+    - container: default
+      image: quay.io/ansible/azure-pipelines-test-container:1.8.0
+
+pool: Standard
+
+stages:
+### Sanity
+  - stage: Sanity_devel
+    displayName: Sanity devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: devel/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
+            - test: extra
+  - stage: Sanity_2_10
+    displayName: Sanity 2.10
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.10/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
+  - stage: Sanity_2_9
+    displayName: Sanity 2.9
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.9/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
+### Units
+  - stage: Units_devel
+    displayName: Units devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: devel/units/{0}/1
+          targets:
+            - test: 2.6
+            - test: 2.7
+            - test: 3.5
+            - test: 3.6
+            - test: 3.7
+            - test: 3.8
+            - test: 3.9
+  - stage: Units_2_10
+    displayName: Units 2.10
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.10/units/{0}/1
+          targets:
+            - test: 2.6
+            - test: 2.7
+            - test: 3.5
+            - test: 3.6
+            - test: 3.7
+            - test: 3.8
+            - test: 3.9
+  - stage: Units_2_9
+    displayName: Units 2.9
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.9/units/{0}/1
+          targets:
+            - test: 2.6
+            - test: 2.7
+            - test: 3.5
+            - test: 3.6
+            - test: 3.7
+            - test: 3.8
+
+## Remote
+  - stage: Remote_devel
+    displayName: Remote devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: devel/{0}
+          targets:
+            - name: macOS 11.1
+              test: macos/11.1
+            - name: RHEL 7.9
+              test: rhel/7.9
+            - name: RHEL 8.3
+              test: rhel/8.3
+            - name: FreeBSD 11.4
+              test: freebsd/11.4
+            - name: FreeBSD 12.2
+              test: freebsd/12.2
+          groups:
+            - 1
+            - 2
+            - 3
+            - 4
+            - 5
+  - stage: Remote_2_10
+    displayName: Remote 2.10
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.10/{0}
+          targets:
+            - name: OS X 10.11
+              test: osx/10.11
+            - name: macOS 10.15
+              test: macos/10.15
+            - name: macOS 11.1
+              test: macos/11.1
+            - name: RHEL 7.8
+              test: rhel/7.8
+            - name: RHEL 8.2
+              test: rhel/8.2
+            - name: FreeBSD 12.1
+              test: freebsd/12.1
+          groups:
+            - 1
+            - 2
+  - stage: Remote_2_9
+    displayName: Remote 2.9
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.9/{0}
+          targets:
+            - name: RHEL 8.2
+              test: rhel/8.2
+            - name: FreeBSD 12.0
+              test: freebsd/12.0
+          groups:
+            - 1
+            - 2
+
+### Docker
+  - stage: Docker_devel
+    displayName: Docker devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: devel/linux/{0}
+          targets:
+            - name: CentOS 6
+              test: centos6
+            - name: CentOS 7
+              test: centos7
+            - name: CentOS 8
+              test: centos8
+            - name: Fedora 32
+              test: fedora32
+            - name: Fedora 33
+              test: fedora33
+            - name: openSUSE 15 py2
+              test: opensuse15py2
+            - name: openSUSE 15 py3
+              test: opensuse15
+            - name: Ubuntu 18.04
+              test: ubuntu1804
+            - name: Ubuntu 20.04
+              test: ubuntu2004
+          groups:
+            - 1
+            - 2
+            - 3
+            - 4
+            - 5
+  - stage: Docker_2_10
+    displayName: Docker 2.10
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.10/linux/{0}
+          targets:
+            - name: CentOS 8
+              test: centos8
+            - name: Fedora 32
+              test: fedora32
+            - name: openSUSE 15 py3
+              test: opensuse15
+            - name: Ubuntu 16.04
+              test: ubuntu1604
+          groups:
+            - 2
+            - 3
+            - 4
+            - 5
+  - stage: Docker_2_9
+    displayName: Docker 2.9
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.9/linux/{0}
+          targets:
+            - name: CentOS 8
+              test: centos8
+            - name: Fedora 31
+              test: fedora31
+            - name: openSUSE 15 py3
+              test: opensuse15
+          groups:
+            - 2
+            - 3
+            - 4
+            - 5
+
+### Cloud
+  - stage: Cloud_devel
+    displayName: Cloud devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: devel/cloud/{0}/1
+          targets:
+            - test: 2.7
+            - test: 3.6
+  - stage: Cloud_2_10
+    displayName: Cloud 2.10
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.10/cloud/{0}/1
+          targets:
+            - test: 3.6
+  - stage: Cloud_2_9
+    displayName: Cloud 2.9
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.9/cloud/{0}/1
+          targets:
+            - test: 3.6
+  - stage: Summary
+    condition: succeededOrFailed()
+    dependsOn:
+      - Sanity_devel
+      - Sanity_2_9
+      - Sanity_2_10
+      - Units_devel
+      - Units_2_9
+      - Units_2_10
+      - Remote_devel
+      - Remote_2_9
+      - Remote_2_10
+      - Docker_devel
+      - Docker_2_9
+      - Docker_2_10
+      - Cloud_devel
+      - Cloud_2_9
+      - Cloud_2_10
+    jobs:
+      - template: templates/coverage.yml

.azure-pipelines/scripts/aggregate-coverage.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+# Aggregate code coverage results for later processing.
+
+set -o pipefail -eu
+
+agent_temp_directory="$1"
+
+PATH="${PWD}/bin:${PATH}"
+
+mkdir "${agent_temp_directory}/coverage/"
+
+options=(--venv --venv-system-site-packages --color -v)
+
+ansible-test coverage combine --export "${agent_temp_directory}/coverage/" "${options[@]}"
+
+if ansible-test coverage analyze targets generate --help >/dev/null 2>&1; then
+    # Only analyze coverage if the installed version of ansible-test supports it.
+    # Doing so allows this script to work unmodified for multiple Ansible versions.
+    ansible-test coverage analyze targets generate "${agent_temp_directory}/coverage/coverage-analyze-targets.json" "${options[@]}"
+fi

.azure-pipelines/scripts/combine-coverage.py

@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+"""
+Combine coverage data from multiple jobs, keeping the data only from the most recent attempt from each job.
+Coverage artifacts must be named using the format: "Coverage $(System.JobAttempt) {StableUniqueNameForEachJob}"
+The recommended coverage artifact name format is: Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)
+Keep in mind that Azure Pipelines does not enforce unique job display names (only names).
+It is up to pipeline authors to avoid name collisions when deviating from the recommended format.
+"""
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import os
+import re
+import shutil
+import sys
+
+
+def main():
+    """Main program entry point."""
+    source_directory = sys.argv[1]
+
+    if '/ansible_collections/' in os.getcwd():
+        output_path = "tests/output"
+    else:
+        output_path = "test/results"
+
+    destination_directory = os.path.join(output_path, 'coverage')
+
+    if not os.path.exists(destination_directory):
+        os.makedirs(destination_directory)
+
+    jobs = {}
+    count = 0
+
+    for name in os.listdir(source_directory):
+        match = re.search('^Coverage (?P<attempt>[0-9]+) (?P<label>.+)$', name)
+        label = match.group('label')
+        attempt = int(match.group('attempt'))
+        jobs[label] = max(attempt, jobs.get(label, 0))
+
+    for label, attempt in jobs.items():
+        name = 'Coverage {attempt} {label}'.format(label=label, attempt=attempt)
+        source = os.path.join(source_directory, name)
+        source_files = os.listdir(source)
+
+        for source_file in source_files:
+            source_path = os.path.join(source, source_file)
+            destination_path = os.path.join(destination_directory, source_file + '.' + label)
+            print('"%s" -> "%s"' % (source_path, destination_path))
+            shutil.copyfile(source_path, destination_path)
+            count += 1
+
+    print('Coverage file count: %d' % count)
+    print('##vso[task.setVariable variable=coverageFileCount]%d' % count)
+    print('##vso[task.setVariable variable=outputPath]%s' % output_path)
+
+
+if __name__ == '__main__':
+    main()

.azure-pipelines/scripts/process-results.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# Check the test results and set variables for use in later steps.
+
+set -o pipefail -eu
+
+if [[ "$PWD" =~ /ansible_collections/ ]]; then
+    output_path="tests/output"
+else
+    output_path="test/results"
+fi
+
+echo "##vso[task.setVariable variable=outputPath]${output_path}"
+
+if compgen -G "${output_path}"'/junit/*.xml' > /dev/null; then
+    echo "##vso[task.setVariable variable=haveTestResults]true"
+fi
+
+if compgen -G "${output_path}"'/bot/ansible-test-*' > /dev/null; then
+    echo "##vso[task.setVariable variable=haveBotResults]true"
+fi
+
+if compgen -G "${output_path}"'/coverage/*' > /dev/null; then
+    echo "##vso[task.setVariable variable=haveCoverageData]true"
+fi

.azure-pipelines/scripts/publish-codecov.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+# Upload code coverage reports to codecov.io.
+# Multiple coverage files from multiple languages are accepted and aggregated after upload.
+# Python coverage, as well as PowerShell and Python stubs can all be uploaded.
+
+set -o pipefail -eu
+
+output_path="$1"
+
+curl --silent --show-error https://codecov.io/bash > codecov.sh
+
+for file in "${output_path}"/reports/coverage*.xml; do
+    name="${file}"
+    name="${name##*/}"  # remove path
+    name="${name##coverage=}"  # remove 'coverage=' prefix if present
+    name="${name%.xml}"  # remove '.xml' suffix
+
+    bash codecov.sh \
+        -f "${file}" \
+        -n "${name}" \
+        -X coveragepy \
+        -X gcov \
+        -X fix \
+        -X search \
+        -X xcode \
+        || echo "Failed to upload code coverage report to codecov.io: ${file}"
+done

.azure-pipelines/scripts/report-coverage.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+# Generate code coverage reports for uploading to Azure Pipelines and codecov.io.
+
+set -o pipefail -eu
+
+PATH="${PWD}/bin:${PATH}"
+
+if ! ansible-test --help >/dev/null 2>&1; then
+    # Install the devel version of ansible-test for generating code coverage reports.
+    # This is only used by Ansible Collections, which are typically tested against multiple Ansible versions (in separate jobs).
+    # Since a version of ansible-test is required that can work the output from multiple older releases, the devel version is used.
+    pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
+fi
+
+ansible-test coverage xml --stub --venv --venv-system-site-packages --color -v

.azure-pipelines/scripts/run-tests.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+# Configure the test environment and run the tests.
+
+set -o pipefail -eu
+
+entry_point="$1"
+test="$2"
+read -r -a coverage_branches <<< "$3"  # space separated list of branches to run code coverage on for scheduled builds
+
+export COMMIT_MESSAGE
+export COMPLETE
+export COVERAGE
+export IS_PULL_REQUEST
+
+if [ "${SYSTEM_PULLREQUEST_TARGETBRANCH:-}" ]; then
+    IS_PULL_REQUEST=true
+    COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD^2)
+else
+    IS_PULL_REQUEST=
+    COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD)
+fi
+
+COMPLETE=
+COVERAGE=
+
+if [ "${BUILD_REASON}" = "Schedule" ]; then
+    COMPLETE=yes
+
+    if printf '%s\n' "${coverage_branches[@]}" | grep -q "^${BUILD_SOURCEBRANCHNAME}$"; then
+        COVERAGE=yes
+    fi
+fi
+
+"${entry_point}" "${test}" 2>&1 | "$(dirname "$0")/time-command.py"

.azure-pipelines/scripts/time-command.py

@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+"""Prepends a relative timestamp to each input line from stdin and writes it to stdout."""
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import sys
+import time
+
+
+def main():
+    """Main program entry point."""
+    start = time.time()
+
+    sys.stdin.reconfigure(errors='surrogateescape')
+    sys.stdout.reconfigure(errors='surrogateescape')
+
+    for line in sys.stdin:
+        seconds = time.time() - start
+        sys.stdout.write('%02d:%02d %s' % (seconds // 60, seconds % 60, line))
+        sys.stdout.flush()
+
+
+if __name__ == '__main__':
+    main()

.azure-pipelines/templates/coverage.yml

@@ -0,0 +1,39 @@
+# This template adds a job for processing code coverage data.
+# It will upload results to Azure Pipelines and codecov.io.
+# Use it from a job stage that completes after all other jobs have completed.
+# This can be done by placing it in a separate summary stage that runs after the test stage(s) have completed.
+
+jobs:
+  - job: Coverage
+    displayName: Code Coverage
+    container: default
+    workspace:
+      clean: all
+    steps:
+      - checkout: self
+        fetchDepth: $(fetchDepth)
+        path: $(checkoutPath)
+      - task: DownloadPipelineArtifact@2
+        displayName: Download Coverage Data
+        inputs:
+          path: coverage/
+          patterns: "Coverage */*=coverage.combined"
+      - bash: .azure-pipelines/scripts/combine-coverage.py coverage/
+        displayName: Combine Coverage Data
+      - bash: .azure-pipelines/scripts/report-coverage.sh
+        displayName: Generate Coverage Report
+        condition: gt(variables.coverageFileCount, 0)
+      - task: PublishCodeCoverageResults@1
+        inputs:
+          codeCoverageTool: Cobertura
+          # Azure Pipelines only accepts a single coverage data file.
+          # That means only Python or PowerShell coverage can be uploaded, but not both.
+          # Set the "pipelinesCoverage" variable to determine which type is uploaded.
+          # Use "coverage" for Python and "coverage-powershell" for PowerShell.
+          summaryFileLocation: "$(outputPath)/reports/$(pipelinesCoverage).xml"
+        displayName: Publish to Azure Pipelines
+        condition: gt(variables.coverageFileCount, 0)
+      - bash: .azure-pipelines/scripts/publish-codecov.sh "$(outputPath)"
+        displayName: Publish to codecov.io
+        condition: gt(variables.coverageFileCount, 0)
+        continueOnError: true

.azure-pipelines/templates/matrix.yml

@@ -0,0 +1,55 @@
+# This template uses the provided targets and optional groups to generate a matrix which is then passed to the test template.
+# If this matrix template does not provide the required functionality, consider using the test template directly instead.
+
+parameters:
+  # A required list of dictionaries, one per test target.
+  # Each item in the list must contain a "test" or "name" key.
+  # Both may be provided. If one is omitted, the other will be used.
+  - name: targets
+    type: object
+
+  # An optional list of values which will be used to multiply the targets list into a matrix.
+  # Values can be strings or numbers.
+  - name: groups
+    type: object
+    default: []
+
+  # An optional format string used to generate the job name.
+  # - {0} is the name of an item in the targets list.
+  - name: nameFormat
+    type: string
+    default: "{0}"
+
+  # An optional format string used to generate the test name.
+  # - {0} is the name of an item in the targets list.
+  - name: testFormat
+    type: string
+    default: "{0}"
+
+  # An optional format string used to add the group to the job name.
+  # {0} is the formatted name of an item in the targets list.
+  # {{1}} is the group -- be sure to include the double "{{" and "}}".
+  - name: nameGroupFormat
+    type: string
+    default: "{0} - {{1}}"
+
+  # An optional format string used to add the group to the test name.
+  # {0} is the formatted test of an item in the targets list.
+  # {{1}} is the group -- be sure to include the double "{{" and "}}".
+  - name: testGroupFormat
+    type: string
+    default: "{0}/{{1}}"
+
+jobs:
+  - template: test.yml
+    parameters:
+      jobs:
+        - ${{ if eq(length(parameters.groups), 0) }}:
+          - ${{ each target in parameters.targets }}:
+            - name: ${{ format(parameters.nameFormat, coalesce(target.name, target.test)) }}
+              test: ${{ format(parameters.testFormat, coalesce(target.test, target.name)) }}
+        - ${{ if not(eq(length(parameters.groups), 0)) }}:
+          - ${{ each group in parameters.groups }}:
+            - ${{ each target in parameters.targets }}:
+              - name: ${{ format(format(parameters.nameGroupFormat, parameters.nameFormat), coalesce(target.name, target.test), group) }}
+                test: ${{ format(format(parameters.testGroupFormat, parameters.testFormat), coalesce(target.test, target.name), group) }}

.azure-pipelines/templates/test.yml

@@ -0,0 +1,45 @@
+# This template uses the provided list of jobs to create test one or more test jobs.
+# It can be used directly if needed, or through the matrix template.
+
+parameters:
+  # A required list of dictionaries, one per test job.
+  # Each item in the list must contain a "job" and "name" key.
+  - name: jobs
+    type: object
+
+jobs:
+  - ${{ each job in parameters.jobs }}:
+    - job: test_${{ replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_') }}
+      displayName: ${{ job.name }}
+      container: default
+      workspace:
+        clean: all
+      steps:
+        - checkout: self
+          fetchDepth: $(fetchDepth)
+          path: $(checkoutPath)
+        - bash: .azure-pipelines/scripts/run-tests.sh "$(entryPoint)" "${{ job.test }}" "$(coverageBranches)"
+          displayName: Run Tests
+        - bash: .azure-pipelines/scripts/process-results.sh
+          condition: succeededOrFailed()
+          displayName: Process Results
+        - bash: .azure-pipelines/scripts/aggregate-coverage.sh "$(Agent.TempDirectory)"
+          condition: eq(variables.haveCoverageData, 'true')
+          displayName: Aggregate Coverage Data
+        - task: PublishTestResults@2
+          condition: eq(variables.haveTestResults, 'true')
+          inputs:
+            testResultsFiles: "$(outputPath)/junit/*.xml"
+          displayName: Publish Test Results
+        - task: PublishPipelineArtifact@1
+          condition: eq(variables.haveBotResults, 'true')
+          displayName: Publish Bot Results
+          inputs:
+            targetPath: "$(outputPath)/bot/"
+            artifactName: "Bot $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
+        - task: PublishPipelineArtifact@1
+          condition: eq(variables.haveCoverageData, 'true')
+          displayName: Publish Coverage Data
+          inputs:
+            targetPath: "$(Agent.TempDirectory)/coverage/"
+            artifactName: "Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"

.github/BOTMETA.yml

@@ -259,7 +259,7 @@ files:
   $modules/cloud/lxc/lxc_container.py:
     maintainers: cloudnull
   $modules/cloud/lxd/:
-    maintainers: hnakamur
+    ignore: hnakamur
   $modules/cloud/memset/:
     maintainers: glitchcrab
   $modules/cloud/misc/cloud_init_data_facts.py:
@@ -374,7 +374,8 @@ files:
   $modules/clustering/consul/:
     maintainers: $team_consul
   $modules/clustering/etcd3.py:
-    maintainers: evrardjp vfauth
+    maintainers: evrardjp
+    ignore: vfauth
   $modules/clustering/nomad/:
     maintainers: chris93111
   $modules/clustering/pacemaker_cluster.py:
@@ -576,7 +577,7 @@ files:
   $modules/net_tools/nmcli.py:
     maintainers: alcamie101
   $modules/net_tools/snmp_facts.py:
-    maintainers: ogenstad bigmstone ujwalkomarla
+    maintainers: ogenstad ujwalkomarla
   $modules/notification/osx_say.py:
     maintainers: ansible mpdehaan
     labels: _osx_say
@@ -893,8 +894,6 @@ files:
     maintainers: $team_aix
     labels: aix
     keywords: aix efix lpar wpar
-  $modules/system/aix_lvol.py:
-    maintainers: adejoux
   $modules/system/alternatives.py:
     maintainers: mulby
     labels: alternatives
@@ -967,7 +966,7 @@ files:
     maintainers: agaffney
   $modules/system/osx_defaults.py:
     notify: chris-short
-    maintainers: $team_macos
+    maintainers: $team_macos notok
     labels: macos osx_defaults
     keywords: brew cask darwin homebrew macosx macports osx
   $modules/system/pam_limits.py:

CHANGELOG.rst

@@ -5,6 +5,341 @@ Community General Release Notes
 .. contents:: Topics
 
 
+v1.3.7
+======
+
+Release Summary
+---------------
+
+Regular maintenance and bugfix release.
+
+Minor Changes
+-------------
+
+- clc_* modules - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1771).
+- dnsimple - elements of list parameters ``record_ids`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- gitlab_runner - elements of list parameters ``tag_list`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- keycloak_client - elements of list parameters ``default_roles``, ``redirect_uris``, ``web_origins`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- librato_annotation - elements of list parameters ``links`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- lxd_container - elements of list parameter ``profiles`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- mail - elements of list parameters ``to``, ``cc``, ``bcc``, ``attach``, ``headers`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- na_ontap_gather_facts - elements of list parameters ``gather_subset`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- nexmo - elements of list parameters ``dest`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- nsupdate - elements of list parameters ``value`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- omapi_host - elements of list parameters ``statements`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- onepassword_info - elements of list parameters ``search_terms`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- packet_device - elements of list parameters ``device_ids``, ``hostnames`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- pagerduty - elements of list parameters ``service`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- plugins/module_utils/oracle/oci_utils.py - elements of list parameter ``key_by`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- proxmox_kvm module - actually implemented ``vmid`` and ``status`` return values. Updated documentation to reflect current situation (https://github.com/ansible-collections/community.general/issues/1410, https://github.com/ansible-collections/community.general/pull/1715).
+- pubnub_blocks - elements of list parameters ``event_handlers`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- redfish modules - explicitly setting lists' elements to ``str`` (https://github.com/ansible-collections/community.general/pull/1761).
+- redhat_subscription - elements of list parameters ``pool_ids``, ``addons`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- rocketchat - elements of list parameters ``attachments`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- sendgrid - elements of list parameters ``to_addresses``, ``cc``, ``bcc``, ``attachments`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- sl_vm - elements of list parameters ``disks``, ``ssh_keys`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- slack - elements of list parameters ``attachments`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- statusio_maintenance - elements of list parameters ``components``, ``containers`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- twilio - elements of list parameters ``to_numbers`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- vmadm - elements of list parameters ``disks``, ``nics``, ``resolvers``, ``filesystems`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+- xml - elements of list parameters ``add_children``, ``set_children`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+
+Bugfixes
+--------
+
+- aerospike_migration - fix typo that caused ``migrate_tx_key`` instead of ``migrate_rx_key`` being used (https://github.com/ansible-collections/community.general/pull/1739).
+- alternatives - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- beadm - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- chef_databag lookup plugin - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- cobbler_sync, cobbler_system - fix SSL/TLS certificate check when ``validate_certs`` set to ``false`` (https://github.com/ansible-collections/community.general/pull/1880).
+- cronvar - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- dconf - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- deploy_helper - allow ``state=clean`` to be used without defining a ``release`` (https://github.com/ansible-collections/community.general/issues/1852).
+- diy callback plugin - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- elasticsearch_plugin - ``state`` parameter choices must use ``list()`` in python3 (https://github.com/ansible-collections/community.general/pull/1830).
+- filesystem - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- filesystem - remove ``swap`` from list of FS supported by ``resizefs=yes`` (https://github.com/ansible-collections/community.general/issues/790).
+- git_config - prevent ``run_command`` from expanding values (https://github.com/ansible-collections/community.general/issues/1776).
+- gitlab_runner - parameter ``registration_token`` was required but is used only when ``state`` is ``present`` (https://github.com/ansible-collections/community.general/issues/1714).
+- hipchat - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- idrac_redfish_command - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- idrac_redfish_config - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- idrac_redfish_info - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- imc_rest - explicitly logging out instead of registering the call in ```atexit``` (https://github.com/ansible-collections/community.general/issues/1735).
+- infoblox inventory script - make sure that the script also works with Ansible 2.9, and returns a more helpful error when community.general is not installed as part of Ansible 2.10/3 (https://github.com/ansible-collections/community.general/pull/1871).
+- interfaces_file - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- iso_extract - use proper alias deprecation mechanism for ``thirsty`` alias of ``force`` (https://github.com/ansible-collections/community.general/pull/1830).
+- java_cert - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- kibana_plugin - ``state`` parameter choices must use ``list()`` in python3 (https://github.com/ansible-collections/community.general/pull/1830).
+- logstash_plugin - wrapped ``dict.keys()`` with ``list`` for use in ``choices`` setting (https://github.com/ansible-collections/community.general/pull/1830).
+- lvg - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- lvol - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- lxc - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- lxc_container - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- lxc_container - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- lxd_container - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- memcached cache plugin - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- net_tools.nios.api module_utils - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- nios_host_record - allow DNS Bypass for views other than default (https://github.com/ansible-collections/community.general/issues/1786).
+- nomad_job_info - fix module failure when nomad client returns no jobs (https://github.com/ansible-collections/community.general/pull/1721).
+- nsot inventory script - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- oci_vcn - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- oneandone_monitoring_policy - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- parted - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- postgresql_info - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
+- postgresql_ping - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
+- postgresql_query - fix datetime.timedelta type handling (https://github.com/ansible-collections/community.postgresql/issues/47).
+- postgresql_query - fix decimal handling (https://github.com/ansible-collections/community.postgresql/issues/45).
+- postgresql_set - fails in check_mode on non-numeric values containing ``B`` (https://github.com/ansible-collections/community.postgresql/issues/48).
+- postgresql_set - return a message instead of traceback when a passed parameter has not been found (https://github.com/ansible-collections/community.postgresql/issues/41).
+- proxmox* modules - refactored some parameter validation code into use of ``env_fallback``, ``required_if``, ``required_together``, ``required_one_of`` (https://github.com/ansible-collections/community.general/pull/1765).
+- proxmox_kvm - do not add ``args`` if ``proxmox_default_behavior`` is set to no_defaults  (https://github.com/ansible-collections/community.general/issues/1641).
+- proxmox_kvm - fix parameter ``vmid`` passed twice to ``exit_json`` while creating a virtual machine without cloning (https://github.com/ansible-collections/community.general/issues/1875, https://github.com/ansible-collections/community.general/pull/1895).
+- proxmox_kvm - fix undefined local variable ``status`` when the parameter ``state`` is either ``stopped``, ``started``, ``restarted`` or ``absent`` (https://github.com/ansible-collections/community.general/pull/1847).
+- proxmox_kvm - stop implicitly adding ``force`` equal to ``false``. Proxmox API requires not implemented parameters otherwise, and assumes ``force`` to be ``false`` by default anyways (https://github.com/ansible-collections/community.general/pull/1783).
+- redfish_command - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- redfish_config - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- redhat_subscription - ``mutually_exclusive`` was referring to parameter alias instead of name (https://github.com/ansible-collections/community.general/pull/1795).
+- redhat_subscription - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- redis cache plugin - wrapped usages of ``keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- riak - parameters ``wait_for_handoffs`` and ``wait_for_ring`` are ``int`` but the default value was ``false`` (https://github.com/ansible-collections/community.general/pull/1830).
+- rundeck_acl_policy - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- runit - removed unused code, and passing command as ``list`` instead of ``str`` to ``run_command()`` (https://github.com/ansible-collections/community.general/pull/1830).
+- selective callback plugin - adjust import so that the plugin also works with ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/1807).
+- selective callback plugin - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- sensu_check - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- spotinst_aws_elastigroup - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- statusio_maintenance - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- timezone - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).
+- utm_utils module_utils - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- vdo - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+- zfs_delegate_admin - the elements of ``users``, ``groups`` and ``permissions`` are now enforced to be strings (https://github.com/ansible-collections/community.general/pull/1766).
+
+v1.3.6
+======
+
+Release Summary
+---------------
+
+Regular bugfix and security bugfix (potential information leaks in multiple modules, CVE-2021-20191) release.
+
+Minor Changes
+-------------
+
+- scaleway modules and inventory plugin - update regions and zones to add the new ones (https://github.com/ansible-collections/community.general/pull/1690).
+
+Breaking Changes / Porting Guide
+--------------------------------
+
+- utm_proxy_auth_profile - the ``frontend_cookie_secret`` return value now contains a placeholder string instead of the module's ``frontend_cookie_secret`` parameter (https://github.com/ansible-collections/community.general/pull/1736).
+
+Security Fixes
+--------------
+
+- dnsmadeeasy - mark the ``account_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- docker_swarm - enabled ``no_log`` for the option ``signing_ca_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1728).
+- gitlab_runner - mark the ``registration_token`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- hwc_ecs_instance - mark the ``admin_pass`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- ibm_sa_host - mark the ``iscsi_chap_secret`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- keycloak_* modules - mark the ``auth_client_secret`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- keycloak_client - mark the ``registration_access_token`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- librato_annotation - mark the ``api_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- logentries_msg - mark the ``token`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- module_utils/_netapp, na_ontap_gather_facts - enabled ``no_log`` for the options ``api_key`` and ``secret_key`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
+- module_utils/identity/keycloak, keycloak_client, keycloak_clienttemplate, keycloak_group - enabled ``no_log`` for the option ``auth_client_secret`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
+- nios_nsgroup - mark the ``tsig_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- oneandone_firewall_policy, oneandone_load_balancer, oneandone_monitoring_policy, oneandone_private_network, oneandone_public_ip - mark the ``auth_token`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- ovirt - mark the ``instance_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- ovirt - mark the ``instance_rootpw`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- pagerduty_alert - mark the ``api_key``, ``service_key`` and ``integration_key`` parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- pagerduty_change - mark the ``integration_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- pingdom - mark the ``key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- pulp_repo - mark the ``feed_client_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- rax_clb_ssl - mark the ``private_key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- redfish_command - mark the ``update_creds.password`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- rollbar_deployment - mark the ``token`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- spotinst_aws_elastigroup - mark the ``multai_token`` and ``token`` parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- stackdriver - mark the ``key`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+- utm_proxy_auth_profile - enabled ``no_log`` for the option ``frontend_cookie_secret`` to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
+- utm_proxy_auth_profile - mark the ``frontend_cookie_secret`` parameter as ``no_log`` to avoid leakage of secrets. This causes the ``utm_proxy_auth_profile`` return value to no longer containing the correct value, but a placeholder (https://github.com/ansible-collections/community.general/pull/1736).
+
+Bugfixes
+--------
+
+- docker connection plugin - fix Docker version parsing, as some docker versions have a leading ``v`` in the output of the command ``docker version --format "{{.Server.Version}}"`` (https://github.com/ansible-collections/community.docker/pull/76).
+- filesystem - do not fail when ``resizefs=yes`` and ``fstype=xfs`` if there is nothing to do, even if the filesystem is not mounted. This only covers systems supporting access to unmounted XFS filesystems. Others will still fail (https://github.com/ansible-collections/community.general/issues/1457, https://github.com/ansible-collections/community.general/pull/1478).
+- gitlab_user - make updates to the ``isadmin``, ``password`` and ``confirm`` options of an already existing GitLab user work (https://github.com/ansible-collections/community.general/pull/1724).
+- parted - change the regex that decodes the partition size to better support different formats that parted uses. Change the regex that validates parted's version string (https://github.com/ansible-collections/community.general/pull/1695).
+- redfish_info module, redfish_utils module utils - add ``Name`` and ``Id`` properties to output of Redfish inventory commands (https://github.com/ansible-collections/community.general/issues/1650).
+- sensu-silence module - fix json parsing of sensu API responses on Python 3.5 (https://github.com/ansible-collections/community.general/pull/1703).
+
+v1.3.5
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- dnsmadeeasy - fix HTTP 400 errors when creating a TXT record (https://github.com/ansible-collections/community.general/issues/1237).
+- docker_container - allow IPv6 zones (RFC 4007) in bind IPs (https://github.com/ansible-collections/community.docker/pull/66).
+- docker_image - fix crash on loading images with versions of Docker SDK for Python before 2.5.0 (https://github.com/ansible-collections/community.docker/issues/72, https://github.com/ansible-collections/community.docker/pull/73).
+- homebrew - add default search path for ``brew`` on Apple silicon hardware (https://github.com/ansible-collections/community.general/pull/1679).
+- homebrew_cask - add default search path for ``brew`` on Apple silicon hardware (https://github.com/ansible-collections/community.general/pull/1679).
+- homebrew_tap - add default search path for ``brew`` on Apple silicon hardware (https://github.com/ansible-collections/community.general/pull/1679).
+- lldp - use ``get_bin_path`` to locate the ``lldpctl`` executable (https://github.com/ansible-collections/community.general/pull/1643).
+- onepassword lookup plugin - updated to support password items, which place the password field directly in the payload's ``details`` attribute (https://github.com/ansible-collections/community.general/pull/1610).
+- passwordstore lookup plugin - fix compatibility with gopass when used with ``create=true``. While pass returns 1 on a non-existent password, gopass returns 10, or 11, depending on whether a similar named password was stored. We now just check standard output and that the return code is not zero (https://github.com/ansible-collections/community.general/pull/1589).
+- terraform - improve result code checking when executing terraform commands (https://github.com/ansible-collections/community.general/pull/1632).
+
+v1.3.4
+======
+
+Release Summary
+---------------
+
+Bugfix/security release that addresses CVE-2021-20180.
+
+Security Fixes
+--------------
+
+- bitbucket_pipeline_variable - **CVE-2021-20180** - hide user sensitive information which are marked as ``secured`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1635).
+
+Bugfixes
+--------
+
+- npm - handle json decode exception while parsing command line output (https://github.com/ansible-collections/community.general/issues/1614).
+
+v1.3.3
+======
+
+Release Summary
+---------------
+
+Bugfix/security release that addresses CVE-2021-20178.
+
+Major Changes
+-------------
+
+- For community.general 2.0.0, the kubevirt modules will be moved to the `community.kubevirt <https://galaxy.ansible.com/community/kubevirt>`_ collection.
+  A redirection will be inserted so that users using ansible-base 2.10 or newer do not have to change anything.
+
+  If you use Ansible 2.9 and explicitly use kubevirt modules from this collection, you will need to adjust your playbooks and roles to use FQCNs starting with ``community.kubevirt.`` instead of ``community.general.``,
+  for example replace ``community.general.kubevirt_vm`` in a task by ``community.kubevirt.kubevirt_vm``.
+
+  If you use ansible-base and installed ``community.general`` manually and rely on the kubevirt modules, you have to make sure to install the ``community.kubevirt`` collection as well.
+  If you are using FQCNs, for example ``community.general.kubevirt_vm`` instead of ``kubevirt_vm``, it will continue working, but we still recommend to adjust the FQCNs as well.
+
+Security Fixes
+--------------
+
+- snmp_facts - **CVE-2021-20178** - hide user sensitive information such as ``privkey`` and ``authkey`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1621).
+
+Bugfixes
+--------
+
+- terraform - fix ``init_reconfigure`` option for proper CLI args (https://github.com/ansible-collections/community.general/pull/1620).
+
+v1.3.2
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Major Changes
+-------------
+
+- For community.general 2.0.0, the Google modules will be moved to the `community.google <https://galaxy.ansible.com/community/google>`_ collection.
+  A redirection will be inserted so that users using ansible-base 2.10 or newer do not have to change anything.
+
+  If you use Ansible 2.9 and explicitly use Google modules from this collection, you will need to adjust your playbooks and roles to use FQCNs starting with ``community.google.`` instead of ``community.general.``,
+  for example replace ``community.general.gcpubsub`` in a task by ``community.google.gcpubsub``.
+
+  If you use ansible-base and installed ``community.general`` manually and rely on the Google modules, you have to make sure to install the ``community.google`` collection as well.
+  If you are using FQCNs, for example ``community.general.gcpubsub`` instead of ``gcpubsub``, it will continue working, but we still recommend to adjust the FQCNs as well.
+- For community.general 2.0.0, the OC connection plugin will be moved to the `community.okd <https://galaxy.ansible.com/community/okd>`_ collection.
+  A redirection will be inserted so that users using ansible-base 2.10 or newer do not have to change anything.
+
+  If you use Ansible 2.9 and explicitly use OC connection plugin from this collection, you will need to adjust your playbooks and roles to use FQCNs ``community.okd.oc`` instead of ``community.general.oc``.
+
+  If you use ansible-base and installed ``community.general`` manually and rely on the OC connection plugin, you have to make sure to install the ``community.okd`` collection as well.
+  If you are using FQCNs, in other words ``community.general.oc`` instead of ``oc``, it will continue working, but we still recommend to adjust this FQCN as well.
+- For community.general 2.0.0, the hashi_vault lookup plugin will be moved to the `community.hashi_vault <https://galaxy.ansible.com/community/hashi_vault>`_ collection.
+  A redirection will be inserted so that users using ansible-base 2.10 or newer do not have to change anything.
+
+  If you use Ansible 2.9 and explicitly use hashi_vault lookup plugin from this collection, you will need to adjust your playbooks and roles to use FQCNs ``community.hashi_vault.hashi_vault`` instead of ``community.general.hashi_vault``.
+
+  If you use ansible-base and installed ``community.general`` manually and rely on the hashi_vault lookup plugin, you have to make sure to install the ``community.hashi_vault`` collection as well.
+  If you are using FQCNs, in other words ``community.general.hashi_vault`` instead of ``hashi_vault``, it will continue working, but we still recommend to adjust this FQCN as well.
+
+Minor Changes
+-------------
+
+- homebrew_cask - Homebrew will be deprecating use of ``brew cask`` commands as of version 2.6.0, see https://brew.sh/2020/12/01/homebrew-2.6.0/. Added logic to stop using ``brew cask`` for brew version >= 2.6.0 (https://github.com/ansible-collections/community.general/pull/1481).
+- jira - added the traceback output to ``fail_json()`` calls deriving from exceptions (https://github.com/ansible-collections/community.general/pull/1536).
+
+Bugfixes
+--------
+
+- docker_image - if ``push=true`` is used with ``repository``, and the image does not need to be tagged, still push. This can happen if ``repository`` and ``name`` are equal (https://github.com/ansible-collections/community.docker/issues/52, https://github.com/ansible-collections/community.docker/pull/53).
+- docker_image - report error when loading a broken archive that contains no image (https://github.com/ansible-collections/community.docker/issues/46, https://github.com/ansible-collections/community.docker/pull/55).
+- docker_image - report error when the loaded archive does not contain the specified image (https://github.com/ansible-collections/community.docker/issues/41, https://github.com/ansible-collections/community.docker/pull/55).
+- jira - ``fetch`` and ``search`` no longer indicate that something changed (https://github.com/ansible-collections/community.general/pull/1536).
+- jira - ensured parameter ``issue`` is mandatory for operation ``transition`` (https://github.com/ansible-collections/community.general/pull/1536).
+- jira - module no longer incorrectly reports change for information gathering operations (https://github.com/ansible-collections/community.general/pull/1536).
+- jira - replaced custom parameter validation with ``required_if`` (https://github.com/ansible-collections/community.general/pull/1536).
+- launchd - handle deprecated APIs like ``readPlist`` and ``writePlist`` in ``plistlib`` (https://github.com/ansible-collections/community.general/issues/1552).
+- ldap_search - the module no longer incorrectly reports a change (https://github.com/ansible-collections/community.general/issues/1040).
+- make - fixed ``make`` parameter used for check mode when running a non-GNU ``make`` (https://github.com/ansible-collections/community.general/pull/1574).
+- monit - add support for all monit service checks (https://github.com/ansible-collections/community.general/pull/1532).
+- nios_member - fix Python 3 compatibility with nios api ``member_normalize`` function (https://github.com/ansible-collections/community.general/issues/1526).
+- nmcli - remove ``bridge-slave`` from list of IP based connections ((https://github.com/ansible-collections/community.general/issues/1500).
+- pamd - added logic to retain the comment line (https://github.com/ansible-collections/community.general/issues/1394).
+- passwordstore lookup plugin - always use explicit ``show`` command to retrieve password. This ensures compatibility with ``gopass`` and avoids problems when password names equal ``pass`` commands (https://github.com/ansible-collections/community.general/pull/1493).
+- rhn_channel - Python 2.7.5 fails if the certificate should not be validated. Fixed this by creating the correct ``ssl_context`` (https://github.com/ansible-collections/community.general/pull/470).
+- sendgrid - update documentation and warn user about sendgrid Python library version (https://github.com/ansible-collections/community.general/issues/1553).
+- syslogger - update ``syslog.openlog`` API call for older Python versions, and improve error handling (https://github.com/ansible-collections/community.general/issues/953).
+- yaml callback plugin - do not remove non-ASCII Unicode characters from multiline string output (https://github.com/ansible-collections/community.general/issues/1519).
+
+v1.3.1
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- bigpanda - removed the dynamic default for ``host`` param (https://github.com/ansible-collections/community.general/pull/1423).
+- bitbucket_pipeline_variable - change pagination logic for pipeline variable get API (https://github.com/ansible-collections/community.general/issues/1425).
+- cobbler inventory script - add Python 3 support (https://github.com/ansible-collections/community.general/issues/638).
+- docker_container - the validation for ``capabilities`` in ``device_requests`` was incorrect (https://github.com/ansible-collections/community.docker/issues/42, https://github.com/ansible-collections/community.docker/pull/43).
+- git_config - now raises an error for non-existent repository paths (https://github.com/ansible-collections/community.general/issues/630).
+- icinga2_host - fix returning error codes (https://github.com/ansible-collections/community.general/pull/335).
+- jira - provide error message raised from exception (https://github.com/ansible-collections/community.general/issues/1504).
+- json_query - handle ``AnsibleUnicode`` and ``AnsibleUnsafeText`` (https://github.com/ansible-collections/community.general/issues/320).
+- keycloak module_utils - provide meaningful error message to user when auth URL does not start with http or https (https://github.com/ansible-collections/community.general/issues/331).
+- ldap_entry - improvements in documentation, simplifications and replaced code with better ``AnsibleModule`` arguments (https://github.com/ansible-collections/community.general/pull/1516).
+- mas - fix ``invalid literal`` when no app can be found (https://github.com/ansible-collections/community.general/pull/1436).
+- nios_host_record - fix to remove ``aliases`` (CNAMES) for configuration comparison (https://github.com/ansible-collections/community.general/issues/1335).
+- osx_defaults - unquote values and unescape double quotes when reading array values (https://github.com/ansible-collections/community.general/pull/358).
+- profitbricks_nic - removed the dynamic default for ``name`` param (https://github.com/ansible-collections/community.general/pull/1423).
+- profitbricks_nic - replaced code with ``required`` and ``required_if`` (https://github.com/ansible-collections/community.general/pull/1423).
+- redfish_info module, redfish_utils module utils - correct ``PartNumber`` property name in Redfish ``GetMemoryInventory`` command (https://github.com/ansible-collections/community.general/issues/1483).
+- saltstack connection plugin - use ``hashutil.base64_decodefile`` to ensure that the file checksum is preserved (https://github.com/ansible-collections/community.general/pull/1472).
+- udm_user - removed the dynamic default for ``userexpiry`` param (https://github.com/ansible-collections/community.general/pull/1423).
+- utm_network_interface_address - changed param type from invalid 'boolean' to valid 'bool' (https://github.com/ansible-collections/community.general/pull/1423).
+- utm_proxy_exception - four parameters had elements types set as 'string' (invalid), changed to 'str' (https://github.com/ansible-collections/community.general/pull/1399).
+- vmadm - simplification of code (https://github.com/ansible-collections/community.general/pull/1415).
+- xfconf - add in missing return values that are specified in the documentation (https://github.com/ansible-collections/community.general/issues/1418).
+
 v1.3.0
 ======
 

README.md

@@ -1,6 +1,6 @@
 # Community General Collection
 
-[![Run Status](https://api.shippable.com/projects/5e664a167c32620006c9fa50/badge?branch=main)](https://app.shippable.com/github/ansible-collections/community.general/dashboard)
+[![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-1)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
 [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.general)](https://codecov.io/gh/ansible-collections/community.general)
 
 This repo contains the `community.general` Ansible Collection. The collection includes many modules and plugins supported by Ansible community which are not part of more specialized community collections.

changelogs/changelog.yaml

@@ -1568,3 +1568,584 @@ releases:
       name: proxmox_user_info
       namespace: cloud.misc
     release_date: '2020-11-26'
+  1.3.1:
+    changes:
+      bugfixes:
+      - bigpanda - removed the dynamic default for ``host`` param (https://github.com/ansible-collections/community.general/pull/1423).
+      - bitbucket_pipeline_variable - change pagination logic for pipeline variable
+        get API (https://github.com/ansible-collections/community.general/issues/1425).
+      - cobbler inventory script - add Python 3 support (https://github.com/ansible-collections/community.general/issues/638).
+      - docker_container - the validation for ``capabilities`` in ``device_requests``
+        was incorrect (https://github.com/ansible-collections/community.docker/issues/42,
+        https://github.com/ansible-collections/community.docker/pull/43).
+      - git_config - now raises an error for non-existent repository paths (https://github.com/ansible-collections/community.general/issues/630).
+      - icinga2_host - fix returning error codes (https://github.com/ansible-collections/community.general/pull/335).
+      - jira - provide error message raised from exception (https://github.com/ansible-collections/community.general/issues/1504).
+      - json_query - handle ``AnsibleUnicode`` and ``AnsibleUnsafeText`` (https://github.com/ansible-collections/community.general/issues/320).
+      - keycloak module_utils - provide meaningful error message to user when auth
+        URL does not start with http or https (https://github.com/ansible-collections/community.general/issues/331).
+      - ldap_entry - improvements in documentation, simplifications and replaced code
+        with better ``AnsibleModule`` arguments (https://github.com/ansible-collections/community.general/pull/1516).
+      - mas - fix ``invalid literal`` when no app can be found (https://github.com/ansible-collections/community.general/pull/1436).
+      - nios_host_record - fix to remove ``aliases`` (CNAMES) for configuration comparison
+        (https://github.com/ansible-collections/community.general/issues/1335).
+      - osx_defaults - unquote values and unescape double quotes when reading array
+        values (https://github.com/ansible-collections/community.general/pull/358).
+      - profitbricks_nic - removed the dynamic default for ``name`` param (https://github.com/ansible-collections/community.general/pull/1423).
+      - profitbricks_nic - replaced code with ``required`` and ``required_if`` (https://github.com/ansible-collections/community.general/pull/1423).
+      - redfish_info module, redfish_utils module utils - correct ``PartNumber`` property
+        name in Redfish ``GetMemoryInventory`` command (https://github.com/ansible-collections/community.general/issues/1483).
+      - saltstack connection plugin - use ``hashutil.base64_decodefile`` to ensure
+        that the file checksum is preserved (https://github.com/ansible-collections/community.general/pull/1472).
+      - udm_user - removed the dynamic default for ``userexpiry`` param (https://github.com/ansible-collections/community.general/pull/1423).
+      - utm_network_interface_address - changed param type from invalid 'boolean'
+        to valid 'bool' (https://github.com/ansible-collections/community.general/pull/1423).
+      - utm_proxy_exception - four parameters had elements types set as 'string' (invalid),
+        changed to 'str' (https://github.com/ansible-collections/community.general/pull/1399).
+      - vmadm - simplification of code (https://github.com/ansible-collections/community.general/pull/1415).
+      - xfconf - add in missing return values that are specified in the documentation
+        (https://github.com/ansible-collections/community.general/issues/1418).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 1.3.1.yml
+    - 1399-fixed-wrong-elements-type.yaml
+    - 1415-valmod_req_mismatch.yml
+    - 1419-xfconf-return-values.yaml
+    - 1423-valmod_multiple_cases.yml
+    - 1425_bitbucket_pipeline_variable.yml
+    - 1436-mas-fix-no-app-installed.yml
+    - 1472-saltstack-fix-put_file-to-preserve-checksum.yml
+    - 1484-fix-property-name-in-redfish-memory-inventory.yml
+    - 1504_jira.yml
+    - 1516-ldap_entry-improvements.yaml
+    - 320_unsafe_text.yml
+    - 331_keycloak.yml
+    - 335-icinga2_host-return-error-code.yaml
+    - 630-git_config-handling-invalid-dir.yaml
+    - 638_cobbler_py3.yml
+    - community.docker-43-docker_container-device_requests.yml
+    - fix_parsing_array_values_in_osx_defaults.yml
+    - nios_host_record-fix-aliases-removal.yml
+    release_date: '2020-12-21'
+  1.3.2:
+    changes:
+      bugfixes:
+      - docker_image - if ``push=true`` is used with ``repository``, and the image
+        does not need to be tagged, still push. This can happen if ``repository``
+        and ``name`` are equal (https://github.com/ansible-collections/community.docker/issues/52,
+        https://github.com/ansible-collections/community.docker/pull/53).
+      - docker_image - report error when loading a broken archive that contains no
+        image (https://github.com/ansible-collections/community.docker/issues/46,
+        https://github.com/ansible-collections/community.docker/pull/55).
+      - docker_image - report error when the loaded archive does not contain the specified
+        image (https://github.com/ansible-collections/community.docker/issues/41,
+        https://github.com/ansible-collections/community.docker/pull/55).
+      - jira - ``fetch`` and ``search`` no longer indicate that something changed
+        (https://github.com/ansible-collections/community.general/pull/1536).
+      - jira - ensured parameter ``issue`` is mandatory for operation ``transition``
+        (https://github.com/ansible-collections/community.general/pull/1536).
+      - jira - module no longer incorrectly reports change for information gathering
+        operations (https://github.com/ansible-collections/community.general/pull/1536).
+      - jira - replaced custom parameter validation with ``required_if`` (https://github.com/ansible-collections/community.general/pull/1536).
+      - launchd - handle deprecated APIs like ``readPlist`` and ``writePlist`` in
+        ``plistlib`` (https://github.com/ansible-collections/community.general/issues/1552).
+      - ldap_search - the module no longer incorrectly reports a change (https://github.com/ansible-collections/community.general/issues/1040).
+      - make - fixed ``make`` parameter used for check mode when running a non-GNU
+        ``make`` (https://github.com/ansible-collections/community.general/pull/1574).
+      - monit - add support for all monit service checks (https://github.com/ansible-collections/community.general/pull/1532).
+      - nios_member - fix Python 3 compatibility with nios api ``member_normalize``
+        function (https://github.com/ansible-collections/community.general/issues/1526).
+      - nmcli - remove ``bridge-slave`` from list of IP based connections ((https://github.com/ansible-collections/community.general/issues/1500).
+      - pamd - added logic to retain the comment line (https://github.com/ansible-collections/community.general/issues/1394).
+      - passwordstore lookup plugin - always use explicit ``show`` command to retrieve
+        password. This ensures compatibility with ``gopass`` and avoids problems when
+        password names equal ``pass`` commands (https://github.com/ansible-collections/community.general/pull/1493).
+      - rhn_channel - Python 2.7.5 fails if the certificate should not be validated.
+        Fixed this by creating the correct ``ssl_context`` (https://github.com/ansible-collections/community.general/pull/470).
+      - sendgrid - update documentation and warn user about sendgrid Python library
+        version (https://github.com/ansible-collections/community.general/issues/1553).
+      - syslogger - update ``syslog.openlog`` API call for older Python versions,
+        and improve error handling (https://github.com/ansible-collections/community.general/issues/953).
+      - yaml callback plugin - do not remove non-ASCII Unicode characters from multiline
+        string output (https://github.com/ansible-collections/community.general/issues/1519).
+      major_changes:
+      - 'For community.general 2.0.0, the Google modules will be moved to the `community.google
+        <https://galaxy.ansible.com/community/google>`_ collection.
+
+        A redirection will be inserted so that users using ansible-base 2.10 or newer
+        do not have to change anything.
+
+
+        If you use Ansible 2.9 and explicitly use Google modules from this collection,
+        you will need to adjust your playbooks and roles to use FQCNs starting with
+        ``community.google.`` instead of ``community.general.``,
+
+        for example replace ``community.general.gcpubsub`` in a task by ``community.google.gcpubsub``.
+
+
+        If you use ansible-base and installed ``community.general`` manually and rely
+        on the Google modules, you have to make sure to install the ``community.google``
+        collection as well.
+
+        If you are using FQCNs, for example ``community.general.gcpubsub`` instead
+        of ``gcpubsub``, it will continue working, but we still recommend to adjust
+        the FQCNs as well.
+
+        '
+      - 'For community.general 2.0.0, the OC connection plugin will be moved to the
+        `community.okd <https://galaxy.ansible.com/community/okd>`_ collection.
+
+        A redirection will be inserted so that users using ansible-base 2.10 or newer
+        do not have to change anything.
+
+
+        If you use Ansible 2.9 and explicitly use OC connection plugin from this collection,
+        you will need to adjust your playbooks and roles to use FQCNs ``community.okd.oc``
+        instead of ``community.general.oc``.
+
+
+        If you use ansible-base and installed ``community.general`` manually and rely
+        on the OC connection plugin, you have to make sure to install the ``community.okd``
+        collection as well.
+
+        If you are using FQCNs, in other words ``community.general.oc`` instead of
+        ``oc``, it will continue working, but we still recommend to adjust this FQCN
+        as well.
+
+        '
+      - 'For community.general 2.0.0, the hashi_vault lookup plugin will be moved
+        to the `community.hashi_vault <https://galaxy.ansible.com/community/hashi_vault>`_
+        collection.
+
+        A redirection will be inserted so that users using ansible-base 2.10 or newer
+        do not have to change anything.
+
+
+        If you use Ansible 2.9 and explicitly use hashi_vault lookup plugin from this
+        collection, you will need to adjust your playbooks and roles to use FQCNs
+        ``community.hashi_vault.hashi_vault`` instead of ``community.general.hashi_vault``.
+
+
+        If you use ansible-base and installed ``community.general`` manually and rely
+        on the hashi_vault lookup plugin, you have to make sure to install the ``community.hashi_vault``
+        collection as well.
+
+        If you are using FQCNs, in other words ``community.general.hashi_vault`` instead
+        of ``hashi_vault``, it will continue working, but we still recommend to adjust
+        this FQCN as well.
+
+        '
+      minor_changes:
+      - homebrew_cask - Homebrew will be deprecating use of ``brew cask`` commands
+        as of version 2.6.0, see https://brew.sh/2020/12/01/homebrew-2.6.0/. Added
+        logic to stop using ``brew cask`` for brew version >= 2.6.0 (https://github.com/ansible-collections/community.general/pull/1481).
+      - jira - added the traceback output to ``fail_json()`` calls deriving from exceptions
+        (https://github.com/ansible-collections/community.general/pull/1536).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 1.3.2.yml
+    - 1040-ldap_search-changed-must-be-false.yaml
+    - 1394-pamd-removing-comments.yaml
+    - 1481-deprecated-brew-cask-command.yaml
+    - 1493-fix_passwordstore.py_to_be_compatible_with_gopass_versions.yml
+    - 1517-bridge-slave-from-list-of-ip-based-connections.yml
+    - 1522-yaml-callback-unicode.yml
+    - 1527-fix-nios-api-member-normalize.yaml
+    - 1532-monit-support-all-services.yaml
+    - 1552_launchd.yml
+    - 1553_sendgrid.yml
+    - 1574-make-question.yaml
+    - 470-spacewalk-legacy-python-certificate-validation.yaml
+    - 953_syslogger.yml
+    - community.docker-53-docker_image-tag-push.yml
+    - community.docker-55-docker_image-loading.yml
+    - google-migration.yml
+    - hashi_vault-migration.yml
+    - jira_improvements.yaml
+    - oc-migration.yml
+    release_date: '2021-01-04'
+  1.3.3:
+    changes:
+      bugfixes:
+      - terraform - fix ``init_reconfigure`` option for proper CLI args (https://github.com/ansible-collections/community.general/pull/1620).
+      major_changes:
+      - 'For community.general 2.0.0, the kubevirt modules will be moved to the `community.kubevirt
+        <https://galaxy.ansible.com/community/kubevirt>`_ collection.
+
+        A redirection will be inserted so that users using ansible-base 2.10 or newer
+        do not have to change anything.
+
+
+        If you use Ansible 2.9 and explicitly use kubevirt modules from this collection,
+        you will need to adjust your playbooks and roles to use FQCNs starting with
+        ``community.kubevirt.`` instead of ``community.general.``,
+
+        for example replace ``community.general.kubevirt_vm`` in a task by ``community.kubevirt.kubevirt_vm``.
+
+
+        If you use ansible-base and installed ``community.general`` manually and rely
+        on the kubevirt modules, you have to make sure to install the ``community.kubevirt``
+        collection as well.
+
+        If you are using FQCNs, for example ``community.general.kubevirt_vm`` instead
+        of ``kubevirt_vm``, it will continue working, but we still recommend to adjust
+        the FQCNs as well.
+
+        '
+      release_summary: Bugfix/security release that addresses CVE-2021-20178.
+      security_fixes:
+      - snmp_facts - **CVE-2021-20178** - hide user sensitive information such as
+        ``privkey`` and ``authkey`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1621).
+    fragments:
+    - 1.3.3.yml
+    - 1620-terraform_init_reconfigure_fix.yml
+    - kubevirt-migration.yml
+    - snmp_facts.yml
+    release_date: '2021-01-13'
+  1.3.4:
+    changes:
+      bugfixes:
+      - npm - handle json decode exception while parsing command line output (https://github.com/ansible-collections/community.general/issues/1614).
+      release_summary: Bugfix/security release that addresses CVE-2021-20180.
+      security_fixes:
+      - bitbucket_pipeline_variable - **CVE-2021-20180** - hide user sensitive information
+        which are marked as ``secured`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1635).
+    fragments:
+    - 1.3.4.yml
+    - 1614_npm.yml
+    - cve_bitbucket_pipeline_variable.yml
+    release_date: '2021-01-14'
+  1.3.5:
+    changes:
+      bugfixes:
+      - dnsmadeeasy - fix HTTP 400 errors when creating a TXT record (https://github.com/ansible-collections/community.general/issues/1237).
+      - docker_container - allow IPv6 zones (RFC 4007) in bind IPs (https://github.com/ansible-collections/community.docker/pull/66).
+      - docker_image - fix crash on loading images with versions of Docker SDK for
+        Python before 2.5.0 (https://github.com/ansible-collections/community.docker/issues/72,
+        https://github.com/ansible-collections/community.docker/pull/73).
+      - homebrew - add default search path for ``brew`` on Apple silicon hardware
+        (https://github.com/ansible-collections/community.general/pull/1679).
+      - homebrew_cask - add default search path for ``brew`` on Apple silicon hardware
+        (https://github.com/ansible-collections/community.general/pull/1679).
+      - homebrew_tap - add default search path for ``brew`` on Apple silicon hardware
+        (https://github.com/ansible-collections/community.general/pull/1679).
+      - lldp - use ``get_bin_path`` to locate the ``lldpctl`` executable (https://github.com/ansible-collections/community.general/pull/1643).
+      - onepassword lookup plugin - updated to support password items, which place
+        the password field directly in the payload's ``details`` attribute (https://github.com/ansible-collections/community.general/pull/1610).
+      - passwordstore lookup plugin - fix compatibility with gopass when used with
+        ``create=true``. While pass returns 1 on a non-existent password, gopass returns
+        10, or 11, depending on whether a similar named password was stored. We now
+        just check standard output and that the return code is not zero (https://github.com/ansible-collections/community.general/pull/1589).
+      - terraform - improve result code checking when executing terraform commands
+        (https://github.com/ansible-collections/community.general/pull/1632).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 1.3.5.yml
+    - 1589-passwordstore-fix-passwordstore.py-to-be-compatible-with-gopass.yaml
+    - 1610-bugfix-onepassword-lookup-plugin.yaml
+    - 1632-using_check_rc_in_terraform.yml
+    - 1654-dnsmadeeasy-http-400-fixes.yaml
+    - 1679-homebrew_search_path.yml
+    - community.docker-66-ipv6-zones.yml
+    - community.docker-73-docker_image-fix-old-docker-py-version.yml
+    - lldp-use-get_bin_path-to-locate-the-lldpctl-executable.yaml
+    release_date: '2021-01-26'
+  1.3.6:
+    changes:
+      breaking_changes:
+      - utm_proxy_auth_profile - the ``frontend_cookie_secret`` return value now contains
+        a placeholder string instead of the module's ``frontend_cookie_secret`` parameter
+        (https://github.com/ansible-collections/community.general/pull/1736).
+      bugfixes:
+      - docker connection plugin - fix Docker version parsing, as some docker versions
+        have a leading ``v`` in the output of the command ``docker version --format
+        "{{.Server.Version}}"`` (https://github.com/ansible-collections/community.docker/pull/76).
+      - filesystem - do not fail when ``resizefs=yes`` and ``fstype=xfs`` if there
+        is nothing to do, even if the filesystem is not mounted. This only covers
+        systems supporting access to unmounted XFS filesystems. Others will still
+        fail (https://github.com/ansible-collections/community.general/issues/1457,
+        https://github.com/ansible-collections/community.general/pull/1478).
+      - gitlab_user - make updates to the ``isadmin``, ``password`` and ``confirm``
+        options of an already existing GitLab user work (https://github.com/ansible-collections/community.general/pull/1724).
+      - parted - change the regex that decodes the partition size to better support
+        different formats that parted uses. Change the regex that validates parted's
+        version string (https://github.com/ansible-collections/community.general/pull/1695).
+      - redfish_info module, redfish_utils module utils - add ``Name`` and ``Id``
+        properties to output of Redfish inventory commands (https://github.com/ansible-collections/community.general/issues/1650).
+      - sensu-silence module - fix json parsing of sensu API responses on Python 3.5
+        (https://github.com/ansible-collections/community.general/pull/1703).
+      minor_changes:
+      - scaleway modules and inventory plugin - update regions and zones to add the
+        new ones (https://github.com/ansible-collections/community.general/pull/1690).
+      release_summary: Regular bugfix and security bugfix (potential information leaks
+        in multiple modules, CVE-2021-20191) release.
+      security_fixes:
+      - dnsmadeeasy - mark the ``account_key`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - docker_swarm - enabled ``no_log`` for the option ``signing_ca_key`` to prevent
+        accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1728).
+      - gitlab_runner - mark the ``registration_token`` parameter as ``no_log`` to
+        avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - hwc_ecs_instance - mark the ``admin_pass`` parameter as ``no_log`` to avoid
+        leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - ibm_sa_host - mark the ``iscsi_chap_secret`` parameter as ``no_log`` to avoid
+        leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - keycloak_* modules - mark the ``auth_client_secret`` parameter as ``no_log``
+        to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - keycloak_client - mark the ``registration_access_token`` parameter as ``no_log``
+        to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - librato_annotation - mark the ``api_key`` parameter as ``no_log`` to avoid
+        leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - logentries_msg - mark the ``token`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - module_utils/_netapp, na_ontap_gather_facts - enabled ``no_log`` for the options
+        ``api_key`` and ``secret_key`` to prevent accidental disclosure (CVE-2021-20191,
+        https://github.com/ansible-collections/community.general/pull/1725).
+      - module_utils/identity/keycloak, keycloak_client, keycloak_clienttemplate,
+        keycloak_group - enabled ``no_log`` for the option ``auth_client_secret``
+        to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
+      - nios_nsgroup - mark the ``tsig_key`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - oneandone_firewall_policy, oneandone_load_balancer, oneandone_monitoring_policy,
+        oneandone_private_network, oneandone_public_ip - mark the ``auth_token`` parameter
+        as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - ovirt - mark the ``instance_key`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - ovirt - mark the ``instance_rootpw`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - pagerduty_alert - mark the ``api_key``, ``service_key`` and ``integration_key``
+        parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - pagerduty_change - mark the ``integration_key`` parameter as ``no_log`` to
+        avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - pingdom - mark the ``key`` parameter as ``no_log`` to avoid leakage of secrets
+        (https://github.com/ansible-collections/community.general/pull/1736).
+      - pulp_repo - mark the ``feed_client_key`` parameter as ``no_log`` to avoid
+        leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - rax_clb_ssl - mark the ``private_key`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - redfish_command - mark the ``update_creds.password`` parameter as ``no_log``
+        to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - rollbar_deployment - mark the ``token`` parameter as ``no_log`` to avoid leakage
+        of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - spotinst_aws_elastigroup - mark the ``multai_token`` and ``token`` parameters
+        as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - stackdriver - mark the ``key`` parameter as ``no_log`` to avoid leakage of
+        secrets (https://github.com/ansible-collections/community.general/pull/1736).
+      - utm_proxy_auth_profile - enabled ``no_log`` for the option ``frontend_cookie_secret``
+        to prevent accidental disclosure (CVE-2021-20191, https://github.com/ansible-collections/community.general/pull/1725).
+      - utm_proxy_auth_profile - mark the ``frontend_cookie_secret`` parameter as
+        ``no_log`` to avoid leakage of secrets. This causes the ``utm_proxy_auth_profile``
+        return value to no longer containing the correct value, but a placeholder
+        (https://github.com/ansible-collections/community.general/pull/1736).
+    fragments:
+    - 1.3.6.yml
+    - 1478-filesystem-fix-1457-resizefs-idempotency.yml
+    - 1690-scaleway-regions.yaml
+    - 1691-add-name-and-id-props-to-redfish-inventory-output.yml
+    - 1695-parted-updatedregex.yaml
+    - 1703-sensu_silence-fix_json_parsing.yml
+    - 1724-various-fixes-for-updating-existing-gitlab-user.yml
+    - CVE-2021-20191_no_log.yml
+    - CVE-2021-20191_no_log_docker.yml
+    - community.docker-76-leading-v-support-in-docker-version.yml
+    - no_log-fixes.yml
+    release_date: '2021-02-09'
+  1.3.7:
+    changes:
+      bugfixes:
+      - aerospike_migration - fix typo that caused ``migrate_tx_key`` instead of ``migrate_rx_key``
+        being used (https://github.com/ansible-collections/community.general/pull/1739).
+      - 'alternatives - internal refactoring: replaced uses of ``_`` with ``dummy``
+        (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'beadm - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - chef_databag lookup plugin - wrapped usages of ``dict.keys()`` in ``list()``
+        for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - cobbler_sync, cobbler_system - fix SSL/TLS certificate check when ``validate_certs``
+        set to ``false`` (https://github.com/ansible-collections/community.general/pull/1880).
+      - 'cronvar - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'dconf - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - deploy_helper - allow ``state=clean`` to be used without defining a ``release``
+        (https://github.com/ansible-collections/community.general/issues/1852).
+      - diy callback plugin - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - elasticsearch_plugin - ``state`` parameter choices must use ``list()`` in
+        python3 (https://github.com/ansible-collections/community.general/pull/1830).
+      - 'filesystem - internal refactoring: replaced uses of ``_`` with ``dummy``
+        (https://github.com/ansible-collections/community.general/pull/1819).'
+      - filesystem - remove ``swap`` from list of FS supported by ``resizefs=yes``
+        (https://github.com/ansible-collections/community.general/issues/790).
+      - git_config - prevent ``run_command`` from expanding values (https://github.com/ansible-collections/community.general/issues/1776).
+      - gitlab_runner - parameter ``registration_token`` was required but is used
+        only when ``state`` is ``present`` (https://github.com/ansible-collections/community.general/issues/1714).
+      - 'hipchat - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - idrac_redfish_command - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - idrac_redfish_config - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - idrac_redfish_info - wrapped usages of ``dict.keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - imc_rest - explicitly logging out instead of registering the call in ```atexit```
+        (https://github.com/ansible-collections/community.general/issues/1735).
+      - infoblox inventory script - make sure that the script also works with Ansible
+        2.9, and returns a more helpful error when community.general is not installed
+        as part of Ansible 2.10/3 (https://github.com/ansible-collections/community.general/pull/1871).
+      - 'interfaces_file - internal refactoring: replaced uses of ``_`` with ``dummy``
+        (https://github.com/ansible-collections/community.general/pull/1819).'
+      - iso_extract - use proper alias deprecation mechanism for ``thirsty`` alias
+        of ``force`` (https://github.com/ansible-collections/community.general/pull/1830).
+      - 'java_cert - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - kibana_plugin - ``state`` parameter choices must use ``list()`` in python3
+        (https://github.com/ansible-collections/community.general/pull/1830).
+      - logstash_plugin - wrapped ``dict.keys()`` with ``list`` for use in ``choices``
+        setting (https://github.com/ansible-collections/community.general/pull/1830).
+      - 'lvg - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'lvol - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'lxc - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'lxc_container - internal refactoring: replaced uses of ``_`` with ``dummy``
+        (https://github.com/ansible-collections/community.general/pull/1819).'
+      - lxc_container - wrapped usages of ``dict.keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - lxd_container - wrapped usages of ``dict.keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - memcached cache plugin - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - net_tools.nios.api module_utils - wrapped usages of ``dict.keys()`` in ``list()``
+        for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - nios_host_record - allow DNS Bypass for views other than default (https://github.com/ansible-collections/community.general/issues/1786).
+      - nomad_job_info - fix module failure when nomad client returns no jobs (https://github.com/ansible-collections/community.general/pull/1721).
+      - nsot inventory script - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - oci_vcn - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility
+        (https://github.com/ansible-collections/community.general/pull/1861).
+      - oneandone_monitoring_policy - wrapped usages of ``dict.keys()`` in ``list()``
+        for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - 'parted - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - postgresql_info - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
+      - postgresql_ping - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
+      - postgresql_query - fix datetime.timedelta type handling (https://github.com/ansible-collections/community.postgresql/issues/47).
+      - postgresql_query - fix decimal handling (https://github.com/ansible-collections/community.postgresql/issues/45).
+      - postgresql_set - fails in check_mode on non-numeric values containing ``B``
+        (https://github.com/ansible-collections/community.postgresql/issues/48).
+      - postgresql_set - return a message instead of traceback when a passed parameter
+        has not been found (https://github.com/ansible-collections/community.postgresql/issues/41).
+      - proxmox* modules - refactored some parameter validation code into use of ``env_fallback``,
+        ``required_if``, ``required_together``, ``required_one_of`` (https://github.com/ansible-collections/community.general/pull/1765).
+      - proxmox_kvm - do not add ``args`` if ``proxmox_default_behavior`` is set to
+        no_defaults  (https://github.com/ansible-collections/community.general/issues/1641).
+      - proxmox_kvm - fix parameter ``vmid`` passed twice to ``exit_json`` while creating
+        a virtual machine without cloning (https://github.com/ansible-collections/community.general/issues/1875,
+        https://github.com/ansible-collections/community.general/pull/1895).
+      - proxmox_kvm - fix undefined local variable ``status`` when the parameter ``state``
+        is either ``stopped``, ``started``, ``restarted`` or ``absent`` (https://github.com/ansible-collections/community.general/pull/1847).
+      - proxmox_kvm - stop implicitly adding ``force`` equal to ``false``. Proxmox
+        API requires not implemented parameters otherwise, and assumes ``force`` to
+        be ``false`` by default anyways (https://github.com/ansible-collections/community.general/pull/1783).
+      - redfish_command - wrapped usages of ``dict.keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - redfish_config - wrapped usages of ``dict.keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - redhat_subscription - ``mutually_exclusive`` was referring to parameter alias
+        instead of name (https://github.com/ansible-collections/community.general/pull/1795).
+      - redhat_subscription - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - redis cache plugin - wrapped usages of ``keys()`` in ``list()`` for Python
+        3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - riak - parameters ``wait_for_handoffs`` and ``wait_for_ring`` are ``int``
+        but the default value was ``false`` (https://github.com/ansible-collections/community.general/pull/1830).
+      - 'rundeck_acl_policy - internal refactoring: replaced uses of ``_`` with ``dummy``
+        (https://github.com/ansible-collections/community.general/pull/1819).'
+      - runit - removed unused code, and passing command as ``list`` instead of ``str``
+        to ``run_command()`` (https://github.com/ansible-collections/community.general/pull/1830).
+      - selective callback plugin - adjust import so that the plugin also works with
+        ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/1807).
+      - selective callback plugin - wrapped usages of ``dict.keys()`` in ``list()``
+        for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - sensu_check - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3
+        compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - spotinst_aws_elastigroup - wrapped usages of ``dict.keys()`` in ``list()``
+        for Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - 'statusio_maintenance - internal refactoring: replaced uses of ``_`` with
+        ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - 'timezone - internal refactoring: replaced uses of ``_`` with ``dummy`` (https://github.com/ansible-collections/community.general/pull/1819).'
+      - utm_utils module_utils - wrapped usages of ``dict.keys()`` in ``list()`` for
+        Python 3 compatibility (https://github.com/ansible-collections/community.general/pull/1861).
+      - vdo - wrapped usages of ``dict.keys()`` in ``list()`` for Python 3 compatibility
+        (https://github.com/ansible-collections/community.general/pull/1861).
+      - zfs_delegate_admin - the elements of ``users``, ``groups`` and ``permissions``
+        are now enforced to be strings (https://github.com/ansible-collections/community.general/pull/1766).
+      minor_changes:
+      - clc_* modules - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1771).
+      - dnsimple - elements of list parameters ``record_ids`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - gitlab_runner - elements of list parameters ``tag_list`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - keycloak_client - elements of list parameters ``default_roles``, ``redirect_uris``,
+        ``web_origins`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - librato_annotation - elements of list parameters ``links`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - lxd_container - elements of list parameter ``profiles`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - mail - elements of list parameters ``to``, ``cc``, ``bcc``, ``attach``, ``headers``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - na_ontap_gather_facts - elements of list parameters ``gather_subset`` are
+        now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - nexmo - elements of list parameters ``dest`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - nsupdate - elements of list parameters ``value`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - omapi_host - elements of list parameters ``statements`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - onepassword_info - elements of list parameters ``search_terms`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - packet_device - elements of list parameters ``device_ids``, ``hostnames``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - pagerduty - elements of list parameters ``service`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - plugins/module_utils/oracle/oci_utils.py - elements of list parameter ``key_by``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - proxmox_kvm module - actually implemented ``vmid`` and ``status`` return values.
+        Updated documentation to reflect current situation (https://github.com/ansible-collections/community.general/issues/1410,
+        https://github.com/ansible-collections/community.general/pull/1715).
+      - pubnub_blocks - elements of list parameters ``event_handlers`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - redfish modules - explicitly setting lists' elements to ``str`` (https://github.com/ansible-collections/community.general/pull/1761).
+      - redhat_subscription - elements of list parameters ``pool_ids``, ``addons``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - rocketchat - elements of list parameters ``attachments`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - sendgrid - elements of list parameters ``to_addresses``, ``cc``, ``bcc``,
+        ``attachments`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - sl_vm - elements of list parameters ``disks``, ``ssh_keys`` are now validated
+        (https://github.com/ansible-collections/community.general/pull/1795).
+      - slack - elements of list parameters ``attachments`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - statusio_maintenance - elements of list parameters ``components``, ``containers``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - twilio - elements of list parameters ``to_numbers`` are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - vmadm - elements of list parameters ``disks``, ``nics``, ``resolvers``, ``filesystems``
+        are now validated (https://github.com/ansible-collections/community.general/pull/1795).
+      - xml - elements of list parameters ``add_children``, ``set_children`` are now
+        validated (https://github.com/ansible-collections/community.general/pull/1795).
+      release_summary: Regular maintenance and bugfix release.
+    fragments:
+    - 1-community-postgresql_backports.yml
+    - 1.3.7.yml
+    - 1714-gitlab_runner-required-reg-token.yml
+    - 1715-proxmox_kvm-add-vmid-to-returns.yml
+    - 1721-fix-nomad_job_info-no-jobs-failure.yml
+    - 1735-imc-sessions.yml
+    - 1740-aerospike_migration.yml
+    - 1753-document-fstypes-supported-by-resizefs.yml
+    - 1761-redfish-tidy-up-validation.yml
+    - 1765-proxmox-params.yml
+    - 1766-zfs-fixed-sanity.yml
+    - 1771-centurylink-validation-elements.yml
+    - 1776-git_config-tilde_value.yml
+    - 1783-proxmox-kvm-fix-args-500-error.yaml
+    - 1788-ease-nios_host_record-dns-bypass-check.yml
+    - 1795-list-elements-batch1.yml
+    - 1819-tidyup-pylint-blacklistnames.yml
+    - 1830-valmod_docmissingtype_batch1.yml
+    - 1847-proxmox-kvm-fix-status.yml
+    - 1852-deploy-helper-fix-state-is-clean-without-release.yaml
+    - 1861-python3-keys.yml
+    - 1871-infoblox-inventory.yml
+    - 1880-fix_cobbler_system_ssl.yml
+    - 1895-proxmox-kvm-fix-issue-1875.yml
+    - selective-core-2.11.yml
+    release_date: '2021-02-25'

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: community
 name: general
-version: 1.3.0
+version: 1.3.7
 readme: README.md
 authors:
   - Ansible (https://github.com/ansible)

plugins/cache/memcached.py

@@ -161,7 +161,7 @@ class CacheModuleKeys(MutableSet):
         self._cache.set(self.PREFIX, self._keyset)
 
     def remove_by_timerange(self, s_min, s_max):
-        for k in self._keyset.keys():
+        for k in list(self._keyset.keys()):
             t = self._keyset[k]
             if s_min < t < s_max:
                 del self._keyset[k]

plugins/cache/redis.py

@@ -216,14 +216,12 @@ class CacheModule(BaseCacheModule):
         self._db.zrem(self._keys_set, key)
 
     def flush(self):
-        for key in self.keys():
+        for key in list(self.keys()):
             self.delete(key)
 
     def copy(self):
         # TODO: there is probably a better way to do this in redis
-        ret = dict()
-        for key in self.keys():
-            ret[key] = self.get(key)
+        ret = dict([(k, self.get(k)) for k in self.keys()])
         return ret
 
     def __getstate__(self):

plugins/callback/diy.py

@@ -1013,7 +1013,7 @@ class CallbackModule(Default):
             for attr in _stats_attributes:
                 _ret[self.DIY_NS]['stats'].update({attr: _get_value(obj=stats, attr=attr)})
 
-        _ret[self.DIY_NS].update({'top_level_var_names': _ret.keys()})
+        _ret[self.DIY_NS].update({'top_level_var_names': list(_ret.keys())})
 
         return _ret
 

plugins/callback/hipchat.py

@@ -173,8 +173,7 @@ class CallbackModule(CallbackBase):
         # Displays info about playbook being started by a person on an
         # inventory, as well as Tags, Skip Tags and Limits
         if not self.printed_playbook:
-            self.playbook_name, _ = os.path.splitext(
-                os.path.basename(self.play.playbook.filename))
+            self.playbook_name, dummy = os.path.splitext(os.path.basename(self.play.playbook.filename))
             host_list = self.play.playbook.inventory.host_list
             inventory = os.path.basename(os.path.realpath(host_list))
             self.send_msg("%s: Playbook initiated by %s against %s" %

plugins/callback/selective.py

@@ -41,7 +41,16 @@ import difflib
 from ansible import constants as C
 from ansible.plugins.callback import CallbackBase
 from ansible.module_utils._text import to_text
-from ansible.utils.color import codeCodes
+
+try:
+    codeCodes = C.COLOR_CODES
+except AttributeError:
+    # This constant was moved to ansible.constants in
+    # https://github.com/ansible/ansible/commit/1202dd000f10b0e8959019484f1c3b3f9628fc67
+    # (will be included in ansible-core 2.11.0). For older Ansible/ansible-base versions,
+    # we include from the original location.
+    from ansible.utils.color import codeCodes
+
 
 DONT_COLORIZE = False
 COLORS = {
@@ -58,7 +67,7 @@ COLORS = {
 
 def dict_diff(prv, nxt):
     """Return a dict of keys that differ with another config object."""
-    keys = set(prv.keys() + nxt.keys())
+    keys = set(list(prv.keys()) + list(nxt.keys()))
     result = {}
     for k in keys:
         if prv.get(k) != nxt.get(k):

plugins/callback/yaml.py

@@ -50,7 +50,7 @@ def my_represent_scalar(self, tag, value, style=None):
             # ...no trailing space
             value = value.rstrip()
             # ...and non-printable characters
-            value = ''.join(x for x in value if x in string.printable)
+            value = ''.join(x for x in value if x in string.printable or ord(x) >= 0xA0)
             # ...tabs prevent blocks from expanding
             value = value.expandtabs()
             # ...and odd bits of whitespace

plugins/connection/docker.py

@@ -116,7 +116,9 @@ class Connection(ConnectionBase):
 
     @staticmethod
     def _sanitize_version(version):
-        return re.sub(u'[^0-9a-zA-Z.]', u'', version)
+        version = re.sub(u'[^0-9a-zA-Z.]', u'', version)
+        version = re.sub(u'^v', u'', version)
+        return version
 
     def _old_docker_version(self):
         cmd_args = []

plugins/connection/lxc.py

@@ -86,7 +86,7 @@ class Connection(ConnectionBase):
             write_fds = []
         while len(read_fds) > 0 or len(write_fds) > 0:
             try:
-                ready_reads, ready_writes, _ = select.select(read_fds, write_fds, [])
+                ready_reads, ready_writes, dummy = select.select(read_fds, write_fds, [])
             except select.error as e:
                 if e.args[0] == errno.EINTR:
                     continue

plugins/connection/saltstack.py

@@ -19,6 +19,7 @@ DOCUMENTATION = '''
 import re
 import os
 import pty
+import codecs
 import subprocess
 
 from ansible.module_utils._text import to_bytes, to_text
@@ -85,9 +86,9 @@ class Connection(ConnectionBase):
 
         out_path = self._normalize_path(out_path, '/')
         self._display.vvv("PUT %s TO %s" % (in_path, out_path), host=self.host)
-        with open(in_path) as in_fh:
+        with open(in_path, 'rb') as in_fh:
             content = in_fh.read()
-        self.client.cmd(self.host, 'file.write', [out_path, content])
+        self.client.cmd(self.host, 'hashutil.base64_decodefile', [codecs.encode(content, 'base64'), out_path])
 
     # TODO test it
     def fetch_file(self, in_path, out_path):

plugins/doc_fragments/nios.py

@@ -24,7 +24,6 @@ options:
           - Value can also be specified using C(INFOBLOX_HOST) environment
             variable.
         type: str
-        required: true
       username:
         description:
           - Configures the username to use to authenticate the connection to

plugins/doc_fragments/online.py

@@ -15,6 +15,7 @@ options:
     description:
       - Online OAuth token.
     type: str
+    required: true
     aliases: [ oauth_token ]
   api_url:
     description:

plugins/doc_fragments/oracle_creatable_resource.py

@@ -20,4 +20,5 @@ class ModuleDocFragment(object):
                          identify an instance of the resource. By default, all the attributes of a resource except
                          I(freeform_tags) are used to uniquely identify a resource.
             type: list
+            elements: str
     """

plugins/filter/json_query.py

@@ -35,6 +35,9 @@ def json_query(data, expr):
         raise AnsibleError('You need to install "jmespath" prior to running '
                            'json_query filter')
 
+    # Hack to handle Ansible String Types
+    # See issue: https://github.com/ansible-collections/community.general/issues/320
+    jmespath.functions.REVERSE_TYPES_MAP['string'] = jmespath.functions.REVERSE_TYPES_MAP['string'] + ('AnsibleUnicode', 'AnsibleUnsafeText', )
     try:
         return jmespath.search(expr, data)
     except jmespath.exceptions.JMESPathError as e:

plugins/inventory/linode.py

@@ -32,12 +32,10 @@ DOCUMENTATION = r'''
           description: Populate inventory with instances in this region.
           default: []
           type: list
-          required: false
         types:
           description: Populate inventory with instances with this type.
           default: []
           type: list
-          required: false
 '''
 
 EXAMPLES = r'''

plugins/inventory/online.py

@@ -2,18 +2,16 @@
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
 from __future__ import (absolute_import, division, print_function)
-
-
 __metaclass__ = type
 
-DOCUMENTATION = '''
+DOCUMENTATION = r'''
     name: online
     plugin_type: inventory
     author:
       - Remy Leone (@sieben)
-    short_description: Online inventory source
+    short_description: Scaleway (previously Online SAS or Online.net) inventory source
     description:
-        - Get inventory hosts from Online
+        - Get inventory hosts from Scaleway (previously Online SAS or Online.net).
     options:
         plugin:
             description: token that ensures this is a source file for the 'online' plugin.
@@ -45,7 +43,7 @@ DOCUMENTATION = '''
                 - rpn
 '''
 
-EXAMPLES = '''
+EXAMPLES = r'''
 # online_inventory.yml file in YAML format
 # Example command line: ansible-inventory --list -i online_inventory.yml
 

plugins/inventory/proxmox.py

@@ -212,10 +212,8 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
                 if config == 'rootfs' or config.startswith(('virtio', 'sata', 'ide', 'scsi')):
                     value = ('disk_image=' + value)
 
-                if isinstance(value, int) or ',' not in value:
-                    value = value
-                # split off strings with commas to a dict
-                else:
+                if not (isinstance(value, int) or ',' not in value):
+                    # split off strings with commas to a dict
                     # skip over any keys that cannot be processed
                     try:
                         value = dict(key.split("=") for key in value.split(","))

plugins/inventory/scaleway.py

@@ -24,6 +24,8 @@ DOCUMENTATION = '''
             default:
                 - ams1
                 - par1
+                - par2
+                - waw1
         tags:
             description: Filter results on a specific tag
             type: list

plugins/inventory/virtualbox.py

@@ -217,7 +217,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
                     yield host not in v
             yield True
 
-        return all([found_host for found_host in find_host(host, inventory)])
+        return all(find_host(host, inventory))
 
     def verify_file(self, path):
 

plugins/lookup/chef_databag.py

@@ -81,7 +81,7 @@ class LookupModule(LookupBase):
                 )
         if args:
             raise AnsibleError(
-                "unrecognized arguments to with_sequence: %r" % args.keys()
+                "unrecognized arguments to with_sequence: %r" % list(args.keys())
             )
 
     def run(self, terms, variables=None, **kwargs):

plugins/lookup/onepassword.py

@@ -187,8 +187,63 @@ class OnePass(object):
         return rc, out, err
 
     def _parse_field(self, data_json, field_name, section_title=None):
+        """
+        Retrieves the desired field from the `op` response payload
+
+        When the item is a `password` type, the password is a key within the `details` key:
+
+        $ op get item 'test item' | jq
+        {
+          [...]
+          "templateUuid": "005",
+          "details": {
+            "notesPlain": "",
+            "password": "foobar",
+            "passwordHistory": [],
+            "sections": [
+              {
+                "name": "linked items",
+                "title": "Related Items"
+              }
+            ]
+          },
+          [...]
+        }
+
+        However, when the item is a `login` type, the password is within a fields array:
+
+        $ op get item 'test item' | jq
+        {
+          [...]
+          "details": {
+            "fields": [
+              {
+                "designation": "username",
+                "name": "username",
+                "type": "T",
+                "value": "foo"
+              },
+              {
+                "designation": "password",
+                "name": "password",
+                "type": "P",
+                "value": "bar"
+              }
+            ],
+            [...]
+          },
+          [...]
+        """
         data = json.loads(data_json)
         if section_title is None:
+            # https://github.com/ansible-collections/community.general/pull/1610:
+            # check the details dictionary for `field_name` and return it immediately if it exists
+            # when the entry is a "password" instead of a "login" item, the password field is a key
+            # in the `details` dictionary:
+            if field_name in data['details']:
+                return data['details'][field_name]
+
+            # when the field is not found above, iterate through the fields list in the object details
             for field_data in data['details'].get('fields', []):
                 if field_data.get('name', '').lower() == field_name.lower():
                     return field_data.get('value', '')

plugins/lookup/passwordstore.py

@@ -204,7 +204,7 @@ class LookupModule(LookupBase):
     def check_pass(self):
         try:
             self.passoutput = to_text(
-                check_output2(["pass", self.passname], env=self.env),
+                check_output2(["pass", "show", self.passname], env=self.env),
                 errors='surrogate_or_strict'
             ).splitlines()
             self.password = self.passoutput[0]
@@ -214,7 +214,7 @@ class LookupModule(LookupBase):
                     name, value = line.split(':', 1)
                     self.passdict[name.strip()] = value.strip()
         except (subprocess.CalledProcessError) as e:
-            if e.returncode == 1 and 'not in the password store' in e.output:
+            if e.returncode != 0 and 'not in the password store' in e.output:
                 # if pass returns 1 and return string contains 'is not in the password store.'
                 # We need to determine if this is valid or Error.
                 if not self.paramvals['create']:

plugins/lookup/tss.py

@@ -75,7 +75,13 @@ EXAMPLES = r"""
   vars:
       secret: "{{ lookup('community.general.tss', 1) }}"
   tasks:
-      - ansible.builtin.debug: msg="the password is {{ (secret['items'] | items2dict(key_name='slug', value_name='itemValue'))['password'] }}"
+      - ansible.builtin.debug:
+          msg: >
+            the password is {{
+              (secret['items']
+                | items2dict(key_name='slug',
+                             value_name='itemValue'))['password']
+            }}
 """
 
 from ansible.errors import AnsibleError, AnsibleOptionsError

plugins/module_utils/_netapp.py

@@ -142,8 +142,8 @@ def aws_cvs_host_argument_spec():
     return dict(
         api_url=dict(required=True, type='str'),
         validate_certs=dict(required=False, type='bool', default=True),
-        api_key=dict(required=True, type='str'),
-        secret_key=dict(required=True, type='str')
+        api_key=dict(required=True, type='str', no_log=True),
+        secret_key=dict(required=True, type='str', no_log=True)
     )
 
 

plugins/module_utils/cloud.py

@@ -130,7 +130,7 @@ class CloudRetry(object):
                     try:
                         return f(*args, **kwargs)
                     except Exception as e:
-                        if isinstance(e, cls.base_class):
+                        if isinstance(e, cls.base_class):  # pylint: disable=isinstance-second-argument-not-valid-type
                             response_code = cls.status_code_from_exception(e)
                             if cls.found(response_code, catch_extra_error_codes):
                                 msg = "{0}: Retrying in {1} seconds...".format(str(e), delay)

plugins/module_utils/identity/keycloak/keycloak.py

@@ -58,7 +58,7 @@ def keycloak_argument_spec():
         auth_keycloak_url=dict(type='str', aliases=['url'], required=True),
         auth_client_id=dict(type='str', default='admin-cli'),
         auth_realm=dict(type='str', required=True),
-        auth_client_secret=dict(type='str', default=None),
+        auth_client_secret=dict(type='str', default=None, no_log=True),
         auth_username=dict(type='str', aliases=['username'], required=True),
         auth_password=dict(type='str', aliases=['password'], required=True, no_log=True),
         validate_certs=dict(type='bool', default=True)
@@ -75,6 +75,8 @@ class KeycloakError(Exception):
 
 def get_token(base_url, validate_certs, auth_realm, client_id,
               auth_username, auth_password, client_secret):
+    if not base_url.lower().startswith(('http', 'https')):
+        raise KeycloakError("auth_url '%s' should either start with 'http' or 'https'." % base_url)
     auth_url = URL_TOKEN.format(url=base_url, realm=auth_realm)
     temp_payload = {
         'grant_type': 'password',

plugins/module_utils/module_helper.py

@@ -259,7 +259,7 @@ class CmdMixin(object):
 
     def _calculate_args(self, extra_params=None, params=None):
         def add_arg_formatted_param(_cmd_args, arg_format, _value):
-            args = [x for x in arg_format.to_text(_value)]
+            args = list(arg_format.to_text(_value))
             return _cmd_args + args
 
         def find_format(_param):

plugins/module_utils/net_tools/nios/api.py

@@ -144,7 +144,7 @@ def member_normalize(member_spec):
                        'pre_provisioning', 'network_setting', 'v6_network_setting',
                        'ha_port_setting', 'lan_port_setting', 'lan2_physical_setting',
                        'lan_ha_port_setting', 'mgmt_network_setting', 'v6_mgmt_network_setting']
-    for key in member_spec.keys():
+    for key in list(member_spec.keys()):
         if key in member_elements and member_spec[key] is not None:
             member_spec[key] = member_spec[key][0]
         if isinstance(member_spec[key], dict):
@@ -251,13 +251,10 @@ class WapiModule(WapiBase):
                 else:
                     proposed_object[key] = self.module.params[key]
 
-        # If configure_by_dns is set to False, then delete the default dns set in the param else throw exception
+        # If configure_by_dns is set to False and view is 'default', then delete the default dns
         if not proposed_object.get('configure_for_dns') and proposed_object.get('view') == 'default'\
                 and ib_obj_type == NIOS_HOST_RECORD:
             del proposed_object['view']
-        elif not proposed_object.get('configure_for_dns') and proposed_object.get('view') != 'default'\
-                and ib_obj_type == NIOS_HOST_RECORD:
-            self.module.fail_json(msg='DNS Bypass is not allowed if DNS view is set other than \'default\'')
 
         if ib_obj_ref:
             if len(ib_obj_ref) > 1:
@@ -455,6 +452,9 @@ class WapiModule(WapiBase):
                 return False
 
             elif isinstance(proposed_item, list):
+                if key == 'aliases':
+                    if set(current_item) != set(proposed_item):
+                        return False
                 for subitem in proposed_item:
                     if not self.issubset(subitem, current_item):
                         return False
@@ -490,12 +490,12 @@ class WapiModule(WapiBase):
                 else:
                     test_obj_filter = dict([('name', old_name)])
                 # get the object reference
-                ib_obj = self.get_object(ib_obj_type, test_obj_filter, return_fields=ib_spec.keys())
+                ib_obj = self.get_object(ib_obj_type, test_obj_filter, return_fields=list(ib_spec.keys()))
                 if ib_obj:
                     obj_filter['name'] = new_name
                 else:
                     test_obj_filter['name'] = new_name
-                    ib_obj = self.get_object(ib_obj_type, test_obj_filter, return_fields=ib_spec.keys())
+                    ib_obj = self.get_object(ib_obj_type, test_obj_filter, return_fields=list(ib_spec.keys()))
                 update = True
                 return ib_obj, update, new_name
             if (ib_obj_type == NIOS_HOST_RECORD):
@@ -529,7 +529,7 @@ class WapiModule(WapiBase):
             # check if test_obj_filter is empty copy passed obj_filter
             else:
                 test_obj_filter = obj_filter
-            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=list(ib_spec.keys()))
         elif (ib_obj_type == NIOS_A_RECORD):
             # resolves issue where multiple a_records with same name and different IP address
             test_obj_filter = obj_filter
@@ -539,7 +539,7 @@ class WapiModule(WapiBase):
             except TypeError:
                 ipaddr = obj_filter['ipv4addr']
             test_obj_filter['ipv4addr'] = ipaddr
-            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=list(ib_spec.keys()))
         elif (ib_obj_type == NIOS_TXT_RECORD):
             # resolves issue where multiple txt_records with same name and different text
             test_obj_filter = obj_filter
@@ -549,12 +549,12 @@ class WapiModule(WapiBase):
             except TypeError:
                 txt = obj_filter['text']
             test_obj_filter['text'] = txt
-            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, test_obj_filter.copy(), return_fields=list(ib_spec.keys()))
         elif (ib_obj_type == NIOS_ZONE):
             # del key 'restart_if_needed' as nios_zone get_object fails with the key present
             temp = ib_spec['restart_if_needed']
             del ib_spec['restart_if_needed']
-            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=list(ib_spec.keys()))
             # reinstate restart_if_needed if ib_obj is none, meaning there's no existing nios_zone ref
             if not ib_obj:
                 ib_spec['restart_if_needed'] = temp
@@ -562,12 +562,12 @@ class WapiModule(WapiBase):
             # del key 'create_token' as nios_member get_object fails with the key present
             temp = ib_spec['create_token']
             del ib_spec['create_token']
-            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=list(ib_spec.keys()))
             if temp:
                 # reinstate 'create_token' key
                 ib_spec['create_token'] = temp
         else:
-            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=ib_spec.keys())
+            ib_obj = self.get_object(ib_obj_type, obj_filter.copy(), return_fields=list(ib_spec.keys()))
         return ib_obj, update, new_name
 
     def on_update(self, proposed_object, ib_spec):

plugins/module_utils/oracle/oci_utils.py

@@ -104,7 +104,7 @@ def get_common_arg_spec(supports_create=False, supports_wait=False):
 
     if supports_create:
         common_args.update(
-            key_by=dict(type="list"),
+            key_by=dict(type="list", elements="str"),
             force_create=dict(type="bool", default=False),
         )
 

plugins/module_utils/redfish_utils.py

@@ -469,7 +469,7 @@ class RedfishUtils(object):
         controller_results = []
         # Get these entries, but does not fail if not found
         properties = ['CacheSummary', 'FirmwareVersion', 'Identifiers',
-                      'Location', 'Manufacturer', 'Model', 'Name',
+                      'Location', 'Manufacturer', 'Model', 'Name', 'Id',
                       'PartNumber', 'SerialNumber', 'SpeedGbps', 'Status']
         key = "StorageControllers"
 
@@ -1700,7 +1700,7 @@ class RedfishUtils(object):
         chassis_results = []
 
         # Get these entries, but does not fail if not found
-        properties = ['ChassisType', 'PartNumber', 'AssetTag',
+        properties = ['Name', 'Id', 'ChassisType', 'PartNumber', 'AssetTag',
                       'Manufacturer', 'IndicatorLED', 'SerialNumber', 'Model']
 
         # Go through list
@@ -1724,7 +1724,7 @@ class RedfishUtils(object):
         fan_results = []
         key = "Thermal"
         # Get these entries, but does not fail if not found
-        properties = ['FanName', 'Reading', 'ReadingUnits', 'Status']
+        properties = ['Name', 'FanName', 'Reading', 'ReadingUnits', 'Status']
 
         # Go through list
         for chassis_uri in self.chassis_uris:
@@ -1836,8 +1836,8 @@ class RedfishUtils(object):
         cpu_results = []
         key = "Processors"
         # Get these entries, but does not fail if not found
-        properties = ['Id', 'Manufacturer', 'Model', 'MaxSpeedMHz', 'TotalCores',
-                      'TotalThreads', 'Status']
+        properties = ['Id', 'Name', 'Manufacturer', 'Model', 'MaxSpeedMHz',
+                      'TotalCores', 'TotalThreads', 'Status']
 
         # Search for 'key' entry and extract URI from it
         response = self.get_request(self.root_uri + systems_uri)
@@ -1886,7 +1886,7 @@ class RedfishUtils(object):
         memory_results = []
         key = "Memory"
         # Get these entries, but does not fail if not found
-        properties = ['SerialNumber', 'MemoryDeviceType', 'PartNuber',
+        properties = ['Id', 'SerialNumber', 'MemoryDeviceType', 'PartNumber',
                       'MemoryLocation', 'RankCount', 'CapacityMiB', 'OperatingMemoryModes', 'Status', 'Manufacturer', 'Name']
 
         # Search for 'key' entry and extract URI from it
@@ -1943,7 +1943,7 @@ class RedfishUtils(object):
         nic_results = []
         key = "EthernetInterfaces"
         # Get these entries, but does not fail if not found
-        properties = ['Description', 'FQDN', 'IPv4Addresses', 'IPv6Addresses',
+        properties = ['Name', 'Id', 'Description', 'FQDN', 'IPv4Addresses', 'IPv6Addresses',
                       'NameServers', 'MACAddress', 'PermanentMACAddress',
                       'SpeedMbps', 'MTUSize', 'AutoNeg', 'Status']
 
@@ -2368,7 +2368,7 @@ class RedfishUtils(object):
         properties = ['Status', 'HostName', 'PowerState', 'Model', 'Manufacturer',
                       'PartNumber', 'SystemType', 'AssetTag', 'ServiceTag',
                       'SerialNumber', 'SKU', 'BiosVersion', 'MemorySummary',
-                      'ProcessorSummary', 'TrustedModules']
+                      'ProcessorSummary', 'TrustedModules', 'Name', 'Id']
 
         response = self.get_request(self.root_uri + systems_uri)
         if response['ret'] is False:

plugins/module_utils/scaleway.py

@@ -169,8 +169,14 @@ SCALEWAY_LOCATION = {
     'par1': {'name': 'Paris 1', 'country': 'FR', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/fr-par-1'},
     'EMEA-FR-PAR1': {'name': 'Paris 1', 'country': 'FR', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/fr-par-1'},
 
+    'par2': {'name': 'Paris 2', 'country': 'FR', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/fr-par-2'},
+    'EMEA-FR-PAR2': {'name': 'Paris 2', 'country': 'FR', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/fr-par-2'},
+
     'ams1': {'name': 'Amsterdam 1', 'country': 'NL', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/nl-ams-1'},
-    'EMEA-NL-EVS': {'name': 'Amsterdam 1', 'country': 'NL', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/nl-ams-1'}
+    'EMEA-NL-EVS': {'name': 'Amsterdam 1', 'country': 'NL', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/nl-ams-1'},
+
+    'waw1': {'name': 'Warsaw 1', 'country': 'PL', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/pl-waw-1'},
+    'EMEA-PL-WAW1': {'name': 'Warsaw 1', 'country': 'PL', "api_endpoint": 'https://api.scaleway.com/instance/v1/zones/pl-waw-1'},
 }
 
 SCALEWAY_ENDPOINT = "https://api.scaleway.com"
@@ -178,9 +184,12 @@ SCALEWAY_ENDPOINT = "https://api.scaleway.com"
 SCALEWAY_REGIONS = [
     "fr-par",
     "nl-ams",
+    "pl-waw",
 ]
 
 SCALEWAY_ZONES = [
     "fr-par-1",
+    "fr-par-2",
     "nl-ams-1",
+    "pl-waw-1",
 ]

plugins/module_utils/utm_utils.py

@@ -84,7 +84,7 @@ class UTM:
             raise UTMModuleConfigurationError(
                 "The keys " + to_native(
                     self.change_relevant_keys) + " to check are not in the modules keys:\n" + to_native(
-                    module.params.keys()))
+                    list(module.params.keys())))
 
     def execute(self):
         try:

plugins/modules/cloud/centurylink/clc_alert_policy.py

@@ -32,6 +32,7 @@ options:
       - A list of recipient email ids to notify the alert.
         This is required for state 'present'
     type: list
+    elements: str
   metric:
     description:
       - The metric on which to measure the condition that will trigger the alert.
@@ -217,18 +218,18 @@ class ClcAlertPolicy:
         :return: argument spec dictionary
         """
         argument_spec = dict(
-            name=dict(default=None),  # @FIXME default=None is redundant - remove all
-            id=dict(default=None),
-            alias=dict(required=True, default=None),
-            alert_recipients=dict(type='list', default=None),
+            name=dict(),
+            id=dict(),
+            alias=dict(required=True),
+            alert_recipients=dict(type='list', elements='str'),
             metric=dict(
                 choices=[
                     'cpu',
                     'memory',
                     'disk'],
                 default=None),
-            duration=dict(type='str', default=None),
-            threshold=dict(type='int', default=None),
+            duration=dict(type='str'),
+            threshold=dict(type='int'),
             state=dict(default='present', choices=['present', 'absent'])
         )
         mutually_exclusive = [

plugins/modules/cloud/centurylink/clc_blueprint_package.py

@@ -18,6 +18,7 @@ options:
       - A list of server Ids to deploy the blue print package.
     type: list
     required: True
+    elements: str
   package_id:
     description:
       - The package id of the blue print.
@@ -164,7 +165,7 @@ class ClcBlueprintPackage:
         :return: the package dictionary object
         """
         argument_spec = dict(
-            server_ids=dict(type='list', required=True),
+            server_ids=dict(type='list', elements='str', required=True),
             package_id=dict(required=True),
             package_params=dict(type='dict', default={}),
             wait=dict(default=True),   # @FIXME should be bool?

plugins/modules/cloud/centurylink/clc_firewall_policy.py

@@ -29,17 +29,20 @@ options:
       - The list  of source addresses for traffic on the originating firewall.
         This is required when state is 'present'
     type: list
+    elements: str
   destination:
     description:
       - The list of destination addresses for traffic on the terminating firewall.
         This is required when state is 'present'
     type: list
+    elements: str
   ports:
     description:
       - The list of ports associated with the policy.
         TCP and UDP can take in single ports or port ranges.
       - "Example: C(['any', 'icmp', 'TCP/123', 'UDP/123', 'TCP/123-456', 'UDP/123-456'])."
     type: list
+    elements: str
   firewall_policy_id:
     description:
       - Id of the firewall policy. This is required to update or delete an existing firewall policy
@@ -214,12 +217,12 @@ class ClcFirewallPolicy:
         """
         argument_spec = dict(
             location=dict(required=True),
-            source_account_alias=dict(required=True, default=None),   # @FIXME remove default=None
-            destination_account_alias=dict(default=None),
-            firewall_policy_id=dict(default=None),
-            ports=dict(default=None, type='list'),
-            source=dict(default=None, type='list'),
-            destination=dict(default=None, type='list'),
+            source_account_alias=dict(required=True),
+            destination_account_alias=dict(),
+            firewall_policy_id=dict(),
+            ports=dict(type='list', elements='str'),
+            source=dict(type='list', elements='str'),
+            destination=dict(type='list', elements='str'),
             wait=dict(default=True),   # @FIXME type=bool
             state=dict(default='present', choices=['present', 'absent']),
             enabled=dict(default=True, choices=[True, False])

plugins/modules/cloud/centurylink/clc_loadbalancer.py

@@ -53,6 +53,7 @@ options:
       - A list of nodes that needs to be added to the load balancer pool
     type: list
     default: []
+    elements: dict
   status:
     description:
       - The status of the loadbalancer
@@ -869,7 +870,7 @@ class ClcLoadBalancer:
             port=dict(choices=[80, 443]),
             method=dict(choices=['leastConnection', 'roundRobin']),
             persistence=dict(choices=['standard', 'sticky']),
-            nodes=dict(type='list', default=[]),
+            nodes=dict(type='list', default=[], elements='dict'),
             status=dict(default='enabled', choices=['enabled', 'disabled']),
             state=dict(
                 default='present',

plugins/modules/cloud/centurylink/clc_modify_server.py

@@ -18,6 +18,7 @@ options:
       - A list of server Ids to modify.
     type: list
     required: True
+    elements: str
   cpu:
     description:
       - How many CPUs to update on the server
@@ -396,7 +397,7 @@ class ClcModifyServer:
         :return: argument spec dictionary
         """
         argument_spec = dict(
-            server_ids=dict(type='list', required=True),
+            server_ids=dict(type='list', required=True, elements='str'),
             state=dict(default='present', choices=['present', 'absent']),
             cpu=dict(),
             memory=dict(),

plugins/modules/cloud/centurylink/clc_publicip.py

@@ -23,11 +23,13 @@ options:
     description:
       - A list of ports to expose. This is required when state is 'present'
     type: list
+    elements: int
   server_ids:
     description:
       - A list of servers to create public ips on.
     type: list
     required: True
+    elements: str
   state:
     description:
       - Determine whether to create or delete public IPs. If present module will not create a second public ip if one
@@ -193,9 +195,9 @@ class ClcPublicIp(object):
         :return: argument spec dictionary
         """
         argument_spec = dict(
-            server_ids=dict(type='list', required=True),
+            server_ids=dict(type='list', required=True, elements='str'),
             protocol=dict(default='TCP', choices=['TCP', 'UDP', 'ICMP']),
-            ports=dict(type='list'),
+            ports=dict(type='list', elements='int'),
             wait=dict(type='bool', default=True),
             state=dict(default='present', choices=['present', 'absent']),
         )

plugins/modules/cloud/centurylink/clc_server.py

@@ -17,6 +17,7 @@ options:
     description:
       - The list of additional disks for the server
     type: list
+    elements: dict
     default: []
   add_public_ip:
     description:
@@ -66,6 +67,7 @@ options:
       - The list of custom fields to set on the server.
     type: list
     default: []
+    elements: dict
   description:
     description:
       - The description to set for the server.
@@ -111,6 +113,7 @@ options:
     description:
       - The list of blue print packages to run on the server after its created.
     type: list
+    elements: dict
     default: []
   password:
     description:
@@ -130,6 +133,7 @@ options:
     description:
       - A list of ports to allow on the firewall to the servers public ip, if add_public_ip is set to True.
     type: list
+    elements: dict
     default: []
   secondary_dns:
     description:
@@ -141,6 +145,7 @@ options:
         A list of server Ids to insure are started, stopped, or absent.
     type: list
     default: []
+    elements: str
   source_server_password:
     description:
       - The password for the source server if a clone is specified.
@@ -575,8 +580,8 @@ class ClcServer:
             type=dict(default='standard', choices=['standard', 'hyperscale', 'bareMetal']),
             primary_dns=dict(default=None),
             secondary_dns=dict(default=None),
-            additional_disks=dict(type='list', default=[]),
-            custom_fields=dict(type='list', default=[]),
+            additional_disks=dict(type='list', default=[], elements='dict'),
+            custom_fields=dict(type='list', default=[], elements='dict'),
             ttl=dict(default=None),
             managed_os=dict(type='bool', default=False),
             description=dict(default=None),
@@ -586,7 +591,7 @@ class ClcServer:
             anti_affinity_policy_name=dict(default=None),
             alert_policy_id=dict(default=None),
             alert_policy_name=dict(default=None),
-            packages=dict(type='list', default=[]),
+            packages=dict(type='list', default=[], elements='dict'),
             state=dict(
                 default='present',
                 choices=[
@@ -597,7 +602,7 @@ class ClcServer:
             count=dict(type='int', default=1),
             exact_count=dict(type='int', default=None),
             count_group=dict(),
-            server_ids=dict(type='list', default=[]),
+            server_ids=dict(type='list', default=[], elements='str'),
             add_public_ip=dict(type='bool', default=False),
             public_ip_protocol=dict(
                 default='TCP',
@@ -605,7 +610,7 @@ class ClcServer:
                     'TCP',
                     'UDP',
                     'ICMP']),
-            public_ip_ports=dict(type='list', default=[]),
+            public_ip_ports=dict(type='list', default=[], elements='dict'),
             configuration_id=dict(default=None),
             os_type=dict(default=None,
                          choices=[

plugins/modules/cloud/centurylink/clc_server_snapshot.py

@@ -18,6 +18,7 @@ options:
       - The list of CLC server Ids.
     type: list
     required: True
+    elements: str
   expiration_days:
     description:
       - The number of days to keep the server snapshot before it expires.
@@ -330,7 +331,7 @@ class ClcSnapshot:
         :return: the package dictionary object
         """
         argument_spec = dict(
-            server_ids=dict(type='list', required=True),
+            server_ids=dict(type='list', required=True, elements='str'),
             expiration_days=dict(default=7, type='int'),
             wait=dict(default=True),
             state=dict(

plugins/modules/cloud/docker/docker_container.py

@@ -1451,13 +1451,12 @@ class TaskParameters(DockerBaseClass):
                 # Make sure that capabilities are lists of lists of strings
                 if dr['capabilities']:
                     for or_index, or_list in enumerate(dr['capabilities']):
-                        for and_index, and_list in enumerate(or_list):
-                            for term_index, term in enumerate(and_list):
-                                if not isinstance(term, string_types):
-                                    self.fail(
-                                        "device_requests[{0}].capabilities[{1}][{2}][{3}] is not a string".format(
-                                            dr_index, or_index, and_index, term_index))
-                                and_list[term_index] = to_native(term)
+                        for and_index, and_term in enumerate(or_list):
+                            if not isinstance(and_term, string_types):
+                                self.fail(
+                                    "device_requests[{0}].capabilities[{1}][{2}] is not a string".format(
+                                        dr_index, or_index, and_index))
+                            or_list[and_index] = to_native(and_term)
                 # Make sure that options is a dictionary mapping strings to strings
                 if dr['options']:
                     dr['options'] = clean_dict_booleans_for_docker_api(dr['options'])
@@ -1722,7 +1721,7 @@ class TaskParameters(DockerBaseClass):
             elif p_len == 3:
                 # We only allow IPv4 and IPv6 addresses for the bind address
                 ipaddr = parts[0]
-                if not re.match(r'^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$', parts[0]) and not re.match(r'^\[[0-9a-fA-F:]+\]$', ipaddr):
+                if not re.match(r'^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$', parts[0]) and not re.match(r'^\[[0-9a-fA-F:]+(?:|%[^\]/]+)\]$', ipaddr):
                     self.fail(('Bind addresses for published ports must be IPv4 or IPv6 addresses, not hostnames. '
                                'Use the dig lookup to resolve hostnames. (Found hostname: {0})').format(ipaddr))
                 if re.match(r'^\[[0-9a-fA-F:]+\]$', ipaddr):

plugins/modules/cloud/docker/docker_image.py

@@ -698,8 +698,8 @@ class ImageManager(DockerBaseClass):
                 if image and image['Id'] == self.results['image']['Id']:
                     self.results['changed'] = False
 
-                if push:
-                    self.push_image(repo, repo_tag)
+        if push:
+            self.push_image(repo, repo_tag)
 
     def build_image(self):
         '''
@@ -749,7 +749,7 @@ class ImageManager(DockerBaseClass):
             # line = json.loads(line)
             self.log(line, pretty_print=True)
             if "stream" in line or "status" in line:
-                build_line = line.get("stream") or line.get("status")
+                build_line = line.get("stream") or line.get("status") or ''
                 build_output.append(build_line)
 
             if line.get('error'):
@@ -774,17 +774,73 @@ class ImageManager(DockerBaseClass):
 
         :return: image dict
         '''
+        # Load image(s) from file
+        load_output = []
+        has_output = False
         try:
             self.log("Opening image %s" % self.load_path)
             with open(self.load_path, 'rb') as image_tar:
                 self.log("Loading image from %s" % self.load_path)
-                self.client.load_image(image_tar)
+                output = self.client.load_image(image_tar)
+                if output is not None:
+                    # Old versions of Docker SDK of Python (before version 2.5.0) do not return anything.
+                    # (See https://github.com/docker/docker-py/commit/7139e2d8f1ea82340417add02090bfaf7794f159)
+                    # Note that before that commit, something else than None was returned, but that was also
+                    # only introduced in a commit that first appeared in 2.5.0 (see
+                    # https://github.com/docker/docker-py/commit/9e793806ff79559c3bc591d8c52a3bbe3cdb7350).
+                    # So the above check works for every released version of Docker SDK for Python.
+                    has_output = True
+                    for line in output:
+                        self.log(line, pretty_print=True)
+                        if "stream" in line or "status" in line:
+                            load_line = line.get("stream") or line.get("status") or ''
+                            load_output.append(load_line)
+                else:
+                    if LooseVersion(docker_version) < LooseVersion('2.5.0'):
+                        self.client.module.warn(
+                            'The installed version of the Docker SDK for Python does not return the loading results'
+                            ' from the Docker daemon. Therefore, we cannot verify whether the expected image was'
+                            ' loaded, whether multiple images where loaded, or whether the load actually succeeded.'
+                            ' If you are not stuck with Python 2.6, *please* upgrade to a version newer than 2.5.0'
+                            ' (2.5.0 was released in August 2017).'
+                        )
+                    else:
+                        self.client.module.warn(
+                            'The API version of your Docker daemon is < 1.23, which does not return the image'
+                            ' loading result from the Docker daemon. Therefore, we cannot verify whether the'
+                            ' expected image was loaded, whether multiple images where loaded, or whether the load'
+                            ' actually succeeded. You should consider upgrading your Docker daemon.'
+                        )
         except EnvironmentError as exc:
             if exc.errno == errno.ENOENT:
-                self.fail("Error opening image %s - %s" % (self.load_path, str(exc)))
-            self.fail("Error loading image %s - %s" % (self.name, str(exc)))
+                self.client.fail("Error opening image %s - %s" % (self.load_path, str(exc)))
+            self.client.fail("Error loading image %s - %s" % (self.name, str(exc)), stdout='\n'.join(load_output))
         except Exception as exc:
-            self.fail("Error loading image %s - %s" % (self.name, str(exc)))
+            self.client.fail("Error loading image %s - %s" % (self.name, str(exc)), stdout='\n'.join(load_output))
+
+        # Collect loaded images
+        if has_output:
+            # We can only do this when we actually got some output from Docker daemon
+            loaded_images = set()
+            for line in load_output:
+                if line.startswith('Loaded image:'):
+                    loaded_images.add(line[len('Loaded image:'):].strip())
+
+            if not loaded_images:
+                self.client.fail("Detected no loaded images. Archive potentially corrupt?", stdout='\n'.join(load_output))
+
+            expected_image = '%s:%s' % (self.name, self.tag)
+            if expected_image not in loaded_images:
+                self.client.fail(
+                    "The archive did not contain image '%s'. Instead, found %s." % (
+                        expected_image, ', '.join(["'%s'" % image for image in sorted(loaded_images)])),
+                    stdout='\n'.join(load_output))
+            loaded_images.remove(expected_image)
+
+            if loaded_images:
+                self.client.module.warn(
+                    "The archive contained more images than specified: %s" % (
+                        ', '.join(["'%s'" % image for image in sorted(loaded_images)]), ))
 
         return self.client.find_image(self.name, self.tag)
 

plugins/modules/cloud/docker/docker_swarm.py

@@ -616,7 +616,7 @@ def main():
         name=dict(type='str'),
         labels=dict(type='dict'),
         signing_ca_cert=dict(type='str'),
-        signing_ca_key=dict(type='str'),
+        signing_ca_key=dict(type='str', no_log=True),
         ca_force_rotate=dict(type='int'),
         autolock_managers=dict(type='bool'),
         node_id=dict(type='str'),

plugins/modules/cloud/huawei/hwc_ecs_instance.py

@@ -543,7 +543,7 @@ def build_module():
                 snapshot_id=dict(type='str')
             )),
             vpc_id=dict(type='str', required=True),
-            admin_pass=dict(type='str'),
+            admin_pass=dict(type='str', no_log=True),
             data_volumes=dict(type='list', elements='dict', options=dict(
                 volume_id=dict(type='str', required=True),
                 device=dict(type='str')

plugins/modules/cloud/linode/linode.py

@@ -107,8 +107,8 @@ options:
   private_ip:
     description:
     - Add private IPv4 address when Linode is created.
+    - Default is C(false).
     type: bool
-    default: "no"
   ssh_pub_key:
     description:
      - SSH public key applied to root user

plugins/modules/cloud/lxc/lxc_container.py

@@ -1,24 +1,25 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 
-# (c) 2014, Kevin Carter <kevin.carter@rackspace.com>
+# Copyright: (c) 2014, Kevin Carter <kevin.carter@rackspace.com>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
 from __future__ import absolute_import, division, print_function
 __metaclass__ = type
 
 
-DOCUMENTATION = '''
+DOCUMENTATION = r'''
 ---
 module: lxc_container
 short_description: Manage LXC Containers
 description:
-  - Management of LXC containers
+  - Management of LXC containers.
 author: "Kevin Carter (@cloudnull)"
 options:
     name:
         description:
           - Name of a container.
+        type: str
         required: true
     backing_store:
         choices:
@@ -30,93 +31,105 @@ options:
           - zfs
         description:
           - Backend storage type for the container.
+        type: str
         default: dir
     template:
         description:
           - Name of the template to use within an LXC create.
+        type: str
         default: ubuntu
     template_options:
         description:
           - Template options when building the container.
+        type: str
     config:
         description:
           - Path to the LXC configuration file.
+        type: path
     lv_name:
         description:
           - Name of the logical volume, defaults to the container name.
-        default: $CONTAINER_NAME
+          - If not specified, it defaults to C($CONTAINER_NAME).
+        type: str
     vg_name:
         description:
-          - If Backend store is lvm, specify the name of the volume group.
+          - If backend store is lvm, specify the name of the volume group.
+        type: str
         default: lxc
     thinpool:
         description:
           - Use LVM thin pool called TP.
+        type: str
     fs_type:
         description:
           - Create fstype TYPE.
+        type: str
         default: ext4
     fs_size:
         description:
           - File system Size.
+        type: str
         default: 5G
     directory:
         description:
           - Place rootfs directory under DIR.
+        type: path
     zfs_root:
         description:
           - Create zfs under given zfsroot.
+        type: str
     container_command:
         description:
           - Run a command within a container.
+        type: str
     lxc_path:
         description:
-          - Place container under PATH
+          - Place container under PATH.
+        type: path
     container_log:
-        choices:
-          - true
-          - false
         description:
           - Enable a container log for host actions to the container.
         type: bool
         default: 'no'
     container_log_level:
         choices:
+          - Info
+          - info
           - INFO
+          - Error
+          - error
           - ERROR
+          - Debug
+          - debug
           - DEBUG
         description:
           - Set the log level for a container where *container_log* was set.
+        type: str
         required: false
         default: INFO
     clone_name:
         description:
-          - Name of the new cloned server. This is only used when state is
-            clone.
+          - Name of the new cloned server.
+          - This is only used when state is clone.
         type: str
     clone_snapshot:
-        choices:
-          - true
-          - false
         description:
-          - Create a snapshot a container when cloning. This is not supported
-            by all container storage backends. Enabling this may fail if the
-            backing store does not support snapshots.
+          - Create a snapshot a container when cloning.
+          - This is not supported by all container storage backends.
+          - Enabling this may fail if the backing store does not support snapshots.
         type: bool
         default: 'no'
     archive:
-        choices:
-          - true
-          - false
         description:
-          - Create an archive of a container. This will create a tarball of the
-            running container.
+          - Create an archive of a container.
+          - This will create a tarball of the running container.
         type: bool
         default: 'no'
     archive_path:
         description:
-          - Path the save the archived container. If the path does not exist
-            the archive method will attempt to create it.
+          - Path the save the archived container.
+          - If the path does not exist the archive method will attempt to create it.
+        type: path
     archive_compression:
         choices:
           - gzip
@@ -125,6 +138,7 @@ options:
         description:
           - Type of compression to use when creating an archive of a running
             container.
+        type: str
         default: gzip
     state:
         choices:
@@ -133,16 +147,19 @@ options:
           - restarted
           - absent
           - frozen
+          - clone
         description:
-          - Define the state of a container. If you clone a container using
-            `clone_name` the newly cloned container created in a stopped state.
-            The running container will be stopped while the clone operation is
+          - Define the state of a container.
+          - If you clone a container using I(clone_name) the newly cloned
+            container created in a stopped state.
+          - The running container will be stopped while the clone operation is
             happening and upon completion of the clone the original container
             state will be restored.
+        type: str
         default: started
     container_config:
         description:
-          - list of 'key=value' options to use when configuring a container.
+          - A list of C(key=value) options to use when configuring a container.
         type: list
         elements: str
 requirements:
@@ -172,7 +189,7 @@ notes:
     name lxc-python2.
 '''
 
-EXAMPLES = """
+EXAMPLES = r"""
 - name: Create a started container
   community.general.lxc_container:
     name: test-container-started
@@ -355,7 +372,7 @@ EXAMPLES = """
     - test-container-new-archive-destroyed-clone
 """
 
-RETURN = """
+RETURN = r"""
 lxc_container:
     description: container information
     returned: success
@@ -713,7 +730,7 @@ class LxcContainerManagement(object):
             for option_line in container_config:
                 # Look for key in config
                 if keyre.match(option_line):
-                    _, _value = option_line.split('=', 1)
+                    dummy, _value = option_line.split('=', 1)
                     config_value = ' '.join(_value.split())
                     line_index = container_config.index(option_line)
                     # If the sanitized values don't match replace them
@@ -912,8 +929,7 @@ class LxcContainerManagement(object):
 
         if self._container_exists(container_name=self.container_name, lxc_path=self.lxc_path):
             return str(self.container.state).lower()
-        else:
-            return str('absent')
+        return str('absent')
 
     def _execute_command(self):
         """Execute a shell command."""
@@ -937,7 +953,7 @@ class LxcContainerManagement(object):
         """
 
         self.container = self.get_container_bind()
-        for _ in xrange(timeout):
+        for dummy in xrange(timeout):
             if self._get_state() != 'running':
                 self.container.start()
                 self.state_change = True
@@ -990,7 +1006,7 @@ class LxcContainerManagement(object):
         :type timeout: ``int``
         """
 
-        for _ in xrange(timeout):
+        for dummy in xrange(timeout):
             if not self._container_exists(container_name=self.container_name, lxc_path=self.lxc_path):
                 break
 
@@ -1646,7 +1662,7 @@ def main():
             ),
             backing_store=dict(
                 type='str',
-                choices=LXC_BACKING_STORE.keys(),
+                choices=list(LXC_BACKING_STORE.keys()),
                 default='dir'
             ),
             template_options=dict(
@@ -1683,7 +1699,7 @@ def main():
                 type='path'
             ),
             state=dict(
-                choices=LXC_ANSIBLE_STATES.keys(),
+                choices=list(LXC_ANSIBLE_STATES.keys()),
                 default='started'
             ),
             container_command=dict(
@@ -1695,7 +1711,7 @@ def main():
             ),
             container_log=dict(
                 type='bool',
-                default='false'
+                default=False
             ),
             container_log_level=dict(
                 choices=[n for i in LXC_LOGGING_LEVELS.values() for n in i],
@@ -1711,13 +1727,13 @@ def main():
             ),
             archive=dict(
                 type='bool',
-                default='false'
+                default=False
             ),
             archive_path=dict(
                 type='path',
             ),
             archive_compression=dict(
-                choices=LXC_COMPRESSION_MAP.keys(),
+                choices=list(LXC_COMPRESSION_MAP.keys()),
                 default='gzip'
             )
         ),

plugins/modules/cloud/lxd/lxd_container.py

@@ -19,11 +19,13 @@ options:
     name:
         description:
           - Name of a container.
+        type: str
         required: true
     architecture:
         description:
           - The architecture for the container (e.g. "x86_64" or "i686").
             See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
+        type: str
         required: false
     config:
         description:
@@ -37,12 +39,19 @@ options:
           - The key starts with 'volatile.' are ignored for this comparison.
           - Not all config values are supported to apply the existing container.
             Maybe you need to delete and recreate a container.
+        type: dict
         required: false
+    profiles:
+        description:
+          - Profile to be used by the container
+        type: list
+        elements: str
     devices:
         description:
           - 'The devices for the container
             (e.g. { "rootfs": { "path": "/dev/kvm", "type": "unix-char" }).
             See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)'
+        type: dict
         required: false
     ephemeral:
         description:
@@ -61,6 +70,7 @@ options:
           - 'See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1) for complete API documentation.'
           - 'Note that C(protocol) accepts two choices: C(lxd) or C(simplestreams)'
         required: false
+        type: dict
     state:
         choices:
           - started
@@ -72,6 +82,7 @@ options:
           - Define the state of a container.
         required: false
         default: started
+        type: str
     target:
         description:
           - For cluster deployments. Will attempt to create a container on a target node.
@@ -88,6 +99,7 @@ options:
             starting or restarting.
         required: false
         default: 30
+        type: int
     wait_for_ipv4_addresses:
         description:
           - If this is true, the C(lxd_container) waits until IPv4 addresses
@@ -108,23 +120,27 @@ options:
           - The unix domain socket path or the https URL for the LXD server.
         required: false
         default: unix:/var/lib/lxd/unix.socket
+        type: str
     snap_url:
         description:
           - The unix domain socket path when LXD is installed by snap package manager.
         required: false
         default: unix:/var/snap/lxd/common/lxd/unix.socket
+        type: str
     client_key:
         description:
           - The client certificate key file path.
+          - If not specified, it defaults to C(${HOME}/.config/lxc/client.key).
         required: false
-        default: '"{}/.config/lxc/client.key" .format(os.environ["HOME"])'
         aliases: [ key_file ]
+        type: str
     client_cert:
         description:
           - The client certificate file path.
+          - If not specified, it defaults to C(${HOME}/.config/lxc/client.crt).
         required: false
-        default: '"{}/.config/lxc/client.crt" .format(os.environ["HOME"])'
         aliases: [ cert_file ]
+        type: str
     trust_password:
         description:
           - The client trusted password.
@@ -135,6 +151,7 @@ options:
           - If trust_password is set, this module send a request for
             authentication before sending any requests.
         required: false
+        type: str
 notes:
   - Containers must have a unique name. If you attempt to create a container
     with a name that already existed in the users namespace the module will
@@ -356,8 +373,12 @@ class LXDContainerManagement(object):
         self.addresses = None
         self.target = self.module.params['target']
 
-        self.key_file = self.module.params.get('client_key', None)
-        self.cert_file = self.module.params.get('client_cert', None)
+        self.key_file = self.module.params.get('client_key')
+        if self.key_file is None:
+            self.key_file = '{0}/.config/lxc/client.key'.format(os.environ['HOME'])
+        self.cert_file = self.module.params.get('client_cert')
+        if self.cert_file is None:
+            self.cert_file = '{0}/.config/lxc/client.crt'.format(os.environ['HOME'])
         self.debug = self.module._verbosity >= 4
 
         try:
@@ -638,12 +659,13 @@ def main():
             ),
             profiles=dict(
                 type='list',
+                elements='str',
             ),
             source=dict(
                 type='dict',
             ),
             state=dict(
-                choices=LXD_ANSIBLE_STATES.keys(),
+                choices=list(LXD_ANSIBLE_STATES.keys()),
                 default='started'
             ),
             target=dict(
@@ -671,12 +693,10 @@ def main():
             ),
             client_key=dict(
                 type='str',
-                default='{0}/.config/lxc/client.key'.format(os.environ['HOME']),
                 aliases=['key_file']
             ),
             client_cert=dict(
                 type='str',
-                default='{0}/.config/lxc/client.crt'.format(os.environ['HOME']),
                 aliases=['cert_file']
             ),
             trust_password=dict(type='str', no_log=True)

plugins/modules/cloud/lxd/lxd_profile.py

@@ -20,9 +20,11 @@ options:
         description:
           - Name of a profile.
         required: true
+        type: str
     description:
         description:
           - Description of the profile.
+        type: str
     config:
         description:
           - 'The config for the container (e.g. {"limits.memory": "4GB"}).
@@ -35,18 +37,21 @@ options:
           - Not all config values are supported to apply the existing profile.
             Maybe you need to delete and recreate a profile.
         required: false
+        type: dict
     devices:
         description:
           - 'The devices for the profile
             (e.g. {"rootfs": {"path": "/dev/kvm", "type": "unix-char"}).
             See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#patch-3)'
         required: false
+        type: dict
     new_name:
         description:
           - A new name of a profile.
           - If this parameter is specified a profile will be renamed to this name.
             See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-11)
         required: false
+        type: str
     state:
         choices:
           - present
@@ -55,28 +60,33 @@ options:
           - Define the state of a profile.
         required: false
         default: present
+        type: str
     url:
         description:
           - The unix domain socket path or the https URL for the LXD server.
         required: false
         default: unix:/var/lib/lxd/unix.socket
+        type: str
     snap_url:
         description:
           - The unix domain socket path when LXD is installed by snap package manager.
         required: false
         default: unix:/var/snap/lxd/common/lxd/unix.socket
+        type: str
     client_key:
         description:
           - The client certificate key file path.
+          - If not specified, it defaults to C($HOME/.config/lxc/client.key).
         required: false
-        default: '"{}/.config/lxc/client.key" .format(os.environ["HOME"])'
         aliases: [ key_file ]
+        type: str
     client_cert:
         description:
           - The client certificate file path.
+          - If not specified, it defaults to C($HOME/.config/lxc/client.crt).
         required: false
-        default: '"{}/.config/lxc/client.crt" .format(os.environ["HOME"])'
         aliases: [ cert_file ]
+        type: str
     trust_password:
         description:
           - The client trusted password.
@@ -87,6 +97,7 @@ options:
           - If trust_password is set, this module send a request for
             authentication before sending any requests.
         required: false
+        type: str
 notes:
   - Profiles must have a unique name. If you attempt to create a profile
     with a name that already existed in the users namespace the module will
@@ -201,8 +212,12 @@ class LXDProfileManagement(object):
         self.state = self.module.params['state']
         self.new_name = self.module.params.get('new_name', None)
 
-        self.key_file = self.module.params.get('client_key', None)
-        self.cert_file = self.module.params.get('client_cert', None)
+        self.key_file = self.module.params.get('client_key')
+        if self.key_file is None:
+            self.key_file = '{0}/.config/lxc/client.key'.format(os.environ['HOME'])
+        self.cert_file = self.module.params.get('client_cert')
+        if self.cert_file is None:
+            self.cert_file = '{0}/.config/lxc/client.crt'.format(os.environ['HOME'])
         self.debug = self.module._verbosity >= 4
 
         try:
@@ -370,12 +385,10 @@ def main():
             ),
             client_key=dict(
                 type='str',
-                default='{0}/.config/lxc/client.key'.format(os.environ['HOME']),
                 aliases=['key_file']
             ),
             client_cert=dict(
                 type='str',
-                default='{0}/.config/lxc/client.crt'.format(os.environ['HOME']),
                 aliases=['cert_file']
             ),
             trust_password=dict(type='str', no_log=True)

plugins/modules/cloud/misc/ovirt.py

@@ -405,8 +405,8 @@ def main():
             instance_gateway=dict(type='str', aliases=['gateway']),
             instance_domain=dict(type='str', aliases=['domain']),
             instance_dns=dict(type='str', aliases=['dns']),
-            instance_rootpw=dict(type='str', aliases=['rootpw']),
-            instance_key=dict(type='str', aliases=['key']),
+            instance_rootpw=dict(type='str', aliases=['rootpw'], no_log=True),
+            instance_key=dict(type='str', aliases=['key'], no_log=True),
             sdomain=dict(type='str'),
             region=dict(type='str'),
         ),

plugins/modules/cloud/misc/proxmox.py

@@ -370,7 +370,6 @@ EXAMPLES = r'''
     state: absent
 '''
 
-import os
 import time
 import traceback
 from distutils.version import LooseVersion
@@ -381,7 +380,7 @@ try:
 except ImportError:
     HAS_PROXMOXER = False
 
-from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.basic import AnsibleModule, env_fallback
 from ansible.module_utils._text import to_native
 
 
@@ -506,7 +505,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             api_host=dict(required=True),
-            api_password=dict(no_log=True),
+            api_password=dict(no_log=True, fallback=(env_fallback, ['PROXMOX_PASSWORD'])),
             api_token_id=dict(no_log=True),
             api_token_secret=dict(no_log=True),
             api_user=dict(required=True),
@@ -538,7 +537,10 @@ def main():
             description=dict(type='str'),
             hookscript=dict(type='str'),
             proxmox_default_behavior=dict(type='str', choices=['compatibility', 'no_defaults']),
-        )
+        ),
+        required_if=[('state', 'present', ['node', 'hostname', 'password', 'ostemplate'])],
+        required_together=[('api_token_id', 'api_token_secret')],
+        required_one_of=[('api_password', 'api_token_id')],
     )
 
     if not HAS_PROXMOXER:
@@ -585,13 +587,7 @@ def main():
                 module.params[param] = value
 
     auth_args = {'user': api_user}
-    if not (api_token_id and api_token_secret):
-        # If password not set get it from PROXMOX_PASSWORD env
-        if not api_password:
-            try:
-                api_password = os.environ['PROXMOX_PASSWORD']
-            except KeyError as e:
-                module.fail_json(msg='You should set api_password param or use PROXMOX_PASSWORD environment variable')
+    if not api_token_id:
         auth_args['password'] = api_password
     else:
         auth_args['token_name'] = api_token_id
@@ -623,8 +619,6 @@ def main():
             # If no vmid was passed, there cannot be another VM named 'hostname'
             if not module.params['vmid'] and get_vmid(proxmox, hostname) and not module.params['force']:
                 module.exit_json(changed=False, msg="VM with hostname %s already exists and has ID number %s" % (hostname, get_vmid(proxmox, hostname)[0]))
-            elif not (node, module.params['hostname'] and module.params['password'] and module.params['ostemplate']):
-                module.fail_json(msg='node, hostname, password and ostemplate are mandatory for creating vm')
             elif not node_check(proxmox, node):
                 module.fail_json(msg="node '%s' not exists in cluster" % node)
             elif not content_check(proxmox, node, module.params['ostemplate'], template_store):

plugins/modules/cloud/misc/proxmox_kvm.py

@@ -31,6 +31,9 @@ options:
     description:
       - Pass arbitrary arguments to kvm.
       - This option is for experts only!
+      - If I(proxmox_default_behavior) is set to C(compatiblity) (the default value), this
+        option has a default of C(-serial unix:/var/run/qemu-server/<vmid>.serial,server,nowait).
+        Note that the default value of I(proxmox_default_behavior) changes in community.general 4.0.0.
     type: str
   api_host:
     description:
@@ -774,46 +777,23 @@ EXAMPLES = '''
 '''
 
 RETURN = '''
-devices:
-    description: The list of devices created or used.
-    returned: success
-    type: dict
-    sample: '
-      {
-        "ide0": "VMS_LVM:vm-115-disk-1",
-        "ide1": "VMs:115/vm-115-disk-3.raw",
-        "virtio0": "VMS_LVM:vm-115-disk-2",
-        "virtio1": "VMs:115/vm-115-disk-1.qcow2",
-        "virtio2": "VMs:115/vm-115-disk-2.raw"
-      }'
-mac:
-    description: List of mac address created and net[n] attached. Useful when you want to use provision systems like Foreman via PXE.
-    returned: success
-    type: dict
-    sample: '
-      {
-        "net0": "3E:6E:97:D2:31:9F",
-        "net1": "B6:A1:FC:EF:78:A4"
-      }'
 vmid:
-    description: The VM vmid.
-    returned: success
-    type: int
-    sample: 115
+  description: The VM vmid.
+  returned: success
+  type: int
+  sample: 115
 status:
-    description:
-      - The current virtual machine status.
-      - Returned only when C(state=current)
-    returned: success
-    type: dict
-    sample: '{
-      "changed": false,
-      "msg": "VM kropta with vmid = 110 is running",
-      "status": "running"
-    }'
+  description: The current virtual machine status.
+  returned: success, not clone, not absent, not update
+  type: str
+  sample: running
+msg:
+  description: A short message
+  returned: always
+  type: str
+  sample: "VM kropta with vmid = 110 is running"
 '''
 
-import os
 import re
 import time
 import traceback
@@ -826,7 +806,7 @@ try:
 except ImportError:
     HAS_PROXMOXER = False
 
-from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.basic import AnsibleModule, env_fallback
 from ansible.module_utils._text import to_native
 
 
@@ -992,9 +972,9 @@ def create_vm(module, proxmox, vmid, newid, node, name, memory, cpu, cores, sock
         if searchdomains:
             kwargs['searchdomain'] = ' '.join(searchdomains)
 
-    # -args and skiplock require root@pam user
+    # -args and skiplock require root@pam user - but can not use api tokens
     if module.params['api_user'] == "root@pam" and module.params['args'] is None:
-        if not update:
+        if not update and module.params['proxmox_default_behavior'] == 'compatibility':
             kwargs['args'] = vm_args
     elif module.params['api_user'] == "root@pam" and module.params['args'] is not None:
         kwargs['args'] = module.params['args']
@@ -1059,7 +1039,7 @@ def main():
             agent=dict(type='bool'),
             args=dict(type='str'),
             api_host=dict(required=True),
-            api_password=dict(no_log=True),
+            api_password=dict(no_log=True, fallback=(env_fallback, ['PROXMOX_PASSWORD'])),
             api_token_id=dict(no_log=True),
             api_token_secret=dict(no_log=True),
             api_user=dict(required=True),
@@ -1072,12 +1052,12 @@ def main():
             cipassword=dict(type='str', no_log=True),
             citype=dict(type='str', choices=['nocloud', 'configdrive2']),
             ciuser=dict(type='str'),
-            clone=dict(type='str', default=None),
+            clone=dict(type='str'),
             cores=dict(type='int'),
             cpu=dict(type='str'),
             cpulimit=dict(type='int'),
             cpuunits=dict(type='int'),
-            delete=dict(type='str', default=None),
+            delete=dict(type='str'),
             description=dict(type='str'),
             digest=dict(type='str'),
             force=dict(type='bool'),
@@ -1100,7 +1080,7 @@ def main():
             name=dict(type='str'),
             nameservers=dict(type='list', elements='str'),
             net=dict(type='dict'),
-            newid=dict(type='int', default=None),
+            newid=dict(type='int'),
             node=dict(),
             numa=dict(type='dict'),
             numa_enabled=dict(type='bool'),
@@ -1136,13 +1116,14 @@ def main():
             vcpus=dict(type='int'),
             vga=dict(choices=['std', 'cirrus', 'vmware', 'qxl', 'serial0', 'serial1', 'serial2', 'serial3', 'qxl2', 'qxl3', 'qxl4']),
             virtio=dict(type='dict'),
-            vmid=dict(type='int', default=None),
+            vmid=dict(type='int'),
             watchdog=dict(),
             proxmox_default_behavior=dict(type='str', choices=['compatibility', 'no_defaults']),
         ),
         mutually_exclusive=[('delete', 'revert'), ('delete', 'update'), ('revert', 'update'), ('clone', 'update'), ('clone', 'delete'), ('clone', 'revert')],
-        required_one_of=[('name', 'vmid',)],
-        required_if=[('state', 'present', ['node'])]
+        required_together=[('api_token_id', 'api_token_secret')],
+        required_one_of=[('name', 'vmid'), ('api_password', 'api_token_id')],
+        required_if=[('state', 'present', ['node'])],
     )
 
     if not HAS_PROXMOXER:
@@ -1184,7 +1165,6 @@ def main():
             cores=1,
             cpu='kvm64',
             cpuunits=1000,
-            force=False,
             format='qcow2',
             kvm=True,
             memory=512,
@@ -1203,12 +1183,6 @@ def main():
 
     auth_args = {'user': api_user}
     if not (api_token_id and api_token_secret):
-        # If password not set get it from PROXMOX_PASSWORD env
-        if not api_password:
-            try:
-                api_password = os.environ['PROXMOX_PASSWORD']
-            except KeyError:
-                module.fail_json(msg='You should set api_password param or use PROXMOX_PASSWORD environment variable')
         auth_args['password'] = api_password
     else:
         auth_args['token_name'] = api_token_id
@@ -1251,36 +1225,36 @@ def main():
 
         # Ensure source VM id exists when cloning
         if not get_vm(proxmox, vmid):
-            module.fail_json(msg='VM with vmid = %s does not exist in cluster' % vmid)
+            module.fail_json(vmid=vmid, msg='VM with vmid = %s does not exist in cluster' % vmid)
 
         # Ensure the choosen VM name doesn't already exist when cloning
         if get_vmid(proxmox, name):
-            module.exit_json(changed=False, msg="VM with name <%s> already exists" % name)
+            module.exit_json(changed=False, vmid=vmid, msg="VM with name <%s> already exists" % name)
 
         # Ensure the choosen VM id doesn't already exist when cloning
         if get_vm(proxmox, newid):
-            module.exit_json(changed=False, msg="vmid %s with VM name %s already exists" % (newid, name))
+            module.exit_json(changed=False, vmid=vmid, msg="vmid %s with VM name %s already exists" % (newid, name))
 
     if delete is not None:
         try:
             settings(module, proxmox, vmid, node, name, delete=delete)
-            module.exit_json(changed=True, msg="Settings has deleted on VM {0} with vmid {1}".format(name, vmid))
+            module.exit_json(changed=True, vmid=vmid, msg="Settings has deleted on VM {0} with vmid {1}".format(name, vmid))
         except Exception as e:
-            module.fail_json(msg='Unable to delete settings on VM {0} with vmid {1}: '.format(name, vmid) + str(e))
+            module.fail_json(vmid=vmid, msg='Unable to delete settings on VM {0} with vmid {1}: '.format(name, vmid) + str(e))
 
     if revert is not None:
         try:
             settings(module, proxmox, vmid, node, name, revert=revert)
-            module.exit_json(changed=True, msg="Settings has reverted on VM {0} with vmid {1}".format(name, vmid))
+            module.exit_json(changed=True, vmid=vmid, msg="Settings has reverted on VM {0} with vmid {1}".format(name, vmid))
         except Exception as e:
-            module.fail_json(msg='Unable to revert settings on VM {0} with vmid {1}: Maybe is not a pending task...   '.format(name, vmid) + str(e))
+            module.fail_json(vmid=vmid, msg='Unable to revert settings on VM {0} with vmid {1}: Maybe is not a pending task...   '.format(name, vmid) + str(e))
 
     if state == 'present':
         try:
             if get_vm(proxmox, vmid) and not (update or clone):
-                module.exit_json(changed=False, msg="VM with vmid <%s> already exists" % vmid)
+                module.exit_json(changed=False, vmid=vmid, msg="VM with vmid <%s> already exists" % vmid)
             elif get_vmid(proxmox, name) and not (update or clone):
-                module.exit_json(changed=False, msg="VM with name <%s> already exists" % name)
+                module.exit_json(changed=False, vmid=vmid, msg="VM with name <%s> already exists" % name)
             elif not (node, name):
                 module.fail_json(msg='node, name is mandatory for creating/updating vm')
             elif not node_check(proxmox, node):
@@ -1353,82 +1327,90 @@ def main():
                            scsi=module.params['scsi'],
                            virtio=module.params['virtio'])
             if update:
-                module.exit_json(changed=True, msg="VM %s with vmid %s updated" % (name, vmid))
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s with vmid %s updated" % (name, vmid))
             elif clone is not None:
-                module.exit_json(changed=True, msg="VM %s with newid %s cloned from vm with vmid %s" % (name, newid, vmid))
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s with newid %s cloned from vm with vmid %s" % (name, newid, vmid))
             else:
                 module.exit_json(changed=True, msg="VM %s with vmid %s deployed" % (name, vmid), **results)
         except Exception as e:
             if update:
-                module.fail_json(msg="Unable to update vm {0} with vmid {1}=".format(name, vmid) + str(e))
+                module.fail_json(vmid=vmid, msg="Unable to update vm {0} with vmid {1}=".format(name, vmid) + str(e))
             elif clone is not None:
-                module.fail_json(msg="Unable to clone vm {0} from vmid {1}=".format(name, vmid) + str(e))
+                module.fail_json(vmid=vmid, msg="Unable to clone vm {0} from vmid {1}=".format(name, vmid) + str(e))
             else:
-                module.fail_json(msg="creation of qemu VM %s with vmid %s failed with exception=%s" % (name, vmid, e))
+                module.fail_json(vmid=vmid, msg="creation of qemu VM %s with vmid %s failed with exception=%s" % (name, vmid, e))
 
     elif state == 'started':
+        status = {}
         try:
             if -1 == vmid:
                 module.fail_json(msg='VM with name = %s does not exist in cluster' % name)
             vm = get_vm(proxmox, vmid)
             if not vm:
-                module.fail_json(msg='VM with vmid <%s> does not exist in cluster' % vmid)
+                module.fail_json(vmid=vmid, msg='VM with vmid <%s> does not exist in cluster' % vmid)
+            status['status'] = vm[0]['status']
             if vm[0]['status'] == 'running':
-                module.exit_json(changed=False, msg="VM %s is already running" % vmid)
+                module.exit_json(changed=False, vmid=vmid, msg="VM %s is already running" % vmid, **status)
 
             if start_vm(module, proxmox, vm):
-                module.exit_json(changed=True, msg="VM %s started" % vmid)
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s started" % vmid, **status)
         except Exception as e:
-            module.fail_json(msg="starting of VM %s failed with exception: %s" % (vmid, e))
+            module.fail_json(vmid=vmid, msg="starting of VM %s failed with exception: %s" % (vmid, e), **status)
 
     elif state == 'stopped':
+        status = {}
         try:
             if -1 == vmid:
                 module.fail_json(msg='VM with name = %s does not exist in cluster' % name)
 
             vm = get_vm(proxmox, vmid)
             if not vm:
-                module.fail_json(msg='VM with vmid = %s does not exist in cluster' % vmid)
+                module.fail_json(vmid=vmid, msg='VM with vmid = %s does not exist in cluster' % vmid)
 
+            status['status'] = vm[0]['status']
             if vm[0]['status'] == 'stopped':
-                module.exit_json(changed=False, msg="VM %s is already stopped" % vmid)
+                module.exit_json(changed=False, vmid=vmid, msg="VM %s is already stopped" % vmid, **status)
 
             if stop_vm(module, proxmox, vm, force=module.params['force']):
-                module.exit_json(changed=True, msg="VM %s is shutting down" % vmid)
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s is shutting down" % vmid, **status)
         except Exception as e:
-            module.fail_json(msg="stopping of VM %s failed with exception: %s" % (vmid, e))
+            module.fail_json(vmid=vmid, msg="stopping of VM %s failed with exception: %s" % (vmid, e), **status)
 
     elif state == 'restarted':
+        status = {}
         try:
             if -1 == vmid:
                 module.fail_json(msg='VM with name = %s does not exist in cluster' % name)
 
             vm = get_vm(proxmox, vmid)
             if not vm:
-                module.fail_json(msg='VM with vmid = %s does not exist in cluster' % vmid)
+                module.fail_json(vmid=vmid, msg='VM with vmid = %s does not exist in cluster' % vmid)
+            status['status'] = vm[0]['status']
             if vm[0]['status'] == 'stopped':
-                module.exit_json(changed=False, msg="VM %s is not running" % vmid)
+                module.exit_json(changed=False, vmid=vmid, msg="VM %s is not running" % vmid, **status)
 
             if stop_vm(module, proxmox, vm, force=module.params['force']) and start_vm(module, proxmox, vm):
-                module.exit_json(changed=True, msg="VM %s is restarted" % vmid)
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s is restarted" % vmid, **status)
         except Exception as e:
-            module.fail_json(msg="restarting of VM %s failed with exception: %s" % (vmid, e))
+            module.fail_json(vmid=vmid, msg="restarting of VM %s failed with exception: %s" % (vmid, e), **status)
 
     elif state == 'absent':
+        status = {}
         try:
             vm = get_vm(proxmox, vmid)
             if not vm:
-                module.exit_json(changed=False)
+                module.exit_json(changed=False, vmid=vmid)
 
             proxmox_node = proxmox.nodes(vm[0]['node'])
+            status['status'] = vm[0]['status']
             if vm[0]['status'] == 'running':
-                module.exit_json(changed=False, msg="VM %s is running. Stop it before deletion." % vmid)
+                module.exit_json(changed=False, vmid=vmid, msg="VM %s is running. Stop it before deletion." % vmid)
             taskid = proxmox_node.qemu.delete(vmid)
             if not wait_for_task(module, proxmox, vm[0]['node'], taskid):
                 module.fail_json(msg='Reached timeout while waiting for removing VM. Last line in task before timeout: %s' %
                                  proxmox_node.tasks(taskid).log.get()[:1])
             else:
-                module.exit_json(changed=True, msg="VM %s removed" % vmid)
+                module.exit_json(changed=True, vmid=vmid, msg="VM %s removed" % vmid)
         except Exception as e:
             module.fail_json(msg="deletion of VM %s failed with exception: %s" % (vmid, e))
 
@@ -1439,10 +1421,12 @@ def main():
         vm = get_vm(proxmox, vmid)
         if not vm:
             module.fail_json(msg='VM with vmid = %s does not exist in cluster' % vmid)
+        if not name:
+            name = vm[0]['name']
         current = proxmox.nodes(vm[0]['node']).qemu(vmid).status.current.get()['status']
         status['status'] = current
         if status:
-            module.exit_json(changed=False, msg="VM %s with vmid = %s is %s" % (name, vmid, current), **status)
+            module.exit_json(changed=False, vmid=vmid, msg="VM %s with vmid = %s is %s" % (name, vmid, current), **status)
 
 
 if __name__ == '__main__':

plugins/modules/cloud/misc/proxmox_template.py

@@ -152,7 +152,7 @@ try:
 except ImportError:
     HAS_PROXMOXER = False
 
-from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.basic import AnsibleModule, env_fallback
 
 
 def get_template(proxmox, node, storage, content_type, template):
@@ -205,7 +205,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             api_host=dict(required=True),
-            api_password=dict(no_log=True),
+            api_password=dict(no_log=True, fallback=(env_fallback, ['PROXMOX_PASSWORD'])),
             api_token_id=dict(no_log=True),
             api_token_secret=dict(no_log=True),
             api_user=dict(required=True),
@@ -218,7 +218,10 @@ def main():
             timeout=dict(type='int', default=30),
             force=dict(type='bool', default=False),
             state=dict(default='present', choices=['present', 'absent']),
-        )
+        ),
+        required_together=[('api_token_id', 'api_token_secret')],
+        required_one_of=[('api_password', 'api_token_id')],
+        required_if=[('state', 'absent', ['template'])]
     )
 
     if not HAS_PROXMOXER:
@@ -237,12 +240,6 @@ def main():
 
     auth_args = {'user': api_user}
     if not (api_token_id and api_token_secret):
-        # If password not set get it from PROXMOX_PASSWORD env
-        if not api_password:
-            try:
-                api_password = os.environ['PROXMOX_PASSWORD']
-            except KeyError as e:
-                module.fail_json(msg='You should set api_password param or use PROXMOX_PASSWORD environment variable')
         auth_args['password'] = api_password
     else:
         auth_args['token_name'] = api_token_id
@@ -291,9 +288,7 @@ def main():
             content_type = module.params['content_type']
             template = module.params['template']
 
-            if not template:
-                module.fail_json(msg='template param is mandatory')
-            elif not get_template(proxmox, node, storage, content_type, template):
+            if not get_template(proxmox, node, storage, content_type, template):
                 module.exit_json(changed=False, msg='template with volid=%s:%s/%s is already deleted' % (storage, content_type, template))
 
             if delete_template(module, proxmox, node, storage, content_type, template, timeout):

plugins/modules/cloud/misc/terraform.py

@@ -194,9 +194,7 @@ def preflight_validation(bin_path, project_path, variables_args=None, plan_file=
     if not os.path.isdir(project_path):
         module.fail_json(msg="Path for Terraform project '{0}' doesn't exist on this host - check the path and try again please.".format(project_path))
 
-    rc, out, err = module.run_command([bin_path, 'validate'] + variables_args, cwd=project_path, use_unsafe_shell=True)
-    if rc != 0:
-        module.fail_json(msg="Failed to validate Terraform configuration files:\r\n{0}".format(err))
+    rc, out, err = module.run_command([bin_path, 'validate'] + variables_args, check_rc=True, cwd=project_path, use_unsafe_shell=True)
 
 
 def _state_args(state_file):
@@ -219,10 +217,8 @@ def init_plugins(bin_path, project_path, backend_config, backend_config_files, i
         for f in backend_config_files:
             command.extend(['-backend-config', f])
     if init_reconfigure:
-        command.extend('-reconfigure')
-    rc, out, err = module.run_command(command, cwd=project_path)
-    if rc != 0:
-        module.fail_json(msg="Failed to initialize Terraform modules:\r\n{0}".format(err))
+        command.extend(['-reconfigure'])
+    rc, out, err = module.run_command(command, check_rc=True, cwd=project_path)
 
 
 def get_workspace_context(bin_path, project_path):
@@ -244,9 +240,7 @@ def get_workspace_context(bin_path, project_path):
 
 def _workspace_cmd(bin_path, project_path, action, workspace):
     command = [bin_path, 'workspace', action, workspace, '-no-color']
-    rc, out, err = module.run_command(command, cwd=project_path)
-    if rc != 0:
-        module.fail_json(msg="Failed to {0} workspace:\r\n{1}".format(action, err))
+    rc, out, err = module.run_command(command, check_rc=True, cwd=project_path)
     return rc, out, err
 
 
@@ -388,15 +382,10 @@ def main():
         command.append(plan_file)
 
     if needs_application and not module.check_mode and not state == 'planned':
-        rc, out, err = module.run_command(command, cwd=project_path)
+        rc, out, err = module.run_command(command, check_rc=True, cwd=project_path)
         # checks out to decide if changes were made during execution
         if ' 0 added, 0 changed' not in out and not state == "absent" or ' 0 destroyed' not in out:
             changed = True
-        if rc != 0:
-            module.fail_json(
-                msg="Failure when executing Terraform command. Exited {0}.\nstdout: {1}\nstderr: {2}".format(rc, out, err),
-                command=' '.join(command)
-            )
 
     outputs_command = [command[0], 'output', '-no-color', '-json'] + _state_args(state_file)
     rc, outputs_text, outputs_err = module.run_command(outputs_command, cwd=project_path)

plugins/modules/cloud/oneandone/oneandone_firewall_policy.py

@@ -500,7 +500,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             auth_token=dict(
-                type='str',
+                type='str', no_log=True,
                 default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
             api_url=dict(
                 type='str',

plugins/modules/cloud/oneandone/oneandone_load_balancer.py

@@ -594,7 +594,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             auth_token=dict(
-                type='str',
+                type='str', no_log=True,
                 default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
             api_url=dict(
                 type='str',

plugins/modules/cloud/oneandone/oneandone_monitoring_policy.py

@@ -695,15 +695,15 @@ def update_monitoring_policy(module, oneandone_conn):
             threshold_entities = ['cpu', 'ram', 'disk', 'internal_ping', 'transfer']
 
             _thresholds = []
-            for treshold in thresholds:
-                key = treshold.keys()[0]
+            for threshold in thresholds:
+                key = list(threshold.keys())[0]
                 if key in threshold_entities:
                     _threshold = oneandone.client.Threshold(
                         entity=key,
-                        warning_value=treshold[key]['warning']['value'],
-                        warning_alert=str(treshold[key]['warning']['alert']).lower(),
-                        critical_value=treshold[key]['critical']['value'],
-                        critical_alert=str(treshold[key]['critical']['alert']).lower())
+                        warning_value=threshold[key]['warning']['value'],
+                        warning_alert=str(threshold[key]['warning']['alert']).lower(),
+                        critical_value=threshold[key]['critical']['value'],
+                        critical_alert=str(threshold[key]['critical']['alert']).lower())
                     _thresholds.append(_threshold)
 
         if name or description or email or thresholds:
@@ -864,15 +864,15 @@ def create_monitoring_policy(module, oneandone_conn):
         threshold_entities = ['cpu', 'ram', 'disk', 'internal_ping', 'transfer']
 
         _thresholds = []
-        for treshold in thresholds:
-            key = treshold.keys()[0]
+        for threshold in thresholds:
+            key = list(threshold.keys())[0]
             if key in threshold_entities:
                 _threshold = oneandone.client.Threshold(
                     entity=key,
-                    warning_value=treshold[key]['warning']['value'],
-                    warning_alert=str(treshold[key]['warning']['alert']).lower(),
-                    critical_value=treshold[key]['critical']['value'],
-                    critical_alert=str(treshold[key]['critical']['alert']).lower())
+                    warning_value=threshold[key]['warning']['value'],
+                    warning_alert=str(threshold[key]['warning']['alert']).lower(),
+                    critical_value=threshold[key]['critical']['value'],
+                    critical_alert=str(threshold[key]['critical']['alert']).lower())
                 _thresholds.append(_threshold)
 
         _ports = []
@@ -947,7 +947,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             auth_token=dict(
-                type='str',
+                type='str', no_log=True,
                 default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
             api_url=dict(
                 type='str',

plugins/modules/cloud/oneandone/oneandone_private_network.py

@@ -384,7 +384,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             auth_token=dict(
-                type='str',
+                type='str', no_log=True,
                 default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
             api_url=dict(
                 type='str',

plugins/modules/cloud/oneandone/oneandone_public_ip.py

@@ -274,7 +274,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             auth_token=dict(
-                type='str',
+                type='str', no_log=True,
                 default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
             api_url=dict(
                 type='str',

plugins/modules/cloud/opennebula/one_host.py

@@ -26,6 +26,7 @@ options:
         description:
             - Hostname of the machine to manage.
         required: true
+        type: str
     state:
         description:
             - Takes the host to the desired lifecycle state.
@@ -41,29 +42,36 @@ options:
             - disabled
             - offline
         default: present
+        type: str
     im_mad_name:
         description:
             - The name of the information manager, this values are taken from the oned.conf with the tag name IM_MAD (name)
         default: kvm
+        type: str
     vmm_mad_name:
         description:
             - The name of the virtual machine manager mad name, this values are taken from the oned.conf with the tag name VM_MAD (name)
         default: kvm
+        type: str
     cluster_id:
         description:
             - The cluster ID.
         default: 0
+        type: int
     cluster_name:
         description:
             - The cluster specified by name.
+        type: str
     labels:
         description:
             - The labels for this host.
+        type: list
     template:
         description:
             - The template or attribute changes to merge into the host template.
         aliases:
             - attributes
+        type: dict
 
 extends_documentation_fragment:
 - community.general.opennebula

plugins/modules/cloud/opennebula/one_image.py

@@ -39,20 +39,25 @@ options:
       - It is recommended to use HTTPS so that the username/password are not
       - transferred over the network unencrypted.
       - If not set then the value of the C(ONE_URL) environment variable is used.
+    type: str
   api_username:
     description:
       - Name of the user to login into the OpenNebula RPC server. If not set
       - then the value of the C(ONE_USERNAME) environment variable is used.
+    type: str
   api_password:
     description:
       - Password of the user to login into OpenNebula RPC server. If not set
       - then the value of the C(ONE_PASSWORD) environment variable is used.
+    type: str
   id:
     description:
       - A C(id) of the image you would like to manage.
+    type: int
   name:
     description:
       - A C(name) of the image you would like to manage.
+    type: str
   state:
     description:
       - C(present) - state that is used to manage the image
@@ -61,6 +66,7 @@ options:
       - C(renamed) - rename the image to the C(new_name)
     choices: ["present", "absent", "cloned", "renamed"]
     default: present
+    type: str
   enabled:
     description:
       - Whether the image should be enabled or disabled.
@@ -69,6 +75,7 @@ options:
     description:
       - A name that will be assigned to the existing or new image.
       - In the case of cloning, by default C(new_name) will take the name of the origin image with the prefix 'Copy of'.
+    type: str
 author:
     - "Milan Ilic (@ilicmilan)"
 '''

plugins/modules/cloud/opennebula/one_image_info.py

@@ -40,18 +40,22 @@ options:
       - It is recommended to use HTTPS so that the username/password are not
       - transferred over the network unencrypted.
       - If not set then the value of the C(ONE_URL) environment variable is used.
+    type: str
   api_username:
     description:
       - Name of the user to login into the OpenNebula RPC server. If not set
       - then the value of the C(ONE_USERNAME) environment variable is used.
+    type: str
   api_password:
     description:
       - Password of the user to login into OpenNebula RPC server. If not set
       - then the value of the C(ONE_PASSWORD) environment variable is used.
+    type: str
   ids:
     description:
       - A list of images ids whose facts you want to gather.
     aliases: ['id']
+    type: list
   name:
     description:
       - A C(name) of the image whose facts will be gathered.
@@ -59,6 +63,7 @@ options:
       - which restricts the list of images (whose facts will be returned) whose names match specified regex.
       - Also, if the C(name) begins with '~*' case-insensitive matching will be performed.
       - See examples for more details.
+    type: str
 author:
     - "Milan Ilic (@ilicmilan)"
     - "Jan Meerkamp (@meerkampdvv)"

plugins/modules/cloud/opennebula/one_service.py

@@ -36,24 +36,31 @@ options:
       - URL of the OpenNebula OneFlow API server.
       - It is recommended to use HTTPS so that the username/password are not transferred over the network unencrypted.
       - If not set then the value of the ONEFLOW_URL environment variable is used.
+    type: str
   api_username:
     description:
       - Name of the user to login into the OpenNebula OneFlow API server. If not set then the value of the C(ONEFLOW_USERNAME) environment variable is used.
+    type: str
   api_password:
     description:
       - Password of the user to login into OpenNebula OneFlow API server. If not set then the value of the C(ONEFLOW_PASSWORD) environment variable is used.
+    type: str
   template_name:
     description:
       - Name of service template to use to create a new instance of a service
+    type: str
   template_id:
     description:
       - ID of a service template to use to create a new instance of a service
+    type: int
   service_id:
     description:
       - ID of a service instance that you would like to manage
+    type: int
   service_name:
     description:
       - Name of a service instance that you would like to manage
+    type: str
   unique:
     description:
       - Setting C(unique=yes) will make sure that there is only one service instance running with a name set with C(service_name) when
@@ -66,15 +73,19 @@ options:
       - C(absent) - terminate an instance of a service specified with C(service_id)/C(service_name).
     choices: ["present", "absent"]
     default: present
+    type: str
   mode:
     description:
       - Set permission mode of a service instance in octet format, e.g. C(600) to give owner C(use) and C(manage) and nothing to group and others.
+    type: str
   owner_id:
     description:
       - ID of the user which will be set as the owner of the service
+    type: int
   group_id:
     description:
       - ID of the group which will be set as the group of the service
+    type: int
   wait:
     description:
       - Wait for the instance to reach RUNNING state after DEPLOYING or COOLDOWN state after SCALING
@@ -84,16 +95,20 @@ options:
     description:
       - How long before wait gives up, in seconds
     default: 300
+    type: int
   custom_attrs:
     description:
       - Dictionary of key/value custom attributes which will be used when instantiating a new service.
     default: {}
+    type: dict
   role:
     description:
       - Name of the role whose cardinality should be changed
+    type: str
   cardinality:
     description:
       - Number of VMs for the specified role
+    type: int
   force:
     description:
       - Force the new cardinality even if it is outside the limits

plugins/modules/cloud/opennebula/one_vm.py

@@ -40,10 +40,12 @@ options:
       - It is recommended to use HTTPS so that the username/password are not
       - transferred over the network unencrypted.
       - If not set then the value of the C(ONE_URL) environment variable is used.
+    type: str
   api_username:
     description:
       - Name of the user to login into the OpenNebula RPC server. If not set
       - then the value of the C(ONE_USERNAME) environment variable is used.
+    type: str
   api_password:
     description:
       - Password of the user to login into OpenNebula RPC server. If not set
@@ -51,20 +53,25 @@ options:
       - if both I(api_username) or I(api_password) are not set, then it will try
       - authenticate with ONE auth file. Default path is "~/.one/one_auth".
       - Set environment variable C(ONE_AUTH) to override this path.
+    type: str
   template_name:
     description:
       - Name of VM template to use to create a new instace
+    type: str
   template_id:
     description:
       - ID of a VM template to use to create a new instance
+    type: int
   vm_start_on_hold:
     description:
       - Set to true to put vm on hold while creating
     default: False
+    type: bool
   instance_ids:
     description:
       - A list of instance ids used for states':' C(absent), C(running), C(rebooted), C(poweredoff)
     aliases: ['ids']
+    type: list
   state:
     description:
       - C(present) - create instances from a template specified with C(template_id)/C(template_name).
@@ -74,6 +81,7 @@ options:
       - C(absent) - terminate instances
     choices: ["present", "absent", "running", "rebooted", "poweredoff"]
     default: present
+    type: str
   hard:
     description:
       - Reboot, power-off or terminate instances C(hard)
@@ -92,6 +100,7 @@ options:
     description:
       - How long before wait gives up, in seconds
     default: 300
+    type: int
   attributes:
     description:
       - A dictionary of key/value attributes to add to new instances, or for
@@ -104,61 +113,75 @@ options:
       - When used with C(count_attributes) and C(exact_count) the module will
       - match the base name without the index part.
     default: {}
+    type: dict
   labels:
     description:
       - A list of labels to associate with new instances, or for setting
       - C(state) of instances with these labels.
     default: []
+    type: list
   count_attributes:
     description:
       - A dictionary of key/value attributes that can only be used with
       - C(exact_count) to determine how many nodes based on a specific
       - attributes criteria should be deployed. This can be expressed in
       - multiple ways and is shown in the EXAMPLES section.
+    type: dict
   count_labels:
     description:
       - A list of labels that can only be used with C(exact_count) to determine
       - how many nodes based on a specific labels criteria should be deployed.
       - This can be expressed in multiple ways and is shown in the EXAMPLES
       - section.
+    type: list
   count:
     description:
       - Number of instances to launch
     default: 1
+    type: int
   exact_count:
     description:
       - Indicates how many instances that match C(count_attributes) and
       - C(count_labels) parameters should be deployed. Instances are either
       - created or terminated based on this value.
       - NOTE':' Instances with the least IDs will be terminated first.
+    type: int
   mode:
     description:
       - Set permission mode of the instance in octet format, e.g. C(600) to give owner C(use) and C(manage) and nothing to group and others.
+    type: str
   owner_id:
     description:
       - ID of the user which will be set as the owner of the instance
+    type: int
   group_id:
     description:
       - ID of the group which will be set as the group of the instance
+    type: int
   memory:
     description:
       - The size of the memory for new instances (in MB, GB, ...)
+    type: str
   disk_size:
     description:
       - The size of the disk created for new instances (in MB, GB, TB,...).
       - NOTE':' If The Template hats Multiple Disks the Order of the Sizes is
       - matched against the order specified in C(template_id)/C(template_name).
+    type: list
   cpu:
     description:
       - Percentage of CPU divided by 100 required for the new instance. Half a
       - processor is written 0.5.
+    type: float
   vcpu:
     description:
       - Number of CPUs (cores) new VM will have.
+    type: int
   networks:
     description:
       - A list of dictionaries with network parameters. See examples for more details.
     default: []
+    type: list
   disk_saveas:
     description:
       - Creates an image from a VM disk.
@@ -167,6 +190,7 @@ options:
       - I(NOTE)':' This operation will only be performed on the first VM (if more than one VM ID is passed)
       - and the VM has to be in the C(poweredoff) state.
       - Also this operation will fail if an image with specified C(name) already exists.
+    type: dict
   persistent:
     description:
       - Create a private persistent copy of the template plus any image defined in DISK, and instantiate that copy.
@@ -177,10 +201,12 @@ options:
     description:
       - Name of Datastore to use to create a new instace
     version_added: '0.2.0'
+    type: int
   datastore_name:
     description:
       - Name of Datastore to use to create a new instace
     version_added: '0.2.0'
+    type: str
 author:
     - "Milan Ilic (@ilicmilan)"
     - "Jan Meerkamp (@meerkampdvv)"

plugins/modules/cloud/oracle/oci_vcn.py

@@ -128,7 +128,7 @@ def update_vcn(virtual_network_client, module):
         primitive_params_update=["vcn_id"],
         kwargs_non_primitive_update={UpdateVcnDetails: "update_vcn_details"},
         module=module,
-        update_attributes=UpdateVcnDetails().attribute_map.keys(),
+        update_attributes=list(UpdateVcnDetails().attribute_map.keys()),
     )
     return result
 

plugins/modules/cloud/ovirt/ovirt_external_provider_facts.py

@@ -43,9 +43,11 @@ options:
             - "Type of the external provider."
         choices: ['os_image', 'os_network', 'os_volume', 'foreman']
         required: true
+        type: str
     name:
         description:
             - "Name of the external provider, can be used as glob expression."
+        type: str
 extends_documentation_fragment:
 - community.general.ovirt_facts
 
@@ -110,11 +112,8 @@ def main():
     argument_spec = ovirt_info_full_argument_spec(
         name=dict(default=None, required=False),
         type=dict(
-            default=None,
             required=True,
-            choices=[
-                'os_image', 'os_network', 'os_volume', 'foreman',
-            ],
+            choices=['os_image', 'os_network', 'os_volume', 'foreman'],
             aliases=['provider'],
         ),
     )

plugins/modules/cloud/ovirt/ovirt_scheduling_policy_facts.py

@@ -41,7 +41,6 @@ options:
     id:
         description:
             - "ID of the scheduling policy."
-        required: true
     name:
         description:
             - "Name of the scheduling policy, can be used as glob expression."
@@ -77,7 +76,6 @@ ovirt_scheduling_policies:
 import fnmatch
 import traceback
 
-from ansible.module_utils.common.removed import removed_module
 from ansible.module_utils.basic import AnsibleModule
 from ansible_collections.community.general.plugins.module_utils._ovirt import (
     check_sdk,

plugins/modules/cloud/ovirt/ovirt_tag_facts.py

@@ -137,17 +137,13 @@ def main():
             host = search_by_name(hosts_service, module.params['host'])
             if host is None:
                 raise Exception("Host '%s' was not found." % module.params['host'])
-            tags.extend([
-                tag for tag in hosts_service.host_service(host.id).tags_service().list()
-            ])
+            tags.extend(hosts_service.host_service(host.id).tags_service().list())
         if module.params['vm']:
             vms_service = connection.system_service().vms_service()
             vm = search_by_name(vms_service, module.params['vm'])
             if vm is None:
                 raise Exception("Vm '%s' was not found." % module.params['vm'])
-            tags.extend([
-                tag for tag in vms_service.vm_service(vm.id).tags_service().list()
-            ])
+            tags.extend(vms_service.vm_service(vm.id).tags_service().list())
 
         if not (module.params['vm'] or module.params['host'] or module.params['name']):
             tags = all_tags

plugins/modules/cloud/packet/packet_device.py

@@ -31,20 +31,25 @@ options:
   auth_token:
     description:
       - Packet API token. You can also supply it in env var C(PACKET_API_TOKEN).
+    type: str
 
   count:
     description:
       - The number of devices to create. Count number can be included in hostname via the %d string formatter.
     default: 1
+    type: int
 
   count_offset:
     description:
       - From which number to start the count.
     default: 1
+    type: int
 
   device_ids:
     description:
       - List of device IDs on which to operate.
+    type: list
+    elements: str
 
   tags:
     description:
@@ -57,10 +62,12 @@ options:
   facility:
     description:
       - Facility slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/facilities/).
+    type: str
 
   features:
     description:
       - Dict with "features" for device creation. See Packet API docs for details.
+    type: dict
 
   hostnames:
     description:
@@ -68,6 +75,8 @@ options:
       - If given string or one-item list, you can use the C("%d") Python string format to expand numbers from I(count).
       - If only one hostname, it might be expanded to list if I(count)>1.
     aliases: [name]
+    type: list
+    elements: str
 
   locked:
     description:
@@ -79,15 +88,18 @@ options:
   operating_system:
     description:
       - OS slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/operatingsystems/).
+    type: str
 
   plan:
     description:
       - Plan slug for device creation. See Packet API for current list - U(https://www.packet.net/developers/api/plans/).
+    type: str
 
   project_id:
     description:
       - ID of project of the device.
     required: true
+    type: str
 
   state:
     description:
@@ -96,10 +108,12 @@ options:
       - If set to C(active), the module call will block until all the specified devices are in state active due to the Packet API, or until I(wait_timeout).
     choices: [present, absent, active, inactive, rebooted]
     default: present
+    type: str
 
   user_data:
     description:
       - Userdata blob made available to the machine
+    type: str
 
   wait_for_public_IPv:
     description:
@@ -107,16 +121,21 @@ options:
       - If set to 4, it will wait until IPv4 is assigned to the instance.
       - If set to 6, wait until public IPv6 is assigned to the instance.
     choices: [4,6]
+    type: int
 
   wait_timeout:
     description:
       - How long (seconds) to wait either for automatic IP address assignment, or for the device to reach the C(active) I(state).
       - If I(wait_for_public_IPv) is set and I(state) is C(active), the module will wait for both events consequently, applying the timeout twice.
     default: 900
+    type: int
+
   ipxe_script_url:
     description:
       - URL of custom iPXE script for provisioning.
       - More about custom iPXE for Packet devices at U(https://help.packet.net/technical/infrastructure/custom-ipxe).
+    type: str
+
   always_pxe:
     description:
       - Persist PXE as the first boot option.
@@ -601,10 +620,10 @@ def main():
                             no_log=True),
             count=dict(type='int', default=1),
             count_offset=dict(type='int', default=1),
-            device_ids=dict(type='list'),
+            device_ids=dict(type='list', elements='str'),
             facility=dict(),
             features=dict(type='dict'),
-            hostnames=dict(type='list', aliases=['name']),
+            hostnames=dict(type='list', elements='str', aliases=['name']),
             tags=dict(type='list', elements='str'),
             locked=dict(type='bool', default=False, aliases=['lock']),
             operating_system=dict(),

plugins/modules/cloud/packet/packet_ip_subnet.py

@@ -48,7 +48,6 @@ options:
   project_id:
     description:
       - UUID of a project of the device to/from which to assign/remove a subnet.
-    required: True
     type: str
 
   device_count:
@@ -63,6 +62,7 @@ options:
       - IPv4 or IPv6 subnet which you want to manage. It must come from a reserved block for your project in the Packet Host.
     aliases: [name]
     type: str
+    required: true
 
   state:
     description:

plugins/modules/cloud/packet/packet_volume_attachment.py

@@ -45,6 +45,7 @@ options:
     description:
       - UUID of the project to which the device and volume belong.
     type: str
+    required: true
 
   volume:
     description:
@@ -52,6 +53,7 @@ options:
       - It can be a UUID, an API-generated volume name, or user-defined description string.
       - 'Example values: 4a347482-b546-4f67-8300-fb5018ef0c5, volume-4a347482, "my volume"'
     type: str
+    required: true
 
   device:
     description:

plugins/modules/cloud/profitbricks/profitbricks_nic.py

@@ -17,13 +17,16 @@ options:
     description:
       - The datacenter in which to operate.
     type: str
+    required: true
   server:
     description:
       - The server name or ID.
     type: str
+    required: true
   name:
     description:
       - The name or ID of the NIC. This is only required on deletes, but not on create.
+      - If not specified, it defaults to a value based on UUID4.
     type: str
   lan:
     description:
@@ -33,12 +36,12 @@ options:
     description:
       - The ProfitBricks username. Overrides the PB_SUBSCRIPTION_ID environment variable.
     type: str
-    required: false
+    required: true
   subscription_password:
     description:
       - THe ProfitBricks password. Overrides the PB_PASSWORD environment variable.
     type: str
-    required: false
+    required: true
   wait:
     description:
       - wait for the operation to complete before returning
@@ -97,6 +100,10 @@ uuid_match = re.compile(
     r'[\w]{8}-[\w]{4}-[\w]{4}-[\w]{4}-[\w]{12}', re.I)
 
 
+def _make_default_name():
+    return str(uuid.uuid4()).replace('-', '')[:10]
+
+
 def _wait_for_completion(profitbricks, promise, wait_timeout, msg):
     if not promise:
         return
@@ -134,6 +141,8 @@ def create_nic(module, profitbricks):
     server = module.params.get('server')
     lan = module.params.get('lan')
     name = module.params.get('name')
+    if name is None:
+        name = _make_default_name()
     wait = module.params.get('wait')
     wait_timeout = module.params.get('wait_timeout')
 
@@ -184,6 +193,8 @@ def delete_nic(module, profitbricks):
     datacenter = module.params.get('datacenter')
     server = module.params.get('server')
     name = module.params.get('name')
+    if name is None:
+        name = _make_default_name()
 
     # Locate UUID for Datacenter
     if not (uuid_match.match(datacenter)):
@@ -230,30 +241,25 @@ def delete_nic(module, profitbricks):
 def main():
     module = AnsibleModule(
         argument_spec=dict(
-            datacenter=dict(),
-            server=dict(),
-            name=dict(default=str(uuid.uuid4()).replace('-', '')[:10]),  # @FIXME please do not do that
+            datacenter=dict(required=True),
+            server=dict(required=True),
+            name=dict(),
             lan=dict(),
-            subscription_user=dict(),
-            subscription_password=dict(no_log=True),
+            subscription_user=dict(required=True),
+            subscription_password=dict(required=True, no_log=True),
             wait=dict(type='bool', default=True),
             wait_timeout=dict(type='int', default=600),
             state=dict(default='present'),
+        ),
+        required_if=(
+            ('state', 'absent', ['name']),
+            ('state', 'present', ['lan']),
         )
     )
 
     if not HAS_PB_SDK:
         module.fail_json(msg='profitbricks required for this module')
 
-    if not module.params.get('subscription_user'):   # @ FIXME use required in argument_spec, same for lines below
-        module.fail_json(msg='subscription_user parameter is required')
-    if not module.params.get('subscription_password'):
-        module.fail_json(msg='subscription_password parameter is required')
-    if not module.params.get('datacenter'):
-        module.fail_json(msg='datacenter parameter is required')
-    if not module.params.get('server'):
-        module.fail_json(msg='server parameter is required')
-
     subscription_user = module.params.get('subscription_user')
     subscription_password = module.params.get('subscription_password')
 
@@ -264,9 +270,6 @@ def main():
     state = module.params.get('state')
 
     if state == 'absent':
-        if not module.params.get('name'):
-            module.fail_json(msg='name parameter is required')
-
         try:
             (changed) = delete_nic(module, profitbricks)
             module.exit_json(changed=changed)
@@ -274,9 +277,6 @@ def main():
             module.fail_json(msg='failed to set nic state: %s' % str(e))
 
     elif state == 'present':
-        if not module.params.get('lan'):
-            module.fail_json(msg='lan parameter is required')
-
         try:
             (nic_dict) = create_nic(module, profitbricks)
             module.exit_json(nics=nic_dict)  # @FIXME changed not calculated?

plugins/modules/cloud/pubnub/pubnub_blocks.py

@@ -111,6 +111,7 @@ options:
     required: false
     default: []
     type: list
+    elements: dict
   changes:
     description:
       - "List of fields which should be changed by block itself (doesn't
@@ -552,7 +553,7 @@ def main():
         state=dict(default='present', type='str',
                    choices=['started', 'stopped', 'present', 'absent']),
         name=dict(required=True, type='str'), description=dict(type='str'),
-        event_handlers=dict(default=list(), type='list'),
+        event_handlers=dict(default=list(), type='list', elements='dict'),
         changes=dict(default=dict(), type='dict'),
         cache=dict(default=dict(), type='dict'),
         validate_certs=dict(default=True, type='bool'))

plugins/modules/cloud/rackspace/rax_clb_ssl.py

@@ -238,7 +238,7 @@ def main():
         loadbalancer=dict(required=True),
         state=dict(default='present', choices=['present', 'absent']),
         enabled=dict(type='bool', default=True),
-        private_key=dict(),
+        private_key=dict(no_log=True),
         certificate=dict(),
         intermediate_certificate=dict(),
         secure_port=dict(type='int', default=443),

plugins/modules/cloud/scaleway/scaleway_compute.py

@@ -85,6 +85,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 
   commercial_type:
     type: str

plugins/modules/cloud/scaleway/scaleway_database_backup.py

@@ -44,6 +44,7 @@ options:
     choices:
         - fr-par
         - nl-ams
+        - pl-waw
 
   id:
     description:

plugins/modules/cloud/scaleway/scaleway_image_facts.py

@@ -35,6 +35,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 '''
 
 EXAMPLES = r'''

plugins/modules/cloud/scaleway/scaleway_image_info.py

@@ -32,6 +32,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 '''
 
 EXAMPLES = r'''

plugins/modules/cloud/scaleway/scaleway_ip.py

@@ -46,6 +46,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 
   id:
     type: str

plugins/modules/cloud/scaleway/scaleway_ip_facts.py

@@ -34,6 +34,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 '''
 
 EXAMPLES = r'''

plugins/modules/cloud/scaleway/scaleway_ip_info.py

@@ -30,6 +30,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 '''
 
 EXAMPLES = r'''

plugins/modules/cloud/scaleway/scaleway_lb.py

@@ -59,6 +59,7 @@ options:
     choices:
       - nl-ams
       - fr-par
+      - pl-waw
 
   tags:
     type: list

plugins/modules/cloud/scaleway/scaleway_security_group.py

@@ -46,6 +46,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 
   name:
     description:

plugins/modules/cloud/scaleway/scaleway_security_group_facts.py

@@ -31,6 +31,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 extends_documentation_fragment:
 - community.general.scaleway
 

plugins/modules/cloud/scaleway/scaleway_security_group_info.py

@@ -27,6 +27,10 @@ options:
       - EMEA-NL-EVS
       - par1
       - EMEA-FR-PAR1
+      - par2
+      - EMEA-FR-PAR2
+      - waw1
+      - EMEA-PL-WAW1
 extends_documentation_fragment:
 - community.general.scaleway