Release 1.3.10.

(cherry picked from commit 5195536bd8)

Co-authored-by: Felix Fontein <felix@fontein.de>

.azure-pipelines/azure-pipelines.yml

@@ -36,20 +36,20 @@ variables:
 resources:
   containers:
     - container: default
-      image: quay.io/ansible/azure-pipelines-test-container:1.8.0
+      image: quay.io/ansible/azure-pipelines-test-container:1.9.0
 
 pool: Standard
 
 stages:
 ### Sanity
-  - stage: Sanity_devel
-    displayName: Sanity devel
+  - stage: Sanity_2_11
+    displayName: Sanity 2.11
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
         parameters:
           nameFormat: Test {0}
-          testFormat: devel/sanity/{0}
+          testFormat: 2.11/sanity/{0}
           targets:
             - test: 1
             - test: 2
@@ -83,14 +83,14 @@ stages:
             - test: 3
             - test: 4
 ### Units
-  - stage: Units_devel
-    displayName: Units devel
+  - stage: Units_2_11
+    displayName: Units 2.11
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
         parameters:
           nameFormat: Python {0}
-          testFormat: devel/units/{0}/1
+          testFormat: 2.11/units/{0}/1
           targets:
             - test: 2.6
             - test: 2.7
@@ -132,13 +132,13 @@ stages:
             - test: 3.8
 
 ## Remote
-  - stage: Remote_devel
-    displayName: Remote devel
+  - stage: Remote_2_11
+    displayName: Remote 2.11
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
         parameters:
-          testFormat: devel/{0}
+          testFormat: 2.11/{0}
           targets:
             - name: macOS 11.1
               test: macos/11.1
@@ -196,13 +196,13 @@ stages:
             - 2
 
 ### Docker
-  - stage: Docker_devel
-    displayName: Docker devel
+  - stage: Docker_2_11
+    displayName: Docker 2.11
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
         parameters:
-          testFormat: devel/linux/{0}
+          testFormat: 2.11/linux/{0}
           targets:
             - name: CentOS 6
               test: centos6
@@ -270,14 +270,14 @@ stages:
             - 5
 
 ### Cloud
-  - stage: Cloud_devel
-    displayName: Cloud devel
+  - stage: Cloud_2_11
+    displayName: Cloud 2.11
     dependsOn: []
     jobs:
       - template: templates/matrix.yml
         parameters:
           nameFormat: Python {0}
-          testFormat: devel/cloud/{0}/1
+          testFormat: 2.11/cloud/{0}/1
           targets:
             - test: 2.7
             - test: 3.6
@@ -304,19 +304,19 @@ stages:
   - stage: Summary
     condition: succeededOrFailed()
     dependsOn:
-      - Sanity_devel
+      - Sanity_2_11
       - Sanity_2_9
       - Sanity_2_10
-      - Units_devel
+      - Units_2_11
       - Units_2_9
       - Units_2_10
-      - Remote_devel
+      - Remote_2_11
       - Remote_2_9
       - Remote_2_10
-      - Docker_devel
+      - Docker_2_11
       - Docker_2_9
       - Docker_2_10
-      - Cloud_devel
+      - Cloud_2_11
       - Cloud_2_9
       - Cloud_2_10
     jobs:

.github/BOTMETA.yml

@@ -1,5 +1,7 @@
 automerge: true
 files:
+  plugins/:
+    supershipit: aminvakil russoz
   changelogs/fragments/:
     support: community
   $actions:
@@ -106,6 +108,8 @@ files:
     maintainers: $team_linode
     labels: cloud linode
     keywords: linode dynamic inventory script
+  $inventories/proxmox.py:
+    maintainers: $team_virt ilijamt
   $inventories/scaleway.py:
     maintainers: $team_scaleway
     labels: cloud scaleway
@@ -258,6 +262,8 @@ files:
     maintainers: zbal
   $modules/cloud/lxc/lxc_container.py:
     maintainers: cloudnull
+  $modules/cloud/lxc/lxc_profile.py:
+    maintainers: conloos
   $modules/cloud/lxd/:
     ignore: hnakamur
   $modules/cloud/memset/:
@@ -373,6 +379,7 @@ files:
     maintainers: bvitnik
   $modules/clustering/consul/:
     maintainers: $team_consul
+    ignore: colin-nolan
   $modules/clustering/etcd3.py:
     maintainers: evrardjp
     ignore: vfauth
@@ -523,7 +530,7 @@ files:
   $modules/net_tools/dnsmadeeasy.py:
     maintainers: briceburg
   $modules/net_tools/haproxy.py:
-    maintainers: ravibhure
+    maintainers: ravibhure Normo
   $modules/net_tools/hetzner_failover_ip.py:
     maintainers: felixfontein
   $modules/net_tools/hetzner_failover_ip_info.py:
@@ -821,7 +828,7 @@ files:
   $modules/remote_management/oneview/oneview_fcoe_network.py:
     maintainers: fgbulsoni
   $modules/remote_management/redfish/:
-    maintainers: $team_redfish billdodd
+    maintainers: $team_redfish
     ignore: jose-delarosa
   $modules/remote_management/stacki/stacki_host.py:
     maintainers: bsanders bbyhuy
@@ -846,6 +853,8 @@ files:
     ignore: erydo
   $modules/source_control/github/github_release.py:
     maintainers: adrianmoisey
+  $modules/source_control/github/github_repo.py:
+    maintainers: atorrescogollo
   $modules/source_control/github/:
     maintainers: stpierre
   $modules/source_control/gitlab/:
@@ -929,7 +938,7 @@ files:
   $modules/system/iptables_state.py:
     maintainers: quidame
   $modules/system/java_cert.py:
-    maintainers: haad
+    maintainers: haad absynth76
   $modules/system/java_keystore.py:
     maintainers: Mogztter
   $modules/system/kernel_blacklist.py:
@@ -1012,7 +1021,7 @@ files:
     maintainers: ahtik ovcharenko pyykkis
     labels: ufw
   $modules/system/vdo.py:
-    maintainers: bgurney-rh
+    maintainers: rhawalsh
   $modules/system/xfconf.py:
     maintainers: russoz jbenden
     labels: xfconf
@@ -1097,31 +1106,31 @@ macros:
   terminals: plugins/terminal
   team_aix: MorrisA bcoca d-little flynn1973 gforster kairoaraujo marvin-sinister mator molekuul ramooncamacho wtcross
   team_bsd: JoergFiedler MacLemon bcoca dch jasperla mekanix opoplawski overhacked tuxillo
-  team_consul: colin-nolan sgargan
+  team_consul: sgargan
   team_cyberark_conjur: jvanderhoof ryanprior
   team_docker: DBendit WojciechowskiPiotr akshay196 danihodovic dariko felixfontein jwitko kassiansun tbouvet chouseknecht
   team_e_spirit: MatrixCrawler getjack
   team_flatpak: JayKayy oolongbrothers
-  team_gitlab: Lunik Shaps dj-wasabi marwatk waheedi zanssa scodeman
+  team_gitlab: Lunik Shaps dj-wasabi marwatk waheedi zanssa scodeman metanovii
   team_google: erjohnso rambleraptor
   team_hpux: bcoca davx8342
   team_huawei: QijunPan TommyLike edisonxiang freesky-edward hwDCN niuzhenguo xuxiaowei0512 yanzhangi zengchen1024 zhongjun2
-  team_ipa: Akasurde Nosmoht fxfitz
+  team_ipa: Akasurde Nosmoht fxfitz justchris1
   team_jboss: Wolfant jairojunior wbrefvem
   team_keycloak: eikef ndclt
   team_kubevirt: machacekondra mmazur pkliczewski
-  team_linode: InTheCloudDan decentral1se displague rmcintosh
+  team_linode: InTheCloudDan decentral1se displague rmcintosh Charliekenney23 LBGarber
   team_macos: Akasurde kyleabenson martinm82 danieljaouen indrajitr
   team_manageiq: abellotti cben gtanzillo yaacov zgalor dkorn evertmulder
   team_netapp: amit0701 carchi8py hulquest lmprice lonico ndswartz schmots1
   team_networking: NilashishC Qalthos danielmellado ganeshrn justjais trishnaguha sganesh-infoblox privateip
-  team_opennebula: ilicmilan meerkampdvv rsmontero xorel
+  team_opennebula: ilicmilan meerkampdvv rsmontero xorel nilsding
   team_oracle: manojmeda mross22 nalsaber
   team_postgresql: Andersson007 Dorn- andytom jbscalia kostiantyn-nemchenko matburt nerzhul sebasmannem tcraxs ilicmilan
   team_purestorage: bannaych dnix101 genegr lionmax opslounge raekins sdodsley sile16
-  team_redfish: billdodd mraineri tomasg2012
+  team_redfish: mraineri tomasg2012 xmadsen renxulei
   team_rhn: FlossWare alikins barnabycourt vritant
   team_scaleway: QuentinBrosse abarbare jerome-quere kindermoumoute remyleone sieben
   team_solaris: bcoca fishman jasperla jpdasma mator scathatheworm troy2914 xen0l
   team_suse: commel dcermak evrardjp lrupp toabctl AnderEnder alxgu andytom
-  team_virt: joshainglis karmab Aversiste
+  team_virt: joshainglis karmab tleguern Thulium-Drake Ajpantuso

CHANGELOG.rst

@@ -5,6 +5,141 @@ Community General Release Notes
 .. contents:: Topics
 
 
+v1.3.10
+=======
+
+Release Summary
+---------------
+
+Last regular bugfix release. There will only be new bugfix releases for security fixes and major bugfixes.
+
+Minor Changes
+-------------
+
+- atomic_container - using ``get_bin_path()`` before calling ``run_command()`` (https://github.com/ansible-collections/community.general/pull/2144).
+- atomic_host - using ``get_bin_path()`` before calling ``run_command()`` (https://github.com/ansible-collections/community.general/pull/2144).
+- atomic_image - using ``get_bin_path()`` before calling ``run_command()`` (https://github.com/ansible-collections/community.general/pull/2144).
+- beadm - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- bitbucket_pipeline_variable - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+- hiera lookup - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- ipwcli_dns - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- known_hosts module utils - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- nictagadm - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- ovh_ip_failover - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+- rhevm - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+- smartos_image_info - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- svr4pkg - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- xattr - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- zfs_facts - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+- zpool_facts - minor refactor converting multiple statements to a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+
+Security Fixes
+--------------
+
+- java_keystore - pass secret to keytool through an environment variable to not expose it as a commandline argument (https://github.com/ansible-collections/community.general/issues/1668).
+
+Bugfixes
+--------
+
+- dimensiondata_network - bug when formatting message, instead of % a simple comma was used (https://github.com/ansible-collections/community.general/pull/2139).
+- funcd connection plugin - can now load (https://github.com/ansible-collections/community.general/pull/2235).
+- haproxy - fix a bug preventing haproxy from properly entering ``DRAIN`` mode (https://github.com/ansible-collections/community.general/issues/1913).
+- hiera lookup plugin - converts the return type of plugin to unicode string (https://github.com/ansible-collections/community.general/pull/2329).
+- ipa_user - allow ``sshpubkey`` to permit multiple word comments (https://github.com/ansible-collections/community.general/pull/2159).
+- java_keystore - improve error handling and return ``cmd`` as documented. Force ``LANG``, ``LC_ALL`` and ``LC_MESSAGES`` environment variables to ``C`` to rely on ``keytool`` output parsing. Fix pylint's ``unused-variable`` and ``no-else-return`` hints (https://github.com/ansible-collections/community.general/pull/2183).
+- java_keystore - use tempfile lib to create temporary files with randomized names, and remove the temporary PKCS#12 keystore as well as other materials (https://github.com/ansible-collections/community.general/issues/1667).
+- jenkins_plugin - fixes Python 2 compatibility issue (https://github.com/ansible-collections/community.general/pull/2340).
+- kibana_plugin - added missing parameter to ``remove_plugin`` when using ``state=present force=true``, and fix potential quoting errors when invoking ``kibana`` (https://github.com/ansible-collections/community.general/pull/2143).
+- module_helper module utils - fixed decorator ``cause_changes`` (https://github.com/ansible-collections/community.general/pull/2203).
+- nmap inventory plugin - fix cache and constructed group support (https://github.com/ansible-collections/community.general/issues/2242).
+- pkgutil - fixed calls to ``list.extend()`` (https://github.com/ansible-collections/community.general/pull/2161).
+- terraform - fix issue that cause the destroy to fail because from Terraform 0.15 on, the ``terraform destroy -force`` option is replaced with ``terraform destroy -auto-approve`` (https://github.com/ansible-collections/community.general/issues/2247).
+- terraform - fix issue that cause the execution fail because from Terraform 0.15 on, the ``-var`` and ``-var-file`` options are no longer available on ``terraform validate`` (https://github.com/ansible-collections/community.general/pull/2246).
+- terraform - remove uses of ``use_unsafe_shell=True`` (https://github.com/ansible-collections/community.general/pull/2246).
+- vmadm - correct type of list elements in ``resolvers`` parameter (https://github.com/ansible-collections/community.general/issues/2135).
+- xfconf - module was not honoring check mode when ``state`` was ``absent`` (https://github.com/ansible-collections/community.general/pull/2185).
+- zypper, zypper_repository - respect ``PATH`` environment variable when resolving zypper executable path (https://github.com/ansible-collections/community.general/pull/2094).
+
+v1.3.9
+======
+
+Release Summary
+---------------
+
+Fixes compatibility issues with the latest ansible-core 2.11 beta, and some more bugs.
+
+Minor Changes
+-------------
+
+- Restrict dependency to community.kubernetes to < 2.0.0, since community.general will no longer work with the latest git version of community.kubernetes (https://github.com/ansible-collections/community.general/pull/2087).
+
+Bugfixes
+--------
+
+- nios* modules - fix modules to work with ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/2057).
+- redfish_config module, redfish_utils module utils - fix IndexError in ``SetManagerNic`` command (https://github.com/ansible-collections/community.general/issues/1692).
+- scaleway inventory plugin - fix pagination on scaleway inventory plugin (https://github.com/ansible-collections/community.general/pull/2036).
+- stacki_host - replaced ``default`` to environment variables with ``fallback`` to them (https://github.com/ansible-collections/community.general/pull/2072).
+
+v1.3.8
+======
+
+Release Summary
+---------------
+
+Security bugfix and regular bugfix release.
+
+Minor Changes
+-------------
+
+- bundler - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- consul - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- consul_acl - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- consul_session - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- datadog_monitor - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- oneandone_firewall_policy - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- oneandone_load_balancer - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- oneandone_monitoring_policy - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- oneandone_private_network - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- oneandone_server - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- profitbricks - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- profitbricks_volume - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- sensu_check - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- sensu_client - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- sensu_handler - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- webfaction_domain - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+- webfaction_site - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+
+Breaking Changes / Porting Guide
+--------------------------------
+
+- docker_swarm - if ``join_token`` is specified, a returned join token with the same value will be replaced by ``VALUE_SPECIFIED_IN_NO_LOG_PARAMETER``. Make sure that you do not blindly use the join tokens from the return value of this module when the module is invoked with ``join_token`` specified! This breaking change appears in a minor release since it is necessary to fix a security issue (https://github.com/ansible-collections/community.docker/pull/103).
+
+Security Fixes
+--------------
+
+- docker_swarm - the ``join_token`` option is now marked as ``no_log`` so it is no longer written into logs (https://github.com/ansible-collections/community.docker/pull/103).
+- na_cdot_user - mark the ``set_password`` parameter as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/2018).
+- sf_account_manager - mark the ``initiator_secret`` and ``target_secret`` parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/2018).
+
+Bugfixes
+--------
+
+- Mark various module options with ``no_log=False`` which have a name that potentially could leak secrets, but which do not (https://github.com/ansible-collections/community.general/pull/2001).
+- bigpanda - actually use the ``deployment_message`` option (https://github.com/ansible-collections/community.general/pull/1928).
+- cloudforms inventory - fixed issue that non-existing (archived) VMs were synced (https://github.com/ansible-collections/community.general/pull/720).
+- docker_container - fix healthcheck disabling idempotency issue with strict comparison (https://github.com/ansible-collections/community.docker/issues/85).
+- docker_image - prevent module failure when removing image that is removed between inspection and removal (https://github.com/ansible-collections/community.docker/pull/87).
+- docker_image - prevent module failure when removing non-existant image by ID (https://github.com/ansible-collections/community.docker/pull/87).
+- docker_image_info - prevent module failure when image vanishes between listing and inspection (https://github.com/ansible-collections/community.docker/pull/87).
+- docker_image_info - prevent module failure when querying non-existant image by ID (https://github.com/ansible-collections/community.docker/pull/87).
+- nmcli - ensure the ``slave-type`` option is passed to ``nmcli`` for type ``bond-slave`` (https://github.com/ansible-collections/community.general/pull/1882).
+- proxmox - removed requirement that root password is provided when containter state is ``present`` (https://github.com/ansible-collections/community.general/pull/1999).
+- proxmox inventory - added handling of extra trailing slashes in the URL (https://github.com/ansible-collections/community.general/pull/1914).
+- proxmox inventory - exclude qemu templates from inclusion to the inventory via pools (https://github.com/ansible-collections/community.general/issues/1986, https://github.com/ansible-collections/community.general/pull/1991).
+- xfs_quota - the feedback for initializing project quota using xfs_quota binary from ``xfsprogs`` has changed since the version it was written for (https://github.com/ansible-collections/community.general/pull/1596).
+- zfs - some ZFS properties could be passed when the dataset/volume did not exist, but would fail if the dataset already existed, even if the property matched what was specified in the ansible task (https://github.com/ansible-collections/community.general/issues/868, https://github.com/ansible-collections/community.general/pull/1833).
+
 v1.3.7
 ======
 

README.md

@@ -9,7 +9,7 @@ You can find [documentation for this collection on the Ansible docs site](https:
 
 ## Tested with Ansible
 
-Tested with the current Ansible 2.9 and 2.10 releases and the current development version of Ansible. Ansible versions before 2.9.10 are not supported.
+Tested with the current Ansible 2.9, ansible-base 2.10 and ansible-core 2.11 releases. Ansible versions before 2.9.10 are not supported.
 
 ## External requirements
 

changelogs/changelog.yaml

@@ -1627,6 +1627,98 @@ releases:
     - fix_parsing_array_values_in_osx_defaults.yml
     - nios_host_record-fix-aliases-removal.yml
     release_date: '2020-12-21'
+  1.3.10:
+    changes:
+      bugfixes:
+      - dimensiondata_network - bug when formatting message, instead of % a simple
+        comma was used (https://github.com/ansible-collections/community.general/pull/2139).
+      - funcd connection plugin - can now load (https://github.com/ansible-collections/community.general/pull/2235).
+      - haproxy - fix a bug preventing haproxy from properly entering ``DRAIN`` mode
+        (https://github.com/ansible-collections/community.general/issues/1913).
+      - hiera lookup plugin - converts the return type of plugin to unicode string
+        (https://github.com/ansible-collections/community.general/pull/2329).
+      - ipa_user - allow ``sshpubkey`` to permit multiple word comments (https://github.com/ansible-collections/community.general/pull/2159).
+      - java_keystore - improve error handling and return ``cmd`` as documented. Force
+        ``LANG``, ``LC_ALL`` and ``LC_MESSAGES`` environment variables to ``C`` to
+        rely on ``keytool`` output parsing. Fix pylint's ``unused-variable`` and ``no-else-return``
+        hints (https://github.com/ansible-collections/community.general/pull/2183).
+      - java_keystore - use tempfile lib to create temporary files with randomized
+        names, and remove the temporary PKCS#12 keystore as well as other materials
+        (https://github.com/ansible-collections/community.general/issues/1667).
+      - jenkins_plugin - fixes Python 2 compatibility issue (https://github.com/ansible-collections/community.general/pull/2340).
+      - kibana_plugin - added missing parameter to ``remove_plugin`` when using ``state=present
+        force=true``, and fix potential quoting errors when invoking ``kibana`` (https://github.com/ansible-collections/community.general/pull/2143).
+      - module_helper module utils - fixed decorator ``cause_changes`` (https://github.com/ansible-collections/community.general/pull/2203).
+      - nmap inventory plugin - fix cache and constructed group support (https://github.com/ansible-collections/community.general/issues/2242).
+      - pkgutil - fixed calls to ``list.extend()`` (https://github.com/ansible-collections/community.general/pull/2161).
+      - terraform - fix issue that cause the destroy to fail because from Terraform
+        0.15 on, the ``terraform destroy -force`` option is replaced with ``terraform
+        destroy -auto-approve`` (https://github.com/ansible-collections/community.general/issues/2247).
+      - terraform - fix issue that cause the execution fail because from Terraform
+        0.15 on, the ``-var`` and ``-var-file`` options are no longer available on
+        ``terraform validate`` (https://github.com/ansible-collections/community.general/pull/2246).
+      - terraform - remove uses of ``use_unsafe_shell=True`` (https://github.com/ansible-collections/community.general/pull/2246).
+      - vmadm - correct type of list elements in ``resolvers`` parameter (https://github.com/ansible-collections/community.general/issues/2135).
+      - xfconf - module was not honoring check mode when ``state`` was ``absent``
+        (https://github.com/ansible-collections/community.general/pull/2185).
+      - zypper, zypper_repository - respect ``PATH`` environment variable when resolving
+        zypper executable path (https://github.com/ansible-collections/community.general/pull/2094).
+      minor_changes:
+      - atomic_container - using ``get_bin_path()`` before calling ``run_command()``
+        (https://github.com/ansible-collections/community.general/pull/2144).
+      - atomic_host - using ``get_bin_path()`` before calling ``run_command()`` (https://github.com/ansible-collections/community.general/pull/2144).
+      - atomic_image - using ``get_bin_path()`` before calling ``run_command()`` (https://github.com/ansible-collections/community.general/pull/2144).
+      - beadm - minor refactor converting multiple statements to a single list literal
+        (https://github.com/ansible-collections/community.general/pull/2160).
+      - bitbucket_pipeline_variable - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+      - hiera lookup - minor refactor converting multiple statements to a single list
+        literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - ipwcli_dns - minor refactor converting multiple statements to a single list
+        literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - known_hosts module utils - minor refactor converting multiple statements to
+        a single list literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - nictagadm - minor refactor converting multiple statements to a single list
+        literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - ovh_ip_failover - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+      - rhevm - removed unreachable code (https://github.com/ansible-collections/community.general/pull/2157).
+      - smartos_image_info - minor refactor converting multiple statements to a single
+        list literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - svr4pkg - minor refactor converting multiple statements to a single list literal
+        (https://github.com/ansible-collections/community.general/pull/2160).
+      - xattr - minor refactor converting multiple statements to a single list literal
+        (https://github.com/ansible-collections/community.general/pull/2160).
+      - zfs_facts - minor refactor converting multiple statements to a single list
+        literal (https://github.com/ansible-collections/community.general/pull/2160).
+      - zpool_facts - minor refactor converting multiple statements to a single list
+        literal (https://github.com/ansible-collections/community.general/pull/2160).
+      release_summary: Last regular bugfix release. There will only be new bugfix
+        releases for security fixes and major bugfixes.
+      security_fixes:
+      - java_keystore - pass secret to keytool through an environment variable to
+        not expose it as a commandline argument (https://github.com/ansible-collections/community.general/issues/1668).
+    fragments:
+    - 1.3.10.yml
+    - 1993-haproxy-fix-draining.yml
+    - 2094-bugfix-respect-PATH-env-variable-in-zypper-modules.yaml
+    - 2135-vmadm-resolvers-type-fix.yml
+    - 2139-dimensiondata_network-str-format.yml
+    - 2143-kibana_plugin-fixed-function-calls.yml
+    - 2144-atomic_get_bin_path.yml
+    - 2157-unreachable-code.yml
+    - 2159-ipa-user-sshpubkey-multi-word-comments.yaml
+    - 2160-list-literals.yml
+    - 2161-pkgutil-list-extend.yml
+    - 2163-java_keystore_1667_improve_temp_files_storage.yml
+    - 2177-java_keystore_1668_dont_expose_secrets_on_cmdline.yml
+    - 2183-java_keystore_improve_error_handling.yml
+    - 2185-xfconf-absent-check-mode.yml
+    - 2203-modhelper-cause-changes-deco.yml
+    - 2246-terraform.yaml
+    - 2282-nmap-fix-cache-support.yml
+    - 2329-hiera-lookup-plugin-return-type.yaml
+    - 2340-jenkins_plugin-py2.yml
+    - allow_funcd_to_load.yml
+    release_date: '2021-04-26'
   1.3.2:
     changes:
       bugfixes:
@@ -2149,3 +2241,110 @@ releases:
     - 1895-proxmox-kvm-fix-issue-1875.yml
     - selective-core-2.11.yml
     release_date: '2021-02-25'
+  1.3.8:
+    changes:
+      breaking_changes:
+      - docker_swarm - if ``join_token`` is specified, a returned join token with
+        the same value will be replaced by ``VALUE_SPECIFIED_IN_NO_LOG_PARAMETER``.
+        Make sure that you do not blindly use the join tokens from the return value
+        of this module when the module is invoked with ``join_token`` specified! This
+        breaking change appears in a minor release since it is necessary to fix a
+        security issue (https://github.com/ansible-collections/community.docker/pull/103).
+      bugfixes:
+      - Mark various module options with ``no_log=False`` which have a name that potentially
+        could leak secrets, but which do not (https://github.com/ansible-collections/community.general/pull/2001).
+      - bigpanda - actually use the ``deployment_message`` option (https://github.com/ansible-collections/community.general/pull/1928).
+      - cloudforms inventory - fixed issue that non-existing (archived) VMs were synced
+        (https://github.com/ansible-collections/community.general/pull/720).
+      - docker_container - fix healthcheck disabling idempotency issue with strict
+        comparison (https://github.com/ansible-collections/community.docker/issues/85).
+      - docker_image - prevent module failure when removing image that is removed
+        between inspection and removal (https://github.com/ansible-collections/community.docker/pull/87).
+      - docker_image - prevent module failure when removing non-existant image by
+        ID (https://github.com/ansible-collections/community.docker/pull/87).
+      - docker_image_info - prevent module failure when image vanishes between listing
+        and inspection (https://github.com/ansible-collections/community.docker/pull/87).
+      - docker_image_info - prevent module failure when querying non-existant image
+        by ID (https://github.com/ansible-collections/community.docker/pull/87).
+      - nmcli - ensure the ``slave-type`` option is passed to ``nmcli`` for type ``bond-slave``
+        (https://github.com/ansible-collections/community.general/pull/1882).
+      - proxmox - removed requirement that root password is provided when containter
+        state is ``present`` (https://github.com/ansible-collections/community.general/pull/1999).
+      - proxmox inventory - added handling of extra trailing slashes in the URL (https://github.com/ansible-collections/community.general/pull/1914).
+      - proxmox inventory - exclude qemu templates from inclusion to the inventory
+        via pools (https://github.com/ansible-collections/community.general/issues/1986,
+        https://github.com/ansible-collections/community.general/pull/1991).
+      - xfs_quota - the feedback for initializing project quota using xfs_quota binary
+        from ``xfsprogs`` has changed since the version it was written for (https://github.com/ansible-collections/community.general/pull/1596).
+      - zfs - some ZFS properties could be passed when the dataset/volume did not
+        exist, but would fail if the dataset already existed, even if the property
+        matched what was specified in the ansible task (https://github.com/ansible-collections/community.general/issues/868,
+        https://github.com/ansible-collections/community.general/pull/1833).
+      minor_changes:
+      - bundler - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - consul - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - consul_acl - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - consul_session - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - datadog_monitor - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - oneandone_firewall_policy - elements of list parameters are now validated
+        (https://github.com/ansible-collections/community.general/pull/1885).
+      - oneandone_load_balancer - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - oneandone_monitoring_policy - elements of list parameters are now validated
+        (https://github.com/ansible-collections/community.general/pull/1885).
+      - oneandone_private_network - elements of list parameters are now validated
+        (https://github.com/ansible-collections/community.general/pull/1885).
+      - oneandone_server - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - profitbricks - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - profitbricks_volume - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - sensu_check - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - sensu_client - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - sensu_handler - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - webfaction_domain - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      - webfaction_site - elements of list parameters are now validated (https://github.com/ansible-collections/community.general/pull/1885).
+      release_summary: Security bugfix and regular bugfix release.
+      security_fixes:
+      - docker_swarm - the ``join_token`` option is now marked as ``no_log`` so it
+        is no longer written into logs (https://github.com/ansible-collections/community.docker/pull/103).
+      - na_cdot_user - mark the ``set_password`` parameter as ``no_log`` to avoid
+        leakage of secrets (https://github.com/ansible-collections/community.general/pull/2018).
+      - sf_account_manager - mark the ``initiator_secret`` and ``target_secret`` parameters
+        as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.general/pull/2018).
+    fragments:
+    - 1.3.8.yml
+    - 1596-xfs_quota-feedback_on_projects_not_initialized_has_changed.yml
+    - 1833-zfs-creation-only-properties.yaml
+    - 1882-fix-nmcli-ensure-slave-type-for-bond-slave.yml
+    - 1885-sanity-check-fixes-batch3.yml
+    - 1914-add-sanitization-to-url.yml
+    - 1928-bigpanda-message.yml
+    - 1991-proxmox-inventory-fix-template-in-pool.yml
+    - 1999-proxmox-fix-issue-1955.yml
+    - 2001-no_log-false.yml
+    - 720-cloudforms_inventory.yml
+    - community.docker-103-docker_swarm-no_log.yml
+    - community.docker-87-docker_image-load-image-ids.yml
+    - community.docker-88-docker_container-healthcheck.yml
+    - missing-no_log-again.yml
+    release_date: '2021-03-15'
+  1.3.9:
+    changes:
+      bugfixes:
+      - nios* modules - fix modules to work with ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/2057).
+      - redfish_config module, redfish_utils module utils - fix IndexError in ``SetManagerNic``
+        command (https://github.com/ansible-collections/community.general/issues/1692).
+      - scaleway inventory plugin - fix pagination on scaleway inventory plugin (https://github.com/ansible-collections/community.general/pull/2036).
+      - stacki_host - replaced ``default`` to environment variables with ``fallback``
+        to them (https://github.com/ansible-collections/community.general/pull/2072).
+      minor_changes:
+      - Restrict dependency to community.kubernetes to < 2.0.0, since community.general
+        will no longer work with the latest git version of community.kubernetes (https://github.com/ansible-collections/community.general/pull/2087).
+      release_summary: Fixes compatibility issues with the latest ansible-core 2.11
+        beta, and some more bugs.
+    fragments:
+    - 1.3.9.yml
+    - 2036-scaleway-inventory.yml
+    - 2040-fix-index-error-in-redfish-set-manager-nic.yml
+    - 2057-nios-devel.yml
+    - 2072-stacki-host-params-fallback.yml
+    - 2087-restrict-kubernetes-dependency.yml
+    release_date: '2021-03-23'

commit-rights.md

@@ -0,0 +1,72 @@
+Committers Guidelines for community.general
+===========================================
+
+This document is based on the [Ansible committer guidelines](https://github.com/ansible/ansible/blob/b57444af14062ec96e0af75fdfc2098c74fe2d9a/docs/docsite/rst/community/committer_guidelines.rst) ([latest version](https://docs.ansible.com/ansible/devel/community/committer_guidelines.html)).
+
+These are the guidelines for people with commit privileges on the Ansible Community General Collection GitHub repository. Please read the guidelines before you commit.
+
+These guidelines apply to everyone. At the same time, this is NOT a process document. So just use good judgment. You have been given commit access because we trust your judgment.
+
+That said, use the trust wisely.
+
+If you abuse the trust and break components and builds, and so on, the trust level falls and you may be asked not to commit or you may lose your commit privileges.
+
+Our workflow on GitHub
+----------------------
+
+As a committer, you may already know this, but our workflow forms a lot of our team policies. Please ensure you are aware of the following workflow steps:
+
+* Fork the repository upon which you want to do some work to your own personal repository
+* Work on the specific branch upon which you need to commit
+* Create a Pull Request back to the collection repository and await reviews
+* Adjust code as necessary based on the Comments provided
+* Ask someone from the other committers to do a final review and merge
+
+Sometimes, committers merge their own pull requests. This section is a set of guidelines. If you are changing a comma in a doc or making a very minor change, you can use your best judgement. This is another trust thing. The process is critical for any major change, but for little things or getting something done quickly, use your best judgement and make sure people on the team are aware of your work.
+
+Roles
+-----
+* Release managers: Merge pull requests to `stable-X` branches, create tags to do releases.
+* Committers: Fine to do PRs for most things, but we should have a timebox. Hanging PRs may merge on the judgement of these devs.
+* Module maintainers: Module maintainers own specific modules and have indirect commit access through the current module PR mechanisms. This is primary [ansibullbot](https://github.com/ansibullbot)'s `shipit` mechanism.
+
+General rules
+-------------
+Individuals with direct commit access to this collection repository are entrusted with powers that allow them to do a broad variety of things--probably more than we can write down. Rather than rules, treat these as general *guidelines*, individuals with this power are expected to use their best judgement.
+
+* Do NOTs:
+
+  - Do not commit directly.
+  - Do not merge your own PRs. Someone else should have a chance to review and approve the PR merge. You have a small amount of leeway here for very minor changes.
+  - Do not forget about non-standard / alternate environments. Consider the alternatives. Yes, people have bad/unusual/strange environments (like binaries from multiple init systems installed), but they are the ones who need us the most.
+  - Do not drag your community team members down. Discuss the technical merits of any pull requests you review. Avoid negativity and personal comments. For more guidance on being a good community member, read the [Ansible Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html).
+  - Do not forget about the maintenance burden. High-maintenance features may not be worth adding.
+  - Do not break playbooks. Always keep backwards compatibility in mind.
+  - Do not forget to keep it simple. Complexity breeds all kinds of problems.
+  - Do not merge to branches other than `main`, especially not to `stable-X`, if you do not have explicit permission to do so.
+  - Do not create tags. Tags are used in the release process, and should only be created by the people responsible for managing the stable branches.
+
+* Do:
+
+  - Squash, avoid merges whenever possible, use GitHub's squash commits or cherry pick if needed (bisect thanks you).
+  - Be active. Committers who have no activity on the project (through merges, triage, commits, and so on) will have their permissions suspended.
+  - Consider backwards compatibility (goes back to "do not break existing playbooks").
+  - Write tests. PRs with tests are looked at with more priority than PRs without tests that should have them included. While not all changes require tests, be sure to add them for bug fixes or functionality changes.
+  - Discuss with other committers, specially when you are unsure of something.
+  - Document! If your PR is a new feature or a change to behavior, make sure you've updated all associated documentation or have notified the right people to do so.
+  - Consider scope, sometimes a fix can be generalized.
+  - Keep it simple, then things are maintainable, debuggable and intelligible.
+
+Committers are expected to continue to follow the same community and contribution guidelines followed by the rest of the Ansible community.
+
+
+People
+------
+
+Individuals who have been asked to become a part of this group have generally been contributing in significant ways to the community.general collection for some time. Should they agree, they are requested to add their names and GitHub IDs to this file, in the section below, through a pull request. Doing so indicates that these individuals agree to act in the ways that their fellow committers trust that they will act.
+
+| Name                | GitHub ID            | IRC Nick           | Other                |
+| ------------------- | -------------------- | ------------------ | -------------------- |
+| Andrew Klychkov     | andersson007         | andersson007_      |                      |
+| Felix Fontein       | felixfontein         | felixfontein       |                      |
+| John R Barker       | gundalow             | gundalow           |                      |

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: community
 name: general
-version: 1.3.7
+version: 1.3.10
 readme: README.md
 authors:
   - Ansible (https://github.com/ansible)
@@ -10,7 +10,7 @@ tags: [community]
 # NOTE: No more dependencies can be added to this list
 dependencies:
   ansible.netcommon: '>=1.0.0'
-  community.kubernetes: '>=1.0.0'
+  community.kubernetes: '>=1.0.0,<2.0.0'
   google.cloud: '>=1.0.0'
 repository: https://github.com/ansible-collections/community.general
 documentation: https://docs.ansible.com/ansible/latest/collections/community/general/

plugins/connection/funcd.py

@@ -37,12 +37,13 @@ import tempfile
 import shutil
 
 from ansible.errors import AnsibleError
+from ansible.plugins.connection import ConnectionBase
 from ansible.utils.display import Display
 
 display = Display()
 
 
-class Connection(object):
+class Connection(ConnectionBase):
     ''' Func-based connections '''
 
     has_pipelining = False

plugins/doc_fragments/oneview.py

@@ -13,12 +13,32 @@ class ModuleDocFragment(object):
     DOCUMENTATION = r'''
 options:
     config:
-      description:
+        description:
         - Path to a .json configuration file containing the OneView client configuration.
           The configuration file is optional and when used should be present in the host running the ansible commands.
           If the file path is not provided, the configuration will be loaded from environment variables.
           For links to example configuration files or how to use the environment variables verify the notes section.
-      type: path
+        type: path
+    api_version:
+        description:
+        - OneView API Version.
+        type: int
+    image_streamer_hostname:
+        description:
+        - IP address or hostname for the HPE Image Streamer REST API.
+        type: str
+    hostname:
+        description:
+        - IP address or hostname for the appliance.
+        type: str
+    username:
+        description:
+        - Username for API authentication.
+        type: str
+    password:
+        description:
+        - Password for API authentication.
+        type: str
 
 requirements:
   - python >= 2.7.9

plugins/inventory/nmap.py

@@ -72,6 +72,25 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
         self._nmap = None
         super(InventoryModule, self).__init__()
 
+    def _populate(self, hosts):
+        # Use constructed if applicable
+        strict = self.get_option('strict')
+
+        for host in hosts:
+            hostname = host['name']
+            self.inventory.add_host(hostname)
+            for var, value in host.items():
+                self.inventory.set_variable(hostname, var, value)
+
+            # Composed variables
+            self._set_composite_vars(self.get_option('compose'), host, hostname, strict=strict)
+
+            # Complex groups based on jinja2 conditionals, hosts that meet the conditional are added to group
+            self._add_host_to_composed_groups(self.get_option('groups'), host, hostname, strict=strict)
+
+            # Create groups based on variable values and add the corresponding hosts to it
+            self._add_host_to_keyed_groups(self.get_option('keyed_groups'), host, hostname, strict=strict)
+
     def verify_file(self, path):
 
         valid = False
@@ -83,7 +102,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
 
         return valid
 
-    def parse(self, inventory, loader, path, cache=False):
+    def parse(self, inventory, loader, path, cache=True):
 
         try:
             self._nmap = get_bin_path('nmap')
@@ -94,75 +113,101 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
 
         self._read_config_data(path)
 
-        # setup command
-        cmd = [self._nmap]
-        if not self._options['ports']:
-            cmd.append('-sP')
+        cache_key = self.get_cache_key(path)
 
-        if self._options['ipv4'] and not self._options['ipv6']:
-            cmd.append('-4')
-        elif self._options['ipv6'] and not self._options['ipv4']:
-            cmd.append('-6')
-        elif not self._options['ipv6'] and not self._options['ipv4']:
-            raise AnsibleParserError('One of ipv4 or ipv6 must be enabled for this plugin')
+        # cache may be True or False at this point to indicate if the inventory is being refreshed
+        # get the user's cache option too to see if we should save the cache if it is changing
+        user_cache_setting = self.get_option('cache')
 
-        if self._options['exclude']:
-            cmd.append('--exclude')
-            cmd.append(','.join(self._options['exclude']))
-
-        cmd.append(self._options['address'])
-        try:
-            # execute
-            p = Popen(cmd, stdout=PIPE, stderr=PIPE)
-            stdout, stderr = p.communicate()
-            if p.returncode != 0:
-                raise AnsibleParserError('Failed to run nmap, rc=%s: %s' % (p.returncode, to_native(stderr)))
-
-            # parse results
-            host = None
-            ip = None
-            ports = []
+        # read if the user has caching enabled and the cache isn't being refreshed
+        attempt_to_read_cache = user_cache_setting and cache
+        # update if the user has caching enabled and the cache is being refreshed; update this value to True if the cache has expired below
+        cache_needs_update = user_cache_setting and not cache
 
+        if attempt_to_read_cache:
             try:
-                t_stdout = to_text(stdout, errors='surrogate_or_strict')
-            except UnicodeError as e:
-                raise AnsibleParserError('Invalid (non unicode) input returned: %s' % to_native(e))
+                results = self._cache[cache_key]
+            except KeyError:
+                # This occurs if the cache_key is not in the cache or if the cache_key expired, so the cache needs to be updated
+                cache_needs_update = True
 
-            for line in t_stdout.splitlines():
-                hits = self.find_host.match(line)
-                if hits:
-                    if host is not None:
-                        self.inventory.set_variable(host, 'ports', ports)
+        if cache_needs_update:
+            # setup command
+            cmd = [self._nmap]
+            if not self._options['ports']:
+                cmd.append('-sP')
 
-                    # if dns only shows arpa, just use ip instead as hostname
-                    if hits.group(1).endswith('.in-addr.arpa'):
-                        host = hits.group(2)
-                    else:
-                        host = hits.group(1)
+            if self._options['ipv4'] and not self._options['ipv6']:
+                cmd.append('-4')
+            elif self._options['ipv6'] and not self._options['ipv4']:
+                cmd.append('-6')
+            elif not self._options['ipv6'] and not self._options['ipv4']:
+                raise AnsibleParserError('One of ipv4 or ipv6 must be enabled for this plugin')
 
-                    # if no reverse dns exists, just use ip instead as hostname
-                    if hits.group(2) is not None:
-                        ip = hits.group(2)
-                    else:
-                        ip = hits.group(1)
+            if self._options['exclude']:
+                cmd.append('--exclude')
+                cmd.append(','.join(self._options['exclude']))
 
-                    if host is not None:
-                        # update inventory
-                        self.inventory.add_host(host)
-                        self.inventory.set_variable(host, 'ip', ip)
-                        ports = []
-                    continue
+            cmd.append(self._options['address'])
+            try:
+                # execute
+                p = Popen(cmd, stdout=PIPE, stderr=PIPE)
+                stdout, stderr = p.communicate()
+                if p.returncode != 0:
+                    raise AnsibleParserError('Failed to run nmap, rc=%s: %s' % (p.returncode, to_native(stderr)))
 
-                host_ports = self.find_port.match(line)
-                if host is not None and host_ports:
-                    ports.append({'port': host_ports.group(1), 'protocol': host_ports.group(2), 'state': host_ports.group(3), 'service': host_ports.group(4)})
-                    continue
+                # parse results
+                host = None
+                ip = None
+                ports = []
+                results = []
 
-                # TODO: parse more data, OS?
+                try:
+                    t_stdout = to_text(stdout, errors='surrogate_or_strict')
+                except UnicodeError as e:
+                    raise AnsibleParserError('Invalid (non unicode) input returned: %s' % to_native(e))
 
-            # if any leftovers
-            if host and ports:
-                self.inventory.set_variable(host, 'ports', ports)
+                for line in t_stdout.splitlines():
+                    hits = self.find_host.match(line)
+                    if hits:
+                        if host is not None and ports:
+                            results[-1]['ports'] = ports
 
-        except Exception as e:
-            raise AnsibleParserError("failed to parse %s: %s " % (to_native(path), to_native(e)))
+                        # if dns only shows arpa, just use ip instead as hostname
+                        if hits.group(1).endswith('.in-addr.arpa'):
+                            host = hits.group(2)
+                        else:
+                            host = hits.group(1)
+
+                        # if no reverse dns exists, just use ip instead as hostname
+                        if hits.group(2) is not None:
+                            ip = hits.group(2)
+                        else:
+                            ip = hits.group(1)
+
+                        if host is not None:
+                            # update inventory
+                            results.append(dict())
+                            results[-1]['name'] = host
+                            results[-1]['ip'] = ip
+                            ports = []
+                        continue
+
+                    host_ports = self.find_port.match(line)
+                    if host is not None and host_ports:
+                        ports.append({'port': host_ports.group(1),
+                                      'protocol': host_ports.group(2),
+                                      'state': host_ports.group(3),
+                                      'service': host_ports.group(4)})
+                        continue
+
+                # if any leftovers
+                if host and ports:
+                    results[-1]['ports'] = ports
+
+            except Exception as e:
+                raise AnsibleParserError("failed to parse %s: %s " % (to_native(path), to_native(e)))
+
+            self._cache[cache_key] = results
+
+        self._populate(results)

plugins/inventory/proxmox.py

@@ -325,7 +325,8 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
 
                 for member in self._get_members_per_pool(pool['poolid']):
                     if member.get('name'):
-                        self.inventory.add_child(pool_group, member['name'])
+                        if not member.get('template'):
+                            self.inventory.add_child(pool_group, member['name'])
 
     def parse(self, inventory, loader, path, cache=True):
         if not HAS_REQUESTS:
@@ -338,7 +339,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
         self._read_config_data(path)
 
         # get connection host
-        self.proxmox_url = self.get_option('url')
+        self.proxmox_url = self.get_option('url').rstrip('/')
         self.proxmox_user = self.get_option('user')
         self.proxmox_password = self.get_option('password')
         self.cache_key = self.get_cache_key(path)

plugins/lookup/filetree.py

@@ -31,7 +31,9 @@ EXAMPLES = r"""
 - name: Template files (explicitly skip directories in order to use the 'src' attribute)
   ansible.builtin.template:
     src: '{{ item.src }}'
-    dest: /web/{{ item.path }}
+    # Your template files should be stored with a .j2 file extension,
+    # but should not be deployed with it. splitext|first removes it.
+    dest: /web/{{ item.path | splitext | first }}
     mode: '{{ item.mode }}'
   with_community.general.filetree: web/
   when: item.state == 'file'
@@ -41,6 +43,7 @@ EXAMPLES = r"""
     src: '{{ item.src }}'
     dest: /web/{{ item.path }}
     state: link
+    follow: false  # avoid corrupting target files if the link already exists
     force: yes
     mode: '{{ item.mode }}'
   with_community.general.filetree: web/

plugins/lookup/hiera.py

@@ -63,6 +63,7 @@ import os
 
 from ansible.plugins.lookup import LookupBase
 from ansible.utils.cmd_functions import run_cmd
+from ansible.module_utils._text import to_text
 
 ANSIBLE_HIERA_CFG = os.getenv('ANSIBLE_HIERA_CFG', '/etc/hiera.yaml')
 ANSIBLE_HIERA_BIN = os.getenv('ANSIBLE_HIERA_BIN', '/usr/bin/hiera')
@@ -78,13 +79,11 @@ class Hiera(object):
         rc, output, err = run_cmd("{0} -c {1} {2}".format(
             ANSIBLE_HIERA_BIN, ANSIBLE_HIERA_CFG, hiera_key[0]))
 
-        return output.strip()
+        return to_text(output.strip())
 
 
 class LookupModule(LookupBase):
     def run(self, terms, variables=''):
         hiera = Hiera()
-        ret = []
-
-        ret.append(hiera.get(terms))
+        ret = [hiera.get(terms)]
         return ret

plugins/lookup/tss.py

@@ -82,6 +82,27 @@ EXAMPLES = r"""
                 | items2dict(key_name='slug',
                              value_name='itemValue'))['password']
             }}
+
+- hosts: localhost
+  vars:
+      secret: >-
+        {{
+            lookup(
+                'community.general.tss',
+                102,
+                base_url='https://secretserver.domain.com/SecretServer/',
+                username='user.name',
+                password='password'
+            )
+        }}
+  tasks:
+      - ansible.builtin.debug:
+          msg: >
+            the password is {{
+              (secret['items']
+                | items2dict(key_name='slug',
+                             value_name='itemValue'))['password']
+            }}
 """
 
 from ansible.errors import AnsibleError, AnsibleOptionsError

plugins/module_utils/docker/common.py

@@ -636,6 +636,9 @@ class AnsibleDockerClient(Client):
         if len(images) == 1:
             try:
                 inspection = self.inspect_image(images[0]['Id'])
+            except NotFound:
+                self.log("Image %s:%s not found." % (name, tag))
+                return None
             except Exception as exc:
                 self.fail("Error inspecting image %s:%s - %s" % (name, tag, str(exc)))
             return inspection
@@ -643,7 +646,7 @@ class AnsibleDockerClient(Client):
         self.log("Image %s:%s not found." % (name, tag))
         return None
 
-    def find_image_by_id(self, image_id):
+    def find_image_by_id(self, image_id, accept_missing_image=False):
         '''
         Lookup an image (by ID) and return the inspection results.
         '''
@@ -653,6 +656,11 @@ class AnsibleDockerClient(Client):
         self.log("Find image %s (by ID)" % image_id)
         try:
             inspection = self.inspect_image(image_id)
+        except NotFound as exc:
+            if not accept_missing_image:
+                self.fail("Error inspecting image ID %s - %s" % (image_id, str(exc)))
+            self.log("Image %s not found." % image_id)
+            return None
         except Exception as exc:
             self.fail("Error inspecting image ID %s - %s" % (image_id, str(exc)))
         return inspection

plugins/module_utils/identity/keycloak/keycloak.py

@@ -55,7 +55,7 @@ def keycloak_argument_spec():
     :return: argument_spec dict
     """
     return dict(
-        auth_keycloak_url=dict(type='str', aliases=['url'], required=True),
+        auth_keycloak_url=dict(type='str', aliases=['url'], required=True, no_log=False),
         auth_client_id=dict(type='str', default='admin-cli'),
         auth_realm=dict(type='str', required=True),
         auth_client_secret=dict(type='str', default=None, no_log=True),

plugins/module_utils/known_hosts.py

@@ -87,11 +87,12 @@ def not_in_host_file(self, host):
         user_host_file = "~/.ssh/known_hosts"
     user_host_file = os.path.expanduser(user_host_file)
 
-    host_file_list = []
-    host_file_list.append(user_host_file)
-    host_file_list.append("/etc/ssh/ssh_known_hosts")
-    host_file_list.append("/etc/ssh/ssh_known_hosts2")
-    host_file_list.append("/etc/openssh/ssh_known_hosts")
+    host_file_list = [
+        user_host_file,
+        "/etc/ssh/ssh_known_hosts",
+        "/etc/ssh/ssh_known_hosts2",
+        "/etc/openssh/ssh_known_hosts",
+    ]
 
     hfiles_not_found = 0
     for hf in host_file_list:

plugins/module_utils/module_helper.py

@@ -81,18 +81,27 @@ class ArgFormat(object):
         return [str(p) for p in func(value)]
 
 
-def cause_changes(func, on_success=True, on_failure=False):
-    @wraps(func)
-    def wrapper(self, *args, **kwargs):
-        try:
-            func(*args, **kwargs)
-            if on_success:
-                self.changed = True
-        except Exception as e:
-            if on_failure:
-                self.changed = True
-            raise
-    return wrapper
+def cause_changes(on_success=None, on_failure=None):
+
+    def deco(func):
+        if on_success is None and on_failure is None:
+            return func
+
+        @wraps(func)
+        def wrapper(*args, **kwargs):
+            try:
+                self = args[0]
+                func(*args, **kwargs)
+                if on_success is not None:
+                    self.changed = on_success
+            except Exception:
+                if on_failure is not None:
+                    self.changed = on_failure
+                raise
+
+        return wrapper
+
+    return deco
 
 
 def module_fails_on_exception(func):

plugins/module_utils/net_tools/nios/api.py

@@ -18,6 +18,7 @@ from ansible.module_utils._text import to_native
 from ansible.module_utils.six import iteritems
 from ansible.module_utils._text import to_text
 from ansible.module_utils.basic import env_fallback
+from ansible.module_utils.common.validation import check_type_dict
 
 try:
     from infoblox_client.connector import Connector
@@ -390,11 +391,11 @@ class WapiModule(WapiBase):
 
         if 'ipv4addrs' in proposed_object:
             if 'nios_next_ip' in proposed_object['ipv4addrs'][0]['ipv4addr']:
-                ip_range = self.module._check_type_dict(proposed_object['ipv4addrs'][0]['ipv4addr'])['nios_next_ip']
+                ip_range = check_type_dict(proposed_object['ipv4addrs'][0]['ipv4addr'])['nios_next_ip']
                 proposed_object['ipv4addrs'][0]['ipv4addr'] = NIOS_NEXT_AVAILABLE_IP + ':' + ip_range
         elif 'ipv4addr' in proposed_object:
             if 'nios_next_ip' in proposed_object['ipv4addr']:
-                ip_range = self.module._check_type_dict(proposed_object['ipv4addr'])['nios_next_ip']
+                ip_range = check_type_dict(proposed_object['ipv4addr'])['nios_next_ip']
                 proposed_object['ipv4addr'] = NIOS_NEXT_AVAILABLE_IP + ':' + ip_range
 
         return proposed_object
@@ -476,7 +477,7 @@ class WapiModule(WapiBase):
         if ('name' in obj_filter):
             # gets and returns the current object based on name/old_name passed
             try:
-                name_obj = self.module._check_type_dict(obj_filter['name'])
+                name_obj = check_type_dict(obj_filter['name'])
                 old_name = name_obj['old_name']
                 new_name = name_obj['new_name']
             except TypeError:
@@ -512,7 +513,7 @@ class WapiModule(WapiBase):
                 test_obj_filter['name'] = test_obj_filter['name'].lower()
                 # resolves issue where multiple a_records with same name and different IP address
                 try:
-                    ipaddr_obj = self.module._check_type_dict(obj_filter['ipv4addr'])
+                    ipaddr_obj = check_type_dict(obj_filter['ipv4addr'])
                     ipaddr = ipaddr_obj['old_ipv4addr']
                 except TypeError:
                     ipaddr = obj_filter['ipv4addr']
@@ -521,7 +522,7 @@ class WapiModule(WapiBase):
                 # resolves issue where multiple txt_records with same name and different text
                 test_obj_filter = obj_filter
                 try:
-                    text_obj = self.module._check_type_dict(obj_filter['text'])
+                    text_obj = check_type_dict(obj_filter['text'])
                     txt = text_obj['old_text']
                 except TypeError:
                     txt = obj_filter['text']
@@ -534,7 +535,7 @@ class WapiModule(WapiBase):
             # resolves issue where multiple a_records with same name and different IP address
             test_obj_filter = obj_filter
             try:
-                ipaddr_obj = self.module._check_type_dict(obj_filter['ipv4addr'])
+                ipaddr_obj = check_type_dict(obj_filter['ipv4addr'])
                 ipaddr = ipaddr_obj['old_ipv4addr']
             except TypeError:
                 ipaddr = obj_filter['ipv4addr']
@@ -544,7 +545,7 @@ class WapiModule(WapiBase):
             # resolves issue where multiple txt_records with same name and different text
             test_obj_filter = obj_filter
             try:
-                text_obj = self.module._check_type_dict(obj_filter['text'])
+                text_obj = check_type_dict(obj_filter['text'])
                 txt = text_obj['old_text']
             except TypeError:
                 txt = obj_filter['text']

plugins/module_utils/oracle/oci_utils.py

@@ -104,7 +104,7 @@ def get_common_arg_spec(supports_create=False, supports_wait=False):
 
     if supports_create:
         common_args.update(
-            key_by=dict(type="list", elements="str"),
+            key_by=dict(type="list", elements="str", no_log=False),
             force_create=dict(type="bool", default=False),
         )
 

plugins/module_utils/redfish_utils.py

@@ -2676,6 +2676,10 @@ class RedfishUtils(object):
                         need_change = True
             # type is list
             if isinstance(set_value, list):
+                if len(set_value) != len(cur_value):
+                    # if arrays are not the same len, no need to check each element
+                    need_change = True
+                    continue
                 for i in range(len(set_value)):
                     for subprop in payload[property][i].keys():
                         if subprop not in target_ethernet_current_setting[property][i]:

plugins/module_utils/scaleway.py

@@ -39,7 +39,7 @@ class ScalewayException(Exception):
 R_LINK_HEADER = r'''<[^>]+>;\srel="(first|previous|next|last)"
     (,<[^>]+>;\srel="(first|previous|next|last)")*'''
 # Specify a single relation, for iteration and string extraction purposes
-R_RELATION = r'<(?P<target_IRI>[^>]+)>; rel="(?P<relation>first|previous|next|last)"'
+R_RELATION = r'</?(?P<target_IRI>[^>]+)>; rel="(?P<relation>first|previous|next|last)"'
 
 
 def parse_pagination_link(header):

plugins/modules/cloud/atomic/atomic_container.py

@@ -102,7 +102,8 @@ def do_install(module, mode, rootfs, container, image, values_list, backend):
     system_list = ["--system"] if mode == 'system' else []
     user_list = ["--user"] if mode == 'user' else []
     rootfs_list = ["--rootfs=%s" % rootfs] if rootfs else []
-    args = ['atomic', 'install', "--storage=%s" % backend, '--name=%s' % container] + system_list + user_list + rootfs_list + values_list + [image]
+    atomic_bin = module.get_bin_path('atomic')
+    args = [atomic_bin, 'install', "--storage=%s" % backend, '--name=%s' % container] + system_list + user_list + rootfs_list + values_list + [image]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:
         module.fail_json(rc=rc, msg=err)
@@ -112,7 +113,8 @@ def do_install(module, mode, rootfs, container, image, values_list, backend):
 
 
 def do_update(module, container, image, values_list):
-    args = ['atomic', 'containers', 'update', "--rebase=%s" % image] + values_list + [container]
+    atomic_bin = module.get_bin_path('atomic')
+    args = [atomic_bin, 'containers', 'update', "--rebase=%s" % image] + values_list + [container]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:
         module.fail_json(rc=rc, msg=err)
@@ -122,7 +124,8 @@ def do_update(module, container, image, values_list):
 
 
 def do_uninstall(module, name, backend):
-    args = ['atomic', 'uninstall', "--storage=%s" % backend, name]
+    atomic_bin = module.get_bin_path('atomic')
+    args = [atomic_bin, 'uninstall', "--storage=%s" % backend, name]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:
         module.fail_json(rc=rc, msg=err)
@@ -130,7 +133,8 @@ def do_uninstall(module, name, backend):
 
 
 def do_rollback(module, name):
-    args = ['atomic', 'containers', 'rollback', name]
+    atomic_bin = module.get_bin_path('atomic')
+    args = [atomic_bin, 'containers', 'rollback', name]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:
         module.fail_json(rc=rc, msg=err)
@@ -148,14 +152,12 @@ def core(module):
     backend = module.params['backend']
     state = module.params['state']
 
+    atomic_bin = module.get_bin_path('atomic')
     module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
-    out = {}
-    err = {}
-    rc = 0
 
     values_list = ["--set=%s" % x for x in values] if values else []
 
-    args = ['atomic', 'containers', 'list', '--no-trunc', '-n', '--all', '-f', 'backend=%s' % backend, '-f', 'container=%s' % name]
+    args = [atomic_bin, 'containers', 'list', '--no-trunc', '-n', '--all', '-f', 'backend=%s' % backend, '-f', 'container=%s' % name]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:
         module.fail_json(rc=rc, msg=err)
@@ -194,9 +196,7 @@ def main():
         module.fail_json(msg="values is supported only with user or system mode")
 
     # Verify that the platform supports atomic command
-    rc, out, err = module.run_command('atomic -v', check_rc=False)
-    if rc != 0:
-        module.fail_json(msg="Error in running atomic command", err=err)
+    dummy = module.get_bin_path('atomic', required=True)
 
     try:
         core(module)

plugins/modules/cloud/atomic/atomic_host.py

@@ -57,18 +57,14 @@ from ansible.module_utils._text import to_native
 
 def core(module):
     revision = module.params['revision']
-    args = []
+    atomic_bin = module.get_bin_path('atomic', required=True)
 
     module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
 
     if revision == 'latest':
-        args = ['atomic', 'host', 'upgrade']
+        args = [atomic_bin, 'host', 'upgrade']
     else:
-        args = ['atomic', 'host', 'deploy', revision]
-
-    out = {}
-    err = {}
-    rc = 0
+        args = [atomic_bin, 'host', 'deploy', revision]
 
     rc, out, err = module.run_command(args, check_rc=False)
 

plugins/modules/cloud/atomic/atomic_image.py

@@ -73,7 +73,8 @@ from ansible.module_utils._text import to_native
 
 
 def do_upgrade(module, image):
-    args = ['atomic', 'update', '--force', image]
+    atomic_bin = module.get_bin_path('atomic')
+    args = [atomic_bin, 'update', '--force', image]
     rc, out, err = module.run_command(args, check_rc=False)
     if rc != 0:  # something went wrong emit the msg
         module.fail_json(rc=rc, msg=err)
@@ -91,20 +92,21 @@ def core(module):
     is_upgraded = False
 
     module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
+    atomic_bin = module.get_bin_path('atomic')
     out = {}
     err = {}
     rc = 0
 
     if backend:
         if state == 'present' or state == 'latest':
-            args = ['atomic', 'pull', "--storage=%s" % backend, image]
+            args = [atomic_bin, 'pull', "--storage=%s" % backend, image]
             rc, out, err = module.run_command(args, check_rc=False)
             if rc < 0:
                 module.fail_json(rc=rc, msg=err)
             else:
                 out_run = ""
                 if started:
-                    args = ['atomic', 'run', "--storage=%s" % backend, image]
+                    args = [atomic_bin, 'run', "--storage=%s" % backend, image]
                     rc, out_run, err = module.run_command(args, check_rc=False)
                     if rc < 0:
                         module.fail_json(rc=rc, msg=err)
@@ -112,7 +114,7 @@ def core(module):
                 changed = "Extracting" in out or "Copying blob" in out
                 module.exit_json(msg=(out + out_run), changed=changed)
         elif state == 'absent':
-            args = ['atomic', 'images', 'delete', "--storage=%s" % backend, image]
+            args = [atomic_bin, 'images', 'delete', "--storage=%s" % backend, image]
             rc, out, err = module.run_command(args, check_rc=False)
             if rc < 0:
                 module.fail_json(rc=rc, msg=err)
@@ -126,11 +128,11 @@ def core(module):
             is_upgraded = do_upgrade(module, image)
 
         if started:
-            args = ['atomic', 'run', image]
+            args = [atomic_bin, 'run', image]
         else:
-            args = ['atomic', 'install', image]
+            args = [atomic_bin, 'install', image]
     elif state == 'absent':
-        args = ['atomic', 'uninstall', image]
+        args = [atomic_bin, 'uninstall', image]
 
     rc, out, err = module.run_command(args, check_rc=False)
 
@@ -155,9 +157,7 @@ def main():
     )
 
     # Verify that the platform supports atomic command
-    rc, out, err = module.run_command('atomic -v', check_rc=False)
-    if rc != 0:
-        module.fail_json(msg="Error in running atomic command", err=err)
+    dummy = module.get_bin_path('atomic', required=True)
 
     try:
         core(module)

plugins/modules/cloud/dimensiondata/dimensiondata_network.py

@@ -260,7 +260,7 @@ class DimensionDataNetworkModule(DimensionDataModule):
                 )
 
             self.module.fail_json(
-                "Unexpected failure deleting network with id %s", network.id
+                "Unexpected failure deleting network with id %s" % network.id
             )
 
         except DimensionDataAPIException as e:

plugins/modules/cloud/docker/docker_container.py

@@ -2293,6 +2293,12 @@ class Container(DockerBaseClass):
                 match = self._compare(getattr(self.parameters, key), value, compare)
 
                 if not match:
+                    if key == 'expected_healthcheck' and config_mapping['disable_healthcheck'] and self.parameters.disable_healthcheck:
+                        # If the healthcheck is disabled (both in parameters and for the current container), and the user
+                        # requested strict comparison for healthcheck, the comparison will fail. That's why we ignore the
+                        # expected_healthcheck comparison in this case.
+                        continue
+
                     # no match. record the differences
                     p = getattr(self.parameters, key)
                     c = value

plugins/modules/cloud/docker/docker_image.py

@@ -433,7 +433,7 @@ if docker_version is not None:
         else:
             from docker.auth.auth import resolve_repository_name
         from docker.utils.utils import parse_repository_tag
-        from docker.errors import DockerException
+        from docker.errors import DockerException, NotFound
     except ImportError:
         # missing Docker SDK for Python handled in module_utils.docker.common
         pass
@@ -540,6 +540,8 @@ class ImageManager(DockerBaseClass):
                     self.client.fail('Cannot find the image %s locally.' % name)
             if not self.check_mode and image and image['Id'] == self.results['image']['Id']:
                 self.results['changed'] = False
+        else:
+            self.results['image'] = image
 
         if self.archive_path:
             self.archive_image(self.name, self.tag)
@@ -557,7 +559,7 @@ class ImageManager(DockerBaseClass):
         '''
         name = self.name
         if is_image_name_id(name):
-            image = self.client.find_image_by_id(name)
+            image = self.client.find_image_by_id(name, accept_missing_image=True)
         else:
             image = self.client.find_image(name, self.tag)
             if self.tag:
@@ -566,6 +568,9 @@ class ImageManager(DockerBaseClass):
             if not self.check_mode:
                 try:
                     self.client.remove_image(name, force=self.force_absent)
+                except NotFound:
+                    # If the image vanished while we were trying to remove it, don't fail
+                    pass
                 except Exception as exc:
                     self.fail("Error removing image %s - %s" % (name, str(exc)))
 

plugins/modules/cloud/docker/docker_image_info.py

@@ -167,7 +167,7 @@ import traceback
 
 try:
     from docker import utils
-    from docker.errors import DockerException
+    from docker.errors import DockerException, NotFound
 except ImportError:
     # missing Docker SDK for Python handled in ansible.module_utils.docker.common
     pass
@@ -215,7 +215,7 @@ class ImageManager(DockerBaseClass):
         for name in names:
             if is_image_name_id(name):
                 self.log('Fetching image %s (ID)' % (name))
-                image = self.client.find_image_by_id(name)
+                image = self.client.find_image_by_id(name, accept_missing_image=True)
             else:
                 repository, tag = utils.parse_repository_tag(name)
                 if not tag:
@@ -232,6 +232,8 @@ class ImageManager(DockerBaseClass):
         for image in images:
             try:
                 inspection = self.client.inspect_image(image['Id'])
+            except NotFound:
+                pass
             except Exception as exc:
                 self.fail("Error inspecting image %s - %s" % (image['Id'], str(exc)))
             results.append(inspection)

plugins/modules/cloud/docker/docker_swarm.py

@@ -85,6 +85,8 @@ options:
     description:
       - Swarm token used to join a swarm cluster.
       - Used with I(state=join).
+      - If this value is specified, the corresponding value in the return values will be censored by Ansible.
+        This is a side-effect of this value not being logged.
     type: str
   remote_addrs:
     description:
@@ -237,12 +239,20 @@ swarm_facts:
           type: dict
           contains:
               Worker:
-                  description: Token to create a new *worker* node
+                  description:
+                    - Token to join the cluster as a new *worker* node.
+                    - "B(Note:) if this value has been specified as I(join_token), the value here will not
+                       be the token, but C(VALUE_SPECIFIED_IN_NO_LOG_PARAMETER). If you pass I(join_token),
+                       make sure your playbook/role does not depend on this return value!"
                   returned: success
                   type: str
                   example: SWMTKN-1--xxxxx
               Manager:
-                  description: Token to create a new *manager* node
+                  description:
+                    - Token to join the cluster as a new *manager* node.
+                    - "B(Note:) if this value has been specified as I(join_token), the value here will not
+                       be the token, but C(VALUE_SPECIFIED_IN_NO_LOG_PARAMETER). If you pass I(join_token),
+                       make sure your playbook/role does not depend on this return value!"
                   returned: success
                   type: str
                   example: SWMTKN-1--xxxxx
@@ -604,7 +614,7 @@ def main():
         force=dict(type='bool', default=False),
         listen_addr=dict(type='str', default='0.0.0.0:2377'),
         remote_addrs=dict(type='list', elements='str'),
-        join_token=dict(type='str'),
+        join_token=dict(type='str', no_log=True),
         snapshot_interval=dict(type='int'),
         task_history_retention_limit=dict(type='int'),
         keep_old_snapshots=dict(type='int'),

plugins/modules/cloud/docker/docker_swarm_service.py

@@ -2729,9 +2729,9 @@ def main():
             gid=dict(type='str'),
             mode=dict(type='int'),
         )),
-        secrets=dict(type='list', elements='dict', options=dict(
-            secret_id=dict(type='str'),
-            secret_name=dict(type='str', required=True),
+        secrets=dict(type='list', elements='dict', no_log=False, options=dict(
+            secret_id=dict(type='str', no_log=False),
+            secret_name=dict(type='str', required=True, no_log=False),
             filename=dict(type='str'),
             uid=dict(type='str'),
             gid=dict(type='str'),

plugins/modules/cloud/google/gc_storage.py

@@ -421,7 +421,7 @@ def main():
             permission=dict(choices=['private', 'public-read', 'authenticated-read'], default='private'),
             headers=dict(type='dict', default={}),
             gs_secret_key=dict(no_log=True, required=True),
-            gs_access_key=dict(required=True),
+            gs_access_key=dict(required=True, no_log=False),
             overwrite=dict(default=True, type='bool', aliases=['force']),
             region=dict(default='US', type='str'),
             versioning=dict(default=False, type='bool')

plugins/modules/cloud/linode/linode_v4.py

@@ -240,7 +240,7 @@ def initialise_module():
                 no_log=True,
                 fallback=(env_fallback, ['LINODE_ACCESS_TOKEN']),
             ),
-            authorized_keys=dict(type='list', required=False),
+            authorized_keys=dict(type='list', required=False, no_log=False),
             group=dict(type='str', required=False),
             image=dict(type='str', required=False),
             region=dict(type='str', required=False),

plugins/modules/cloud/lxd/lxd_container.py

@@ -693,7 +693,8 @@ def main():
             ),
             client_key=dict(
                 type='str',
-                aliases=['key_file']
+                aliases=['key_file'],
+                no_log=False,
             ),
             client_cert=dict(
                 type='str',

plugins/modules/cloud/lxd/lxd_profile.py

@@ -385,7 +385,8 @@ def main():
             ),
             client_key=dict(
                 type='str',
-                aliases=['key_file']
+                aliases=['key_file'],
+                no_log=False,
             ),
             client_cert=dict(
                 type='str',

plugins/modules/cloud/misc/proxmox.py

@@ -63,7 +63,6 @@ options:
   password:
     description:
       - the instance root password
-      - required only for C(state=present)
     type: str
   hostname:
     description:
@@ -538,7 +537,7 @@ def main():
             hookscript=dict(type='str'),
             proxmox_default_behavior=dict(type='str', choices=['compatibility', 'no_defaults']),
         ),
-        required_if=[('state', 'present', ['node', 'hostname', 'password', 'ostemplate'])],
+        required_if=[('state', 'present', ['node', 'hostname', 'ostemplate'])],
         required_together=[('api_token_id', 'api_token_secret')],
         required_one_of=[('api_password', 'api_token_id')],
     )

plugins/modules/cloud/misc/proxmox_domain_info.py

@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 #
-# Copyright: Tristan Le Guern (@Aversiste) <tleguern at bouledef.eu>
+# Copyright: Tristan Le Guern (@tleguern) <tleguern at bouledef.eu>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
 from __future__ import absolute_import, division, print_function
@@ -21,7 +21,7 @@ options:
       - Restrict results to a specific authentication realm.
     aliases: ['realm', 'name']
     type: str
-author: Tristan Le Guern (@Aversiste)
+author: Tristan Le Guern (@tleguern)
 extends_documentation_fragment: community.general.proxmox.documentation
 '''
 

plugins/modules/cloud/misc/proxmox_group_info.py

@@ -21,7 +21,7 @@ options:
       - Restrict results to a specific group.
     aliases: ['groupid', 'name']
     type: str
-author: Tristan Le Guern (@Aversiste)
+author: Tristan Le Guern (@tleguern)
 extends_documentation_fragment: community.general.proxmox.documentation
 '''
 

plugins/modules/cloud/misc/proxmox_kvm.py

@@ -1101,7 +1101,7 @@ def main():
             smbios=dict(type='str'),
             snapname=dict(type='str'),
             sockets=dict(type='int'),
-            sshkeys=dict(type='str'),
+            sshkeys=dict(type='str', no_log=False),
             startdate=dict(type='str'),
             startup=dict(),
             state=dict(default='present', choices=['present', 'absent', 'stopped', 'started', 'restarted', 'current']),

plugins/modules/cloud/misc/proxmox_user_info.py

@@ -30,7 +30,7 @@ options:
     description:
       - Restrict results to a specific user ID, which is a concatenation of a user and domain parts.
     type: str
-author: Tristan Le Guern (@Aversiste)
+author: Tristan Le Guern (@tleguern)
 extends_documentation_fragment: community.general.proxmox.documentation
 '''
 

plugins/modules/cloud/misc/rhevm.py

@@ -1229,24 +1229,6 @@ class RHEV(object):
         self.__get_conn()
         return self.conn.set_VM_Host(vmname, vmhost)
 
-        # pylint: disable=unreachable
-        VM = self.conn.get_VM(vmname)
-        HOST = self.conn.get_Host(vmhost)
-
-        if VM.placement_policy.host is None:
-            self.conn.set_VM_Host(vmname, vmhost)
-        elif str(VM.placement_policy.host.id) != str(HOST.id):
-            self.conn.set_VM_Host(vmname, vmhost)
-        else:
-            setMsg("VM's startup host was already set to " + vmhost)
-        checkFail()
-
-        if str(VM.status.state) == "up":
-            self.conn.migrate_VM(vmname, vmhost)
-        checkFail()
-
-        return True
-
     def setHost(self, hostname, cluster, ifaces):
         self.__get_conn()
         return self.conn.set_Host(hostname, cluster, ifaces)

plugins/modules/cloud/misc/terraform.py

@@ -8,7 +8,7 @@ from __future__ import absolute_import, division, print_function
 __metaclass__ = type
 
 
-DOCUMENTATION = '''
+DOCUMENTATION = r'''
 ---
 module: terraform
 short_description: Manages a Terraform deployment (and plans)
@@ -177,24 +177,31 @@ command:
 import os
 import json
 import tempfile
+from distutils.version import LooseVersion
 from ansible.module_utils.six.moves import shlex_quote
 
 from ansible.module_utils.basic import AnsibleModule
 
-DESTROY_ARGS = ('destroy', '-no-color', '-force')
-APPLY_ARGS = ('apply', '-no-color', '-input=false', '-auto-approve=true')
 module = None
 
 
-def preflight_validation(bin_path, project_path, variables_args=None, plan_file=None):
+def get_version(bin_path):
+    extract_version = module.run_command([bin_path, 'version', '-json'])
+    terraform_version = (json.loads(extract_version[1]))['terraform_version']
+    return terraform_version
+
+
+def preflight_validation(bin_path, project_path, version, variables_args=None, plan_file=None):
     if project_path in [None, ''] or '/' not in project_path:
         module.fail_json(msg="Path for Terraform project can not be None or ''.")
     if not os.path.exists(bin_path):
         module.fail_json(msg="Path for Terraform binary '{0}' doesn't exist on this host - check the path and try again please.".format(bin_path))
     if not os.path.isdir(project_path):
         module.fail_json(msg="Path for Terraform project '{0}' doesn't exist on this host - check the path and try again please.".format(project_path))
-
-    rc, out, err = module.run_command([bin_path, 'validate'] + variables_args, check_rc=True, cwd=project_path, use_unsafe_shell=True)
+    if LooseVersion(version) < LooseVersion('0.15.0'):
+        rc, out, err = module.run_command([bin_path, 'validate'] + variables_args, check_rc=True, cwd=project_path)
+    else:
+        rc, out, err = module.run_command([bin_path, 'validate'], check_rc=True, cwd=project_path)
 
 
 def _state_args(state_file):
@@ -267,7 +274,7 @@ def build_plan(command, project_path, variables_args, state_file, targets, state
 
     plan_command.extend(_state_args(state_file))
 
-    rc, out, err = module.run_command(plan_command + variables_args, cwd=project_path, use_unsafe_shell=True)
+    rc, out, err = module.run_command(plan_command + variables_args, cwd=project_path)
 
     if rc == 0:
         # no changes
@@ -326,6 +333,15 @@ def main():
     else:
         command = [module.get_bin_path('terraform', required=True)]
 
+    checked_version = get_version(command[0])
+
+    if LooseVersion(checked_version) < LooseVersion('0.15.0'):
+        DESTROY_ARGS = ('destroy', '-no-color', '-force')
+        APPLY_ARGS = ('apply', '-no-color', '-input=false', '-auto-approve=true')
+    else:
+        DESTROY_ARGS = ('destroy', '-no-color', '-auto-approve')
+        APPLY_ARGS = ('apply', '-no-color', '-input=false', '-auto-approve')
+
     if force_init:
         init_plugins(command[0], project_path, backend_config, backend_config_files, init_reconfigure)
 
@@ -351,7 +367,7 @@ def main():
         for f in variables_files:
             variables_args.extend(['-var-file', f])
 
-    preflight_validation(command[0], project_path, variables_args)
+    preflight_validation(command[0], project_path, checked_version, variables_args)
 
     if module.params.get('lock') is not None:
         if module.params.get('lock'):

plugins/modules/cloud/oneandone/oneandone_firewall_policy.py

@@ -57,27 +57,32 @@ options:
         Each rule must contain protocol parameter, in addition to three optional parameters
         (port_from, port_to, and source)
     type: list
+    elements: dict
   add_server_ips:
     description:
       - A list of server identifiers (id or name) to be assigned to a firewall policy.
         Used in combination with update state.
     type: list
+    elements: str
     required: false
   remove_server_ips:
     description:
       - A list of server IP ids to be unassigned from a firewall policy. Used in combination with update state.
     type: list
+    elements: str
     required: false
   add_rules:
     description:
       - A list of rules that will be added to an existing firewall policy.
         It is syntax is the same as the one used for rules parameter. Used in combination with update state.
     type: list
+    elements: dict
     required: false
   remove_rules:
     description:
       - A list of rule ids that will be removed from an existing firewall policy. Used in combination with update state.
     type: list
+    elements: str
     required: false
   description:
     description:
@@ -508,11 +513,11 @@ def main():
             name=dict(type='str'),
             firewall_policy=dict(type='str'),
             description=dict(type='str'),
-            rules=dict(type='list', default=[]),
-            add_server_ips=dict(type='list', default=[]),
-            remove_server_ips=dict(type='list', default=[]),
-            add_rules=dict(type='list', default=[]),
-            remove_rules=dict(type='list', default=[]),
+            rules=dict(type='list', elements="dict", default=[]),
+            add_server_ips=dict(type='list', elements="str", default=[]),
+            remove_server_ips=dict(type='list', elements="str", default=[]),
+            add_rules=dict(type='list', elements="dict", default=[]),
+            remove_rules=dict(type='list', elements="str", default=[]),
             wait=dict(type='bool', default=True),
             wait_timeout=dict(type='int', default=600),
             wait_interval=dict(type='int', default=5),

plugins/modules/cloud/oneandone/oneandone_load_balancer.py

@@ -95,6 +95,7 @@ options:
       - A list of rule objects that will be set for the load balancer. Each rule must contain protocol,
         port_balancer, and port_server parameters, in addition to source parameter, which is optional.
     type: list
+    elements: dict
   description:
     description:
       - Description of the load balancer. maxLength=256
@@ -105,22 +106,26 @@ options:
       - A list of server identifiers (id or name) to be assigned to a load balancer.
         Used in combination with update state.
     type: list
+    elements: str
     required: false
   remove_server_ips:
     description:
       - A list of server IP ids to be unassigned from a load balancer. Used in combination with update state.
     type: list
+    elements: str
     required: false
   add_rules:
     description:
       - A list of rules that will be added to an existing load balancer.
         It is syntax is the same as the one used for rules parameter. Used in combination with update state.
     type: list
+    elements: dict
     required: false
   remove_rules:
     description:
       - A list of rule ids that will be removed from an existing load balancer. Used in combination with update state.
     type: list
+    elements: str
     required: false
   wait:
     description:
@@ -613,11 +618,11 @@ def main():
                 choices=METHODS),
             datacenter=dict(
                 choices=DATACENTERS),
-            rules=dict(type='list', default=[]),
-            add_server_ips=dict(type='list', default=[]),
-            remove_server_ips=dict(type='list', default=[]),
-            add_rules=dict(type='list', default=[]),
-            remove_rules=dict(type='list', default=[]),
+            rules=dict(type='list', elements="dict", default=[]),
+            add_server_ips=dict(type='list', elements="str", default=[]),
+            remove_server_ips=dict(type='list', elements="str", default=[]),
+            add_rules=dict(type='list', elements="dict", default=[]),
+            remove_rules=dict(type='list', elements="str", default=[]),
             wait=dict(type='bool', default=True),
             wait_timeout=dict(type='int', default=600),
             wait_interval=dict(type='int', default=5),

plugins/modules/cloud/oneandone/oneandone_monitoring_policy.py

@@ -71,6 +71,7 @@ options:
         warning alerts, critical is used to set critical alerts. alert enables alert,
         and value is used to advise when the value is exceeded.
     type: list
+    elements: dict
     suboptions:
       cpu:
         description:
@@ -96,6 +97,7 @@ options:
     description:
       - Array of ports that will be monitoring.
     type: list
+    elements: dict
     suboptions:
       protocol:
         description:
@@ -119,6 +121,7 @@ options:
     description:
       - Array of processes that will be monitoring.
     type: list
+    elements: dict
     suboptions:
       process:
         description:
@@ -133,41 +136,49 @@ options:
     description:
       - Ports to add to the monitoring policy.
     type: list
+    elements: dict
     required: false
   add_processes:
     description:
       - Processes to add to the monitoring policy.
     type: list
+    elements: dict
     required: false
   add_servers:
     description:
       - Servers to add to the monitoring policy.
     type: list
+    elements: str
     required: false
   remove_ports:
     description:
       - Ports to remove from the monitoring policy.
     type: list
+    elements: str
     required: false
   remove_processes:
     description:
       - Processes to remove from the monitoring policy.
     type: list
+    elements: str
     required: false
   remove_servers:
     description:
       - Servers to remove from the monitoring policy.
     type: list
+    elements: str
     required: false
   update_ports:
     description:
       - Ports to be updated on the monitoring policy.
     type: list
+    elements: dict
     required: false
   update_processes:
     description:
       - Processes to be updated on the monitoring policy.
     type: list
+    elements: dict
     required: false
   wait:
     description:
@@ -197,7 +208,7 @@ author:
 
 EXAMPLES = '''
 - name: Create a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     name: ansible monitoring policy
     description: Testing creation of a monitoring policy with ansible
@@ -258,13 +269,13 @@ EXAMPLES = '''
     wait: true
 
 - name: Destroy a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     state: absent
     name: ansible monitoring policy
 
 - name: Update a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy
     name: ansible monitoring policy updated
@@ -315,7 +326,7 @@ EXAMPLES = '''
     state: update
 
 - name: Add a port to a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     add_ports:
@@ -328,7 +339,7 @@ EXAMPLES = '''
     state: update
 
 - name: Update existing ports of a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     update_ports:
@@ -348,7 +359,7 @@ EXAMPLES = '''
     state: update
 
 - name: Remove a port from a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     remove_ports:
@@ -356,7 +367,7 @@ EXAMPLES = '''
     state: update
 
 - name: Add a process to a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     add_processes:
@@ -368,7 +379,7 @@ EXAMPLES = '''
     state: update
 
 - name: Update existing processes of a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     update_processes:
@@ -386,7 +397,7 @@ EXAMPLES = '''
     state: update
 
 - name: Remove a process from a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     remove_processes:
@@ -395,7 +406,7 @@ EXAMPLES = '''
     state: update
 
 - name: Add server to a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     add_servers:
@@ -404,7 +415,7 @@ EXAMPLES = '''
     state: update
 
 - name: Remove server from a monitoring policy
-  oneandone_moitoring_policy:
+  community.general.oneandone_monitoring_policy:
     auth_token: oneandone_private_api_key
     monitoring_policy: ansible monitoring policy updated
     remove_servers:
@@ -957,17 +968,17 @@ def main():
             agent=dict(type='str'),
             email=dict(type='str'),
             description=dict(type='str'),
-            thresholds=dict(type='list', default=[]),
-            ports=dict(type='list', default=[]),
-            processes=dict(type='list', default=[]),
-            add_ports=dict(type='list', default=[]),
-            update_ports=dict(type='list', default=[]),
-            remove_ports=dict(type='list', default=[]),
-            add_processes=dict(type='list', default=[]),
-            update_processes=dict(type='list', default=[]),
-            remove_processes=dict(type='list', default=[]),
-            add_servers=dict(type='list', default=[]),
-            remove_servers=dict(type='list', default=[]),
+            thresholds=dict(type='list', elements="dict", default=[]),
+            ports=dict(type='list', elements="dict", default=[]),
+            processes=dict(type='list', elements="dict", default=[]),
+            add_ports=dict(type='list', elements="dict", default=[]),
+            update_ports=dict(type='list', elements="dict", default=[]),
+            remove_ports=dict(type='list', elements="str", default=[]),
+            add_processes=dict(type='list', elements="dict", default=[]),
+            update_processes=dict(type='list', elements="dict", default=[]),
+            remove_processes=dict(type='list', elements="str", default=[]),
+            add_servers=dict(type='list', elements="str", default=[]),
+            remove_servers=dict(type='list', elements="str", default=[]),
             wait=dict(type='bool', default=True),
             wait_timeout=dict(type='int', default=600),
             wait_interval=dict(type='int', default=5),

plugins/modules/cloud/oneandone/oneandone_private_network.py

@@ -71,10 +71,12 @@ options:
     description:
       - List of server identifiers (name or id) to be added to the private network.
     type: list
+    elements: str
   remove_members:
     description:
       - List of server identifiers (name or id) to be removed from the private network.
     type: list
+    elements: str
   wait:
     description:
       - wait for the instance to be in state 'running' before returning
@@ -394,8 +396,8 @@ def main():
             description=dict(type='str'),
             network_address=dict(type='str'),
             subnet_mask=dict(type='str'),
-            add_members=dict(type='list', default=[]),
-            remove_members=dict(type='list', default=[]),
+            add_members=dict(type='list', elements="str", default=[]),
+            remove_members=dict(type='list', elements="str", default=[]),
             datacenter=dict(
                 choices=DATACENTERS),
             wait=dict(type='bool', default=True),

plugins/modules/cloud/oneandone/oneandone_server.py

@@ -87,6 +87,7 @@ options:
       - A list of hard disks with nested "size" and "is_main" properties.
         It must be provided with vcore, cores_per_processor, and ram parameters.
     type: list
+    elements: dict
   private_network:
     description:
       - The private network name or ID.
@@ -627,9 +628,9 @@ def main():
             vcore=dict(type='int'),
             cores_per_processor=dict(type='int'),
             ram=dict(type='float'),
-            hdds=dict(type='list'),
+            hdds=dict(type='list', elements='dict'),
             count=dict(type='int', default=1),
-            ssh_key=dict(type='raw'),
+            ssh_key=dict(type='raw', no_log=False),
             auto_increment=dict(type='bool', default=True),
             server=dict(type='str'),
             datacenter=dict(

plugins/modules/cloud/ovh/ovh_ip_failover.py

@@ -162,7 +162,6 @@ def waitForTaskDone(client, name, taskId, timeout):
         currentTimeout -= 5
         if currentTimeout < 0:
             return False
-    return True
 
 
 def main():

plugins/modules/cloud/packet/packet_sshkey.py

@@ -17,27 +17,35 @@ author: "Tomas Karasek (@t0mk) <tom.to.the.k@gmail.com>"
 options:
   state:
     description:
-     - Indicate desired state of the target.
+    - Indicate desired state of the target.
     default: present
     choices: ['present', 'absent']
+    type: str
   auth_token:
     description:
-     - Packet API token. You can also supply it in env var C(PACKET_API_TOKEN).
+    - Packet API token. You can also supply it in env var C(PACKET_API_TOKEN).
+    type: str
   label:
-     description:
-     - Label for the key. If you keep it empty, it will be read from key string.
+    description:
+    - Label for the key. If you keep it empty, it will be read from key string.
+    type: str
+    aliases: [name]
   id:
     description:
-     - UUID of the key which you want to remove.
+    - UUID of the key which you want to remove.
+    type: str
   fingerprint:
     description:
-     - Fingerprint of the key which you want to remove.
+    - Fingerprint of the key which you want to remove.
+    type: str
   key:
     description:
-     - Public Key string ({type} {base64 encoded key} {description}).
+    - Public Key string ({type} {base64 encoded key} {description}).
+    type: str
   key_file:
     description:
-     - File with the public key.
+    - File with the public key.
+    type: path
 
 requirements:
   - "python >= 2.6"

plugins/modules/cloud/profitbricks/profitbricks.py

@@ -35,6 +35,7 @@ options:
     description:
       - Public SSH keys allowing access to the virtual machine.
     type: list
+    elements: str
   datacenter:
     description:
       - The datacenter to provision this virtual machine.
@@ -70,6 +71,7 @@ options:
     description:
       - list of instance ids, currently only used when state='absent' to remove instances.
     type: list
+    elements: str
   count:
     description:
       - The number of virtual machines to create.
@@ -581,12 +583,12 @@ def main():
             volume_size=dict(type='int', default=10),
             disk_type=dict(choices=['HDD', 'SSD'], default='HDD'),
             image_password=dict(default=None, no_log=True),
-            ssh_keys=dict(type='list', default=[]),
+            ssh_keys=dict(type='list', elements='str', default=[], no_log=False),
             bus=dict(choices=['VIRTIO', 'IDE'], default='VIRTIO'),
             lan=dict(type='int', default=1),
             count=dict(type='int', default=1),
             auto_increment=dict(type='bool', default=True),
-            instance_ids=dict(type='list', default=[]),
+            instance_ids=dict(type='list', elements='str', default=[]),
             subscription_user=dict(),
             subscription_password=dict(no_log=True),
             location=dict(choices=LOCATIONS, default='us/las'),

plugins/modules/cloud/profitbricks/profitbricks_volume.py

@@ -47,6 +47,7 @@ options:
     description:
       - Public SSH keys allowing access to the virtual machine.
     type: list
+    elements: str
     required: false
   disk_type:
     description:
@@ -77,6 +78,7 @@ options:
     description:
       - list of instance ids, currently only used when state='absent' to remove instances.
     type: list
+    elements: str
     required: false
   subscription_user:
     description:
@@ -106,6 +108,10 @@ options:
     type: str
     required: false
     default: 'present'
+  server:
+    description:
+      - Server name to attach the volume to.
+    type: str
 
 requirements: [ "profitbricks" ]
 author: Matt Baldwin (@baldwinSPC) <baldwin@stackpointcloud.com>
@@ -369,13 +375,13 @@ def main():
             size=dict(type='int', default=10),
             bus=dict(choices=['VIRTIO', 'IDE'], default='VIRTIO'),
             image=dict(),
-            image_password=dict(default=None, no_log=True),
-            ssh_keys=dict(type='list', default=[]),
+            image_password=dict(no_log=True),
+            ssh_keys=dict(type='list', elements='str', default=[], no_log=False),
             disk_type=dict(choices=['HDD', 'SSD'], default='HDD'),
             licence_type=dict(default='UNKNOWN'),
             count=dict(type='int', default=1),
             auto_increment=dict(type='bool', default=True),
-            instance_ids=dict(type='list', default=[]),
+            instance_ids=dict(type='list', elements='str', default=[]),
             subscription_user=dict(),
             subscription_password=dict(no_log=True),
             wait=dict(type='bool', default=True),

plugins/modules/cloud/pubnub/pubnub_blocks.py

@@ -549,7 +549,7 @@ def main():
         password=dict(default='', required=False, type='str', no_log=True),
         account=dict(default='', required=False, type='str'),
         application=dict(required=True, type='str'),
-        keyset=dict(required=True, type='str'),
+        keyset=dict(required=True, type='str', no_log=False),
         state=dict(default='present', type='str',
                    choices=['started', 'stopped', 'present', 'absent']),
         name=dict(required=True, type='str'), description=dict(type='str'),

plugins/modules/cloud/smartos/nictagadm.py

@@ -119,20 +119,13 @@ class NicTag(object):
         return is_mac(self.mac.lower())
 
     def nictag_exists(self):
-        cmd = [self.nictagadm_bin]
-
-        cmd.append('exists')
-        cmd.append(self.name)
-
+        cmd = [self.nictagadm_bin, 'exists', self.name]
         (rc, dummy, dummy) = self.module.run_command(cmd)
 
         return rc == 0
 
     def add_nictag(self):
-        cmd = [self.nictagadm_bin]
-
-        cmd.append('-v')
-        cmd.append('add')
+        cmd = [self.nictagadm_bin, '-v', 'add']
 
         if self.etherstub:
             cmd.append('-l')
@@ -150,10 +143,7 @@ class NicTag(object):
         return self.module.run_command(cmd)
 
     def delete_nictag(self):
-        cmd = [self.nictagadm_bin]
-
-        cmd.append('-v')
-        cmd.append('delete')
+        cmd = [self.nictagadm_bin, '-v', 'delete']
 
         if self.force:
             cmd.append('-f')

plugins/modules/cloud/smartos/smartos_image_info.py

@@ -71,10 +71,7 @@ class ImageFacts(object):
         self.filters = module.params['filters']
 
     def return_all_installed_images(self):
-        cmd = [self.module.get_bin_path('imgadm')]
-
-        cmd.append('list')
-        cmd.append('-j')
+        cmd = [self.module.get_bin_path('imgadm'), 'list', '-j']
 
         if self.filters:
             cmd.append(self.filters)

plugins/modules/cloud/smartos/vmadm.py

@@ -233,7 +233,7 @@ options:
     description:
       - List of resolvers to be put into C(/etc/resolv.conf).
     type: list
-    elements: dict
+    elements: str
   routes:
     required: false
     description:
@@ -702,7 +702,7 @@ def main():
         vnc_password=dict(type='str', no_log=True),
         disks=dict(type='list', elements='dict'),
         nics=dict(type='list', elements='dict'),
-        resolvers=dict(type='list', elements='dict'),
+        resolvers=dict(type='list', elements='str'),
         filesystems=dict(type='list', elements='dict'),
     )
 

plugins/modules/cloud/softlayer/sl_vm.py

@@ -404,7 +404,7 @@ def main():
             nic_speed=dict(type='int', choices=NIC_SPEEDS),
             public_vlan=dict(type='str'),
             private_vlan=dict(type='str'),
-            ssh_keys=dict(type='list', elements='str', default=[]),
+            ssh_keys=dict(type='list', elements='str', default=[], no_log=False),
             post_uri=dict(type='str'),
             state=dict(type='str', default='present', choices=STATES),
             wait=dict(type='bool', default=True),

plugins/modules/cloud/spotinst/spotinst_aws_elastigroup.py

@@ -1448,7 +1448,7 @@ def main():
         iam_role_arn=dict(type='str'),
         iam_role_name=dict(type='str'),
         image_id=dict(type='str', required=True),
-        key_pair=dict(type='str'),
+        key_pair=dict(type='str', no_log=False),
         kubernetes=dict(type='dict'),
         lifetime_period=dict(type='int'),
         load_balancers=dict(type='list'),

plugins/modules/cloud/webfaction/webfaction_app.py

@@ -35,17 +35,20 @@ options:
         description:
             - The name of the application
         required: true
+        type: str
 
     state:
         description:
             - Whether the application should exist
         choices: ['present', 'absent']
         default: "present"
+        type: str
 
     type:
         description:
             - The type of application to create. See the Webfaction docs at U(https://docs.webfaction.com/xmlrpc-api/apps.html) for a list.
         required: true
+        type: str
 
     autostart:
         description:
@@ -57,6 +60,7 @@ options:
         description:
             - Any extra parameters required by the app
         default: ''
+        type: str
 
     port_open:
         description:
@@ -68,15 +72,18 @@ options:
         description:
             - The webfaction account to use
         required: true
+        type: str
 
     login_password:
         description:
             - The webfaction password to use
         required: true
+        type: str
 
     machine:
         description:
             - The machine name to use (optional for accounts with only one machine)
+        type: str
 
 '''
 

plugins/modules/cloud/webfaction/webfaction_db.py

@@ -32,36 +32,43 @@ options:
         description:
             - The name of the database
         required: true
+        type: str
 
     state:
         description:
             - Whether the database should exist
         choices: ['present', 'absent']
         default: "present"
+        type: str
 
     type:
         description:
             - The type of database to create.
         required: true
         choices: ['mysql', 'postgresql']
+        type: str
 
     password:
         description:
             - The password for the new database user.
+        type: str
 
     login_name:
         description:
             - The webfaction account to use
         required: true
+        type: str
 
     login_password:
         description:
             - The webfaction password to use
         required: true
+        type: str
 
     machine:
         description:
             - The machine name to use (optional for accounts with only one machine)
+        type: str
 '''
 
 EXAMPLES = '''

plugins/modules/cloud/webfaction/webfaction_domain.py

@@ -32,27 +32,33 @@ options:
         description:
             - The name of the domain
         required: true
+        type: str
 
     state:
         description:
             - Whether the domain should exist
         choices: ['present', 'absent']
         default: "present"
+        type: str
 
     subdomains:
         description:
             - Any subdomains to create.
         default: []
+        type: list
+        elements: str
 
     login_name:
         description:
             - The webfaction account to use
         required: true
+        type: str
 
     login_password:
         description:
             - The webfaction password to use
         required: true
+        type: str
 '''
 
 EXAMPLES = '''
@@ -87,8 +93,8 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             name=dict(required=True),
-            state=dict(required=False, choices=['present', 'absent'], default='present'),
-            subdomains=dict(required=False, default=[], type='list'),
+            state=dict(choices=['present', 'absent'], default='present'),
+            subdomains=dict(default=[], type='list', elements='str'),
             login_name=dict(required=True),
             login_password=dict(required=True, no_log=True),
         ),

plugins/modules/cloud/webfaction/webfaction_mailbox.py

@@ -29,27 +29,32 @@ options:
         description:
             - The name of the mailbox
         required: true
+        type: str
 
     mailbox_password:
         description:
             - The password for the mailbox
         required: true
+        type: str
 
     state:
         description:
             - Whether the mailbox should exist
         choices: ['present', 'absent']
         default: "present"
+        type: str
 
     login_name:
         description:
             - The webfaction account to use
         required: true
+        type: str
 
     login_password:
         description:
             - The webfaction password to use
         required: true
+        type: str
 '''
 
 EXAMPLES = '''

plugins/modules/cloud/webfaction/webfaction_site.py

@@ -33,17 +33,20 @@ options:
         description:
             - The name of the website
         required: true
+        type: str
 
     state:
         description:
             - Whether the website should exist
         choices: ['present', 'absent']
         default: "present"
+        type: str
 
     host:
         description:
             - The webfaction host on which the site should be created.
         required: true
+        type: str
 
     https:
         description:
@@ -55,21 +58,27 @@ options:
         description:
             - A mapping of URLs to apps
         default: []
+        type: list
+        elements: list
 
     subdomains:
         description:
             - A list of subdomains associated with this site.
         default: []
+        type: list
+        elements: str
 
     login_name:
         description:
             - The webfaction account to use
         required: true
+        type: str
 
     login_password:
         description:
             - The webfaction password to use
         required: true
+        type: str
 '''
 
 EXAMPLES = '''
@@ -101,12 +110,12 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             name=dict(required=True),
-            state=dict(required=False, choices=['present', 'absent'], default='present'),
+            state=dict(choices=['present', 'absent'], default='present'),
             # You can specify an IP address or hostname.
             host=dict(required=True),
             https=dict(required=False, type='bool', default=False),
-            subdomains=dict(required=False, type='list', default=[]),
-            site_apps=dict(required=False, type='list', default=[]),
+            subdomains=dict(type='list', elements='str', default=[]),
+            site_apps=dict(type='list', elements='list', default=[]),
             login_name=dict(required=True),
             login_password=dict(required=True, no_log=True),
         ),

plugins/modules/cloud/xenserver/xenserver_guest.py

@@ -1839,7 +1839,7 @@ def main():
             type='list',
             elements='dict',
             options=dict(
-                key=dict(type='str', required=True),
+                key=dict(type='str', required=True, no_log=False),
                 value=dict(type='raw', required=True),
             ),
         ),

plugins/modules/clustering/consul/consul.py

@@ -33,6 +33,7 @@ requirements:
 author: "Steve Gargan (@sgargan)"
 options:
     state:
+        type: str
         description:
           - register or deregister the consul service, defaults to present
         default: present
@@ -86,6 +87,7 @@ options:
             documentation for further details.
     tags:
         type: list
+        elements: str
         description:
           - tags that will be attached to the service registration.
     script:
@@ -345,7 +347,7 @@ def remove_service(module, service_id):
     module.exit_json(changed=False, id=service_id)
 
 
-def get_consul_api(module, token=None):
+def get_consul_api(module):
     consulClient = consul.Consul(host=module.params.get('host'),
                                  port=module.params.get('port'),
                                  scheme=module.params.get('scheme'),
@@ -398,7 +400,7 @@ def parse_service(module):
         module.fail_json(msg="service_name is required to configure a service.")
 
 
-class ConsulService():
+class ConsulService(object):
 
     def __init__(self, service_id=None, name=None, address=None, port=-1,
                  tags=None, loaded=None):
@@ -564,26 +566,26 @@ def main():
         argument_spec=dict(
             host=dict(default='localhost'),
             port=dict(default=8500, type='int'),
-            scheme=dict(required=False, default='http'),
-            validate_certs=dict(required=False, default=True, type='bool'),
-            check_id=dict(required=False),
-            check_name=dict(required=False),
-            check_node=dict(required=False),
-            check_host=dict(required=False),
-            notes=dict(required=False),
-            script=dict(required=False),
-            service_id=dict(required=False),
-            service_name=dict(required=False),
-            service_address=dict(required=False, type='str', default=None),
-            service_port=dict(required=False, type='int', default=None),
+            scheme=dict(default='http'),
+            validate_certs=dict(default=True, type='bool'),
+            check_id=dict(),
+            check_name=dict(),
+            check_node=dict(),
+            check_host=dict(),
+            notes=dict(),
+            script=dict(),
+            service_id=dict(),
+            service_name=dict(),
+            service_address=dict(type='str'),
+            service_port=dict(type='int'),
             state=dict(default='present', choices=['present', 'absent']),
-            interval=dict(required=False, type='str'),
-            ttl=dict(required=False, type='str'),
-            tcp=dict(required=False, type='str'),
-            http=dict(required=False, type='str'),
-            timeout=dict(required=False, type='str'),
-            tags=dict(required=False, type='list'),
-            token=dict(required=False, no_log=True)
+            interval=dict(type='str'),
+            ttl=dict(type='str'),
+            tcp=dict(type='str'),
+            http=dict(type='str'),
+            timeout=dict(type='str'),
+            tags=dict(type='list', elements='str'),
+            token=dict(no_log=True)
         ),
         supports_check_mode=False,
     )

plugins/modules/clustering/consul/consul_acl.py

@@ -22,29 +22,35 @@ options:
     description:
       - a management token is required to manipulate the acl lists
     required: true
+    type: str
   state:
     description:
       - whether the ACL pair should be present or absent
     required: false
     choices: ['present', 'absent']
     default: present
+    type: str
   token_type:
     description:
       - the type of token that should be created
     choices: ['client', 'management']
     default: client
+    type: str
   name:
     description:
       - the name that should be associated with the acl key, this is opaque
         to Consul
     required: false
+    type: str
   token:
     description:
       - the token key identifying an ACL rule set. If generated by consul
         this will be a UUID
     required: false
+    type: str
   rules:
     type: list
+    elements: dict
     description:
       - rules that should be associated with a given token
     required: false
@@ -53,6 +59,7 @@ options:
       - host of the consul agent defaults to localhost
     required: false
     default: localhost
+    type: str
   port:
     type: int
     description:
@@ -64,6 +71,7 @@ options:
       - the protocol scheme on which the consul agent is running
     required: false
     default: http
+    type: str
   validate_certs:
     type: bool
     description:
@@ -215,14 +223,14 @@ _POLICY_HCL_PROPERTY = "policy"
 _ARGUMENT_SPEC = {
     MANAGEMENT_PARAMETER_NAME: dict(required=True, no_log=True),
     HOST_PARAMETER_NAME: dict(default='localhost'),
-    SCHEME_PARAMETER_NAME: dict(required=False, default='http'),
-    VALIDATE_CERTS_PARAMETER_NAME: dict(required=False, type='bool', default=True),
-    NAME_PARAMETER_NAME: dict(required=False),
+    SCHEME_PARAMETER_NAME: dict(default='http'),
+    VALIDATE_CERTS_PARAMETER_NAME: dict(type='bool', default=True),
+    NAME_PARAMETER_NAME: dict(),
     PORT_PARAMETER_NAME: dict(default=8500, type='int'),
-    RULES_PARAMETER_NAME: dict(default=None, required=False, type='list'),
+    RULES_PARAMETER_NAME: dict(type='list', elements='dict'),
     STATE_PARAMETER_NAME: dict(default=PRESENT_STATE_VALUE, choices=[PRESENT_STATE_VALUE, ABSENT_STATE_VALUE]),
-    TOKEN_PARAMETER_NAME: dict(required=False),
-    TOKEN_TYPE_PARAMETER_NAME: dict(required=False, choices=[CLIENT_TOKEN_TYPE_VALUE, MANAGEMENT_TOKEN_TYPE_VALUE],
+    TOKEN_PARAMETER_NAME: dict(no_log=False),
+    TOKEN_TYPE_PARAMETER_NAME: dict(choices=[CLIENT_TOKEN_TYPE_VALUE, MANAGEMENT_TOKEN_TYPE_VALUE],
                                     default=CLIENT_TOKEN_TYPE_VALUE)
 }
 

plugins/modules/clustering/consul/consul_kv.py

@@ -37,6 +37,7 @@ options:
             'release' respectively. a valid session must be supplied to make the
             attempt changed will be true if the attempt is successful, false
             otherwise.
+        type: str
         choices: [ absent, acquire, present, release ]
         default: present
     key:
@@ -296,7 +297,7 @@ def main():
         argument_spec=dict(
             cas=dict(type='str'),
             flags=dict(type='str'),
-            key=dict(type='str', required=True),
+            key=dict(type='str', required=True, no_log=False),
             host=dict(type='str', default='localhost'),
             scheme=dict(type='str', default='http'),
             validate_certs=dict(type='bool', default=True),

plugins/modules/clustering/consul/consul_session.py

@@ -67,6 +67,7 @@ options:
             associated with the session will be release and can be acquired once
             the associated lock delay has expired.
         type: list
+        elements: str
     host:
         description:
           - The host of the consul agent defaults to localhost.
@@ -237,7 +238,7 @@ def test_dependencies(module):
 
 def main():
     argument_spec = dict(
-        checks=dict(type='list'),
+        checks=dict(type='list', elements='str'),
         delay=dict(type='int', default='15'),
         behavior=dict(type='str', default='release', choices=['release', 'delete']),
         host=dict(type='str', default='localhost'),

plugins/modules/clustering/etcd3.py

@@ -18,47 +18,58 @@ description:
    - Needs python etcd3 lib to work
 options:
     key:
+        type: str
         description:
             - the key where the information is stored in the cluster
         required: true
     value:
+        type: str
         description:
             - the information stored
         required: true
     host:
+        type: str
         description:
             - the IP address of the cluster
         default: 'localhost'
     port:
+        type: int
         description:
             - the port number used to connect to the cluster
         default: 2379
     state:
+        type: str
         description:
             - the state of the value for the key.
             - can be present or absent
         required: true
         choices: [ present, absent ]
     user:
+        type: str
         description:
             - The etcd user to authenticate with.
     password:
+        type: str
         description:
             - The password to use for authentication.
             - Required if I(user) is defined.
     ca_cert:
+        type: path
         description:
             - The Certificate Authority to use to verify the etcd host.
             - Required if I(client_cert) and I(client_key) are defined.
     client_cert:
+        type: path
         description:
             - PEM formatted certificate chain file to be used for SSL client authentication.
             - Required if I(client_key) is defined.
     client_key:
+        type: path
         description:
             - PEM formatted file that contains your private key to be used for SSL client authentication.
             - Required if I(client_cert) is defined.
     timeout:
+        type: int
         description:
             - The socket level timeout in seconds.
 author:
@@ -123,7 +134,7 @@ def run_module():
     # define the available arguments/parameters that a user can pass to
     # the module
     module_args = dict(
-        key=dict(type='str', required=True),
+        key=dict(type='str', required=True, no_log=False),
         value=dict(type='str', required=True),
         host=dict(type='str', default='localhost'),
         port=dict(type='int', default=2379),

plugins/modules/clustering/nomad/nomad_job_info.py

@@ -36,13 +36,13 @@ seealso:
 
 EXAMPLES = '''
 - name: Get info for job awx
-  community.general.nomad_job:
+  community.general.nomad_job_info:
     host: localhost
     name: awx
   register: result
 
 - name: List Nomad jobs
-  community.general.nomad_job:
+  community.general.nomad_job_info:
     host: localhost
   register: result
 

plugins/modules/clustering/znode.py

@@ -17,25 +17,31 @@ options:
         description:
             - A list of ZooKeeper servers (format '[server]:[port]').
         required: true
+        type: str
     name:
         description:
             - The path of the znode.
         required: true
+        type: str
     value:
         description:
             - The value assigned to the znode.
+        type: str
     op:
         description:
             - An operation to perform. Mutually exclusive with state.
         choices: [ get, wait, list ]
+        type: str
     state:
         description:
             - The state to enforce. Mutually exclusive with op.
         choices: [ present, absent ]
+        type: str
     timeout:
         description:
             - The amount of time to wait for a node to appear.
         default: 300
+        type: int
     recursive:
         description:
             - Recursively delete node and all its children.
@@ -110,11 +116,11 @@ def main():
         argument_spec=dict(
             hosts=dict(required=True, type='str'),
             name=dict(required=True, type='str'),
-            value=dict(required=False, default=None, type='str'),
-            op=dict(required=False, default=None, choices=['get', 'wait', 'list']),
+            value=dict(type='str'),
+            op=dict(choices=['get', 'wait', 'list']),
             state=dict(choices=['present', 'absent']),
-            timeout=dict(required=False, default=300, type='int'),
-            recursive=dict(required=False, default=False, type='bool')
+            timeout=dict(default=300, type='int'),
+            recursive=dict(default=False, type='bool')
         ),
         supports_check_mode=False
     )

plugins/modules/database/aerospike/aerospike_migrations.py

@@ -190,9 +190,9 @@ def run_module():
         min_cluster_size=dict(type='int', required=False, default=1),
         target_cluster_size=dict(type='int', required=False, default=None),
         fail_on_cluster_change=dict(type='bool', required=False, default=True),
-        migrate_tx_key=dict(type='str', required=False,
+        migrate_tx_key=dict(type='str', required=False, no_log=False,
                             default="migrate_tx_partitions_remaining"),
-        migrate_rx_key=dict(type='str', required=False,
+        migrate_rx_key=dict(type='str', required=False, no_log=False,
                             default="migrate_rx_partitions_remaining")
     )
 

plugins/modules/database/misc/kibana_plugin.py

@@ -164,22 +164,20 @@ def install_plugin(module, plugin_bin, plugin_name, url, timeout, kibana_version
         cmd_args = [plugin_bin, "plugin", PACKAGE_STATE_MAP["present"], plugin_name]
 
         if url:
-            cmd_args.append("--url %s" % url)
+            cmd_args.extend(["--url", url])
 
     if timeout:
-        cmd_args.append("--timeout %s" % timeout)
-
-    cmd = " ".join(cmd_args)
+        cmd_args.extend(["--timeout", timeout])
 
     if module.check_mode:
-        return True, cmd, "check mode", ""
+        return True, " ".join(cmd_args), "check mode", ""
 
-    rc, out, err = module.run_command(cmd)
+    rc, out, err = module.run_command(cmd_args)
     if rc != 0:
         reason = parse_error(out)
         module.fail_json(msg=reason)
 
-    return True, cmd, out, err
+    return True, " ".join(cmd_args), out, err
 
 
 def remove_plugin(module, plugin_bin, plugin_name, kibana_version='4.6'):
@@ -189,23 +187,21 @@ def remove_plugin(module, plugin_bin, plugin_name, kibana_version='4.6'):
     else:
         cmd_args = [plugin_bin, "plugin", PACKAGE_STATE_MAP["absent"], plugin_name]
 
-    cmd = " ".join(cmd_args)
-
     if module.check_mode:
-        return True, cmd, "check mode", ""
+        return True, " ".join(cmd_args), "check mode", ""
 
-    rc, out, err = module.run_command(cmd)
+    rc, out, err = module.run_command(cmd_args)
     if rc != 0:
         reason = parse_error(out)
         module.fail_json(msg=reason)
 
-    return True, cmd, out, err
+    return True, " ".join(cmd_args), out, err
 
 
 def get_kibana_version(module, plugin_bin):
     cmd_args = [plugin_bin, '--version']
-    cmd = " ".join(cmd_args)
-    rc, out, err = module.run_command(cmd)
+
+    rc, out, err = module.run_command(cmd_args)
     if rc != 0:
         module.fail_json(msg="Failed to get Kibana version : %s" % err)
 
@@ -251,7 +247,7 @@ def main():
 
     if state == "present":
         if force:
-            remove_plugin(module, plugin_bin, name)
+            remove_plugin(module, plugin_bin, name, kibana_version)
         changed, cmd, out, err = install_plugin(module, plugin_bin, name, url, timeout, kibana_version)
 
     elif state == "absent":

plugins/modules/files/archive.py

@@ -36,6 +36,7 @@ options:
     description:
       - The file name of the destination archive. The parent directory must exists on the remote host.
       - This is required when C(path) refers to multiple files by either specifying a glob, a directory or multiple paths in a list.
+      - If the destination archive already exists, it will be truncated and overwritten.
     type: path
   exclude_path:
     description:
@@ -44,8 +45,9 @@ options:
     elements: path
   force_archive:
     description:
-      - Allow you to force the module to treat this as an archive even if only a single file is specified.
-      - By default behaviour is maintained. i.e A when a single file is specified it is compressed only (not archived).
+      - Allows you to force the module to treat this as an archive even if only a single file is specified.
+      - By default when a single file is specified it is compressed only (not archived).
+      - Enable this if you want to use M(ansible.builtin.unarchive) on an archive of a single file created with this module.
     type: bool
     default: false
   remove:

plugins/modules/files/read_csv.py

@@ -164,7 +164,7 @@ def main():
         argument_spec=dict(
             path=dict(type='path', required=True, aliases=['filename']),
             dialect=dict(type='str', default='excel'),
-            key=dict(type='str'),
+            key=dict(type='str', no_log=False),
             fieldnames=dict(type='list', elements='str'),
             unique=dict(type='bool', default=True),
             delimiter=dict(type='str'),

plugins/modules/files/xattr.py

@@ -98,9 +98,8 @@ from ansible.module_utils._text import to_native
 
 
 def get_xattr_keys(module, path, follow):
-    cmd = [module.get_bin_path('getfattr', True)]
-    # prevents warning and not sure why it's not default
-    cmd.append('--absolute-names')
+    cmd = [module.get_bin_path('getfattr', True), '--absolute-names']
+
     if not follow:
         cmd.append('-h')
     cmd.append(path)
@@ -109,10 +108,8 @@ def get_xattr_keys(module, path, follow):
 
 
 def get_xattr(module, path, key, follow):
+    cmd = [module.get_bin_path('getfattr', True), '--absolute-names']
 
-    cmd = [module.get_bin_path('getfattr', True)]
-    # prevents warning and not sure why it's not default
-    cmd.append('--absolute-names')
     if not follow:
         cmd.append('-h')
     if key is None:
@@ -172,7 +169,7 @@ def main():
         argument_spec=dict(
             path=dict(type='path', required=True, aliases=['name']),
             namespace=dict(type='str', default='user'),
-            key=dict(type='str'),
+            key=dict(type='str', no_log=False),
             value=dict(type='str'),
             state=dict(type='str', default='read', choices=['absent', 'all', 'keys', 'present', 'read']),
             follow=dict(type='bool', default=True),

plugins/modules/identity/ipa/ipa_service.py

@@ -63,7 +63,7 @@ EXAMPLES = r'''
 - name: Changing Managing hosts list
   community.general.ipa_service:
     name: http/host01.example.com
-    host:
+    hosts:
        - host01.example.com
        - host02.example.com
     ipa_host: ipa.example.com

plugins/modules/identity/ipa/ipa_user.py

@@ -269,16 +269,18 @@ def get_user_diff(client, ipa_user, module_user):
 def get_ssh_key_fingerprint(ssh_key, hash_algo='sha256'):
     """
     Return the public key fingerprint of a given public SSH key
-    in format "[fp] [user@host] (ssh-rsa)" where fp is of the format:
+    in format "[fp] [comment] (ssh-rsa)" where fp is of the format:
     FB:0C:AC:0A:07:94:5B:CE:75:6E:63:32:13:AD:AD:D7
     for md5 or
     SHA256:[base64]
     for sha256
+    Comments are assumed to be all characters past the second
+    whitespace character in the sshpubkey string.
     :param ssh_key:
     :param hash_algo:
     :return:
     """
-    parts = ssh_key.strip().split()
+    parts = ssh_key.strip().split(None, 2)
     if len(parts) == 0:
         return None
     key_type = parts[0]
@@ -293,8 +295,8 @@ def get_ssh_key_fingerprint(ssh_key, hash_algo='sha256'):
     if len(parts) < 3:
         return "%s (%s)" % (key_fp, key_type)
     else:
-        user_host = parts[2]
-        return "%s %s (%s)" % (key_fp, user_host, key_type)
+        comment = parts[2]
+        return "%s %s (%s)" % (key_fp, comment, key_type)
 
 
 def ensure(module, client):

plugins/modules/monitoring/bigpanda.py

@@ -183,7 +183,7 @@ def main():
 
         request_url = url + '/data/events/deployments/start'
     else:
-        message = module.params['message']
+        message = module.params['deployment_message']
         if message is not None:
             body['errorMessage'] = message
 

plugins/modules/monitoring/datadog/datadog_event.py

@@ -56,6 +56,7 @@ options:
         - If not specified, it defaults to the remote system's hostname.
     tags:
         type: list
+        elements: str
         description: ["Comma separated list of tags to apply to the event."]
     alert_type:
         type: str
@@ -114,17 +115,12 @@ def main():
             app_key=dict(required=True, no_log=True),
             title=dict(required=True),
             text=dict(required=True),
-            date_happened=dict(required=False, default=None, type='int'),
-            priority=dict(
-                required=False, default='normal', choices=['normal', 'low']
-            ),
-            host=dict(required=False, default=None),
-            tags=dict(required=False, default=None, type='list'),
-            alert_type=dict(
-                required=False, default='info',
-                choices=['error', 'warning', 'info', 'success']
-            ),
-            aggregation_key=dict(required=False, default=None),
+            date_happened=dict(type='int'),
+            priority=dict(default='normal', choices=['normal', 'low']),
+            host=dict(),
+            tags=dict(type='list', elements='str'),
+            alert_type=dict(default='info', choices=['error', 'warning', 'info', 'success']),
+            aggregation_key=dict(no_log=False),
             validate_certs=dict(default=True, type='bool'),
         )
     )

plugins/modules/monitoring/datadog/datadog_monitor.py

@@ -46,6 +46,7 @@ options:
           - A list of tags to associate with your monitor when creating or updating.
           - This can help you categorize and filter monitors.
         type: list
+        elements: str
     type:
         description:
           - The type of the monitor.
@@ -205,29 +206,29 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             api_key=dict(required=True, no_log=True),
-            api_host=dict(required=False),
+            api_host=dict(),
             app_key=dict(required=True, no_log=True),
             state=dict(required=True, choices=['present', 'absent', 'mute', 'unmute']),
-            type=dict(required=False, choices=['metric alert', 'service check', 'event alert', 'process alert', 'log alert']),
+            type=dict(choices=['metric alert', 'service check', 'event alert', 'process alert', 'log alert']),
             name=dict(required=True),
-            query=dict(required=False),
-            notification_message=dict(required=False, no_log=True, default=None, aliases=['message'],
+            query=dict(),
+            notification_message=dict(no_log=True, aliases=['message'],
                                       deprecated_aliases=[dict(name='message', version='3.0.0',
                                                                collection_name='community.general')]),  # was Ansible 2.14
-            silenced=dict(required=False, default=None, type='dict'),
-            notify_no_data=dict(required=False, default=False, type='bool'),
-            no_data_timeframe=dict(required=False, default=None),
-            timeout_h=dict(required=False, default=None),
-            renotify_interval=dict(required=False, default=None),
-            escalation_message=dict(required=False, default=None),
-            notify_audit=dict(required=False, default=False, type='bool'),
-            thresholds=dict(required=False, type='dict', default=None),
-            tags=dict(required=False, type='list', default=None),
-            locked=dict(required=False, default=False, type='bool'),
-            require_full_window=dict(required=False, default=None, type='bool'),
-            new_host_delay=dict(required=False, default=None),
-            evaluation_delay=dict(required=False, default=None),
-            id=dict(required=False),
+            silenced=dict(type='dict'),
+            notify_no_data=dict(default=False, type='bool'),
+            no_data_timeframe=dict(),
+            timeout_h=dict(),
+            renotify_interval=dict(),
+            escalation_message=dict(),
+            notify_audit=dict(default=False, type='bool'),
+            thresholds=dict(type='dict', default=None),
+            tags=dict(type='list', elements='str', default=None),
+            locked=dict(default=False, type='bool'),
+            require_full_window=dict(type='bool'),
+            new_host_delay=dict(),
+            evaluation_delay=dict(),
+            id=dict(),
             include_tags=dict(required=False, default=True, type='bool'),
         )
     )

plugins/modules/monitoring/icinga2_host.py

@@ -75,6 +75,7 @@ options:
     description:
       - Name used to create / delete the host. This does not need to be the FQDN, but does needs to be unique.
     required: true
+    aliases: [host]
   zone:
     type: str
     description:

plugins/modules/monitoring/pagerduty_alert.py

@@ -205,7 +205,7 @@ def main():
             client=dict(required=False, default=None),
             client_url=dict(required=False, default=None),
             desc=dict(required=False, default='Created via Ansible'),
-            incident_key=dict(required=False, default=None)
+            incident_key=dict(required=False, default=None, no_log=False)
         ),
         supports_check_mode=True
     )

plugins/modules/monitoring/sensu/sensu_check.py

@@ -49,11 +49,13 @@ options:
       - Path to the sensu check to run (not required when I(state=absent))
   handlers:
     type: list
+    elements: str
     description:
       - List of handlers to notify when the check fails
     default: []
   subscribers:
     type: list
+    elements: str
     description:
       - List of subscribers/channels this check should run for
       - See sensu_subscribers to subscribe a machine to a channel
@@ -86,9 +88,9 @@ options:
       - When to enable handling of check failures
   dependencies:
     type: list
+    elements: str
     description:
-      - Other checks this check depends on, if dependencies fail,
-      - handling of this check will be disabled
+      - Other checks this check depends on, if dependencies fail handling of this check will be disabled
     default: []
   metric:
     description:
@@ -327,15 +329,15 @@ def main():
                 'state': {'type': 'str', 'default': 'present', 'choices': ['present', 'absent']},
                 'backup': {'type': 'bool', 'default': 'no'},
                 'command': {'type': 'str'},
-                'handlers': {'type': 'list'},
-                'subscribers': {'type': 'list'},
+                'handlers': {'type': 'list', 'elements': 'str'},
+                'subscribers': {'type': 'list', 'elements': 'str'},
                 'interval': {'type': 'int'},
                 'timeout': {'type': 'int'},
                 'ttl': {'type': 'int'},
                 'handle': {'type': 'bool'},
                 'subdue_begin': {'type': 'str'},
                 'subdue_end': {'type': 'str'},
-                'dependencies': {'type': 'list'},
+                'dependencies': {'type': 'list', 'elements': 'str'},
                 'metric': {'type': 'bool', 'default': 'no'},
                 'standalone': {'type': 'bool'},
                 'publish': {'type': 'bool'},

plugins/modules/monitoring/sensu/sensu_client.py

@@ -33,6 +33,7 @@ options:
       - If not specified it defaults to non-loopback IPv4 address as determined by Ruby Socket.ip_address_list (provided by Sensu).
   subscriptions:
     type: list
+    elements: str
     description:
       - An array of client subscriptions, a list of roles and/or responsibilities assigned to the system (e.g. webserver).
       - These subscriptions determine which monitoring checks are executed by the client, as check requests are sent to subscriptions.
@@ -44,6 +45,7 @@ options:
     default: 'no'
   redact:
     type: list
+    elements: str
     description:
       - Client definition attributes to redact (values) when logging and sending client keepalives.
   socket:
@@ -160,22 +162,22 @@ def main():
     module = AnsibleModule(
         supports_check_mode=True,
         argument_spec=dict(
-            state=dict(type='str', required=False, choices=['present', 'absent'], default='present'),
-            name=dict(type='str', required=False),
-            address=dict(type='str', required=False),
-            subscriptions=dict(type='list', required=False),
-            safe_mode=dict(type='bool', required=False, default=False),
-            redact=dict(type='list', required=False),
-            socket=dict(type='dict', required=False),
-            keepalives=dict(type='bool', required=False, default=True),
-            keepalive=dict(type='dict', required=False),
-            registration=dict(type='dict', required=False),
-            deregister=dict(type='bool', required=False),
-            deregistration=dict(type='dict', required=False),
-            ec2=dict(type='dict', required=False),
-            chef=dict(type='dict', required=False),
-            puppet=dict(type='dict', required=False),
-            servicenow=dict(type='dict', required=False)
+            state=dict(type='str', choices=['present', 'absent'], default='present'),
+            name=dict(type='str', ),
+            address=dict(type='str', ),
+            subscriptions=dict(type='list', elements="str"),
+            safe_mode=dict(type='bool', default=False),
+            redact=dict(type='list', elements="str"),
+            socket=dict(type='dict'),
+            keepalives=dict(type='bool', default=True),
+            keepalive=dict(type='dict'),
+            registration=dict(type='dict'),
+            deregister=dict(type='bool'),
+            deregistration=dict(type='dict'),
+            ec2=dict(type='dict'),
+            chef=dict(type='dict'),
+            puppet=dict(type='dict'),
+            servicenow=dict(type='dict')
         ),
         required_if=[
             ['state', 'present', ['subscriptions']]

plugins/modules/monitoring/sensu/sensu_handler.py

@@ -37,11 +37,13 @@ options:
       - The Sensu event filter (name) to use when filtering events for the handler.
   filters:
     type: list
+    elements: str
     description:
       - An array of Sensu event filters (names) to use when filtering events for the handler.
       - Each array item must be a string.
   severities:
     type: list
+    elements: str
     description:
       - An array of check result severities the handler will handle.
       - 'NOTE: event resolution bypasses this filtering.'
@@ -84,9 +86,9 @@ options:
       - 'NOTE: the pipe attribute is only required for Transport handlers (i.e. handlers configured with "type": "transport").'
   handlers:
     type: list
+    elements: str
     description:
       - An array of Sensu event handlers (names) to use for events using the handler set.
-      - Each array item must be a string.
       - 'NOTE: the handlers attribute is only required for handler sets (i.e. handlers configured with "type": "set").'
 notes:
   - Check mode is supported
@@ -165,20 +167,20 @@ def main():
     module = AnsibleModule(
         supports_check_mode=True,
         argument_spec=dict(
-            state=dict(type='str', required=False, choices=['present', 'absent'], default='present'),
+            state=dict(type='str', choices=['present', 'absent'], default='present'),
             name=dict(type='str', required=True),
-            type=dict(type='str', required=False, choices=['pipe', 'tcp', 'udp', 'transport', 'set']),
-            filter=dict(type='str', required=False),
-            filters=dict(type='list', required=False),
-            severities=dict(type='list', required=False),
-            mutator=dict(type='str', required=False),
-            timeout=dict(type='int', required=False, default=10),
-            handle_silenced=dict(type='bool', required=False, default=False),
-            handle_flapping=dict(type='bool', required=False, default=False),
-            command=dict(type='str', required=False),
-            socket=dict(type='dict', required=False),
-            pipe=dict(type='dict', required=False),
-            handlers=dict(type='list', required=False),
+            type=dict(type='str', choices=['pipe', 'tcp', 'udp', 'transport', 'set']),
+            filter=dict(type='str'),
+            filters=dict(type='list', elements='str'),
+            severities=dict(type='list', elements='str'),
+            mutator=dict(type='str'),
+            timeout=dict(type='int', default=10),
+            handle_silenced=dict(type='bool', default=False),
+            handle_flapping=dict(type='bool', default=False),
+            command=dict(type='str'),
+            socket=dict(type='dict'),
+            pipe=dict(type='dict'),
+            handlers=dict(type='list', elements='str'),
         ),
         required_if=[
             ['state', 'present', ['type']],

plugins/modules/net_tools/cloudflare_dns.py

@@ -794,7 +794,7 @@ def main():
             algorithm=dict(type='int'),
             cert_usage=dict(type='int', choices=[0, 1, 2, 3]),
             hash_type=dict(type='int', choices=[1, 2]),
-            key_tag=dict(type='int'),
+            key_tag=dict(type='int', no_log=False),
             port=dict(type='int'),
             priority=dict(type='int', default=1),
             proto=dict(type='str'),

plugins/modules/net_tools/haproxy.py

@@ -367,10 +367,9 @@ class HAProxy(object):
             # We can assume there will only be 1 element in state because both svname and pxname are always set when we get here
             # When using track we get a status like this: MAINT (via pxname/svname) so we need to do substring matching
             if status in state[0]['status']:
-                if not self._drain or (state[0]['scur'] == '0' and 'MAINT' in state):
+                if not self._drain or state[0]['scur'] == '0':
                     return True
-            else:
-                time.sleep(self.wait_interval)
+            time.sleep(self.wait_interval)
 
         self.module.fail_json(msg="server %s/%s not status '%s' after %d retries. Aborting." %
                               (pxname, svname, status, self.wait_retries))
@@ -409,15 +408,17 @@ class HAProxy(object):
     def drain(self, host, backend, status='DRAIN'):
         """
         Drain action, sets the server to DRAIN mode.
-        In this mode mode, the server will not accept any new connections
+        In this mode, the server will not accept any new connections
         other than those that are accepted via persistence.
         """
         haproxy_version = self.discover_version()
 
-        # check if haproxy version suppots DRAIN state (starting with 1.5)
+        # check if haproxy version supports DRAIN state (starting with 1.5)
         if haproxy_version and (1, 5) <= haproxy_version:
             cmd = "set server $pxname/$svname state drain"
-            self.execute_for_backends(cmd, backend, host, status)
+            self.execute_for_backends(cmd, backend, host, "DRAIN")
+            if status == "MAINT":
+                self.disabled(host, backend, self.shutdown_sessions)
 
     def act(self):
         """
@@ -426,7 +427,7 @@ class HAProxy(object):
         # Get the state before the run
         self.command_results['state_before'] = self.get_state_for(self.backend, self.host)
 
-        # toggle enable/disbale server
+        # toggle enable/disable server
         if self.state == 'enabled':
             self.enabled(self.host, self.backend, self.weight)
         elif self.state == 'disabled' and self._drain:

plugins/modules/net_tools/ipwcli_dns.py

@@ -205,9 +205,11 @@ class ResourceRecord(object):
     def list_record(self, record):
         # check if the record exists via list on ipwcli
         search = 'list %s' % (record.replace(';', '&&').replace('set', 'where'))
-        cmd = [self.module.get_bin_path('ipwcli', True)]
-        cmd.append('-user=%s' % (self.user))
-        cmd.append('-password=%s' % (self.password))
+        cmd = [
+            self.module.get_bin_path('ipwcli', True),
+            '-user=%s' % self.user,
+            '-password=%s' % self.password,
+        ]
         rc, out, err = self.module.run_command(cmd, data=search)
 
         if 'Invalid username or password' in out:
@@ -222,9 +224,11 @@ class ResourceRecord(object):
     def deploy_record(self, record):
         # check what happens if create fails on ipworks
         stdin = 'create %s' % (record)
-        cmd = [self.module.get_bin_path('ipwcli', True)]
-        cmd.append('-user=%s' % (self.user))
-        cmd.append('-password=%s' % (self.password))
+        cmd = [
+            self.module.get_bin_path('ipwcli', True),
+            '-user=%s' % self.user,
+            '-password=%s' % self.password,
+        ]
         rc, out, err = self.module.run_command(cmd, data=stdin)
 
         if 'Invalid username or password' in out:
@@ -238,9 +242,11 @@ class ResourceRecord(object):
     def delete_record(self, record):
         # check what happens if create fails on ipworks
         stdin = 'delete %s' % (record.replace(';', '&&').replace('set', 'where'))
-        cmd = [self.module.get_bin_path('ipwcli', True)]
-        cmd.append('-user=%s' % (self.user))
-        cmd.append('-password=%s' % (self.password))
+        cmd = [
+            self.module.get_bin_path('ipwcli', True),
+            '-user=%s' % self.user,
+            '-password=%s' % self.password,
+        ]
         rc, out, err = self.module.run_command(cmd, data=stdin)
 
         if 'Invalid username or password' in out:

plugins/modules/net_tools/nmcli.py

@@ -677,6 +677,10 @@ class Nmcli(object):
                 'primary': self.primary,
                 'updelay': self.updelay,
             })
+        elif self.type == 'bond-slave':
+            options.update({
+                'connection.slave-type': 'bond',
+            })
         elif self.type == 'bridge':
             options.update({
                 'bridge.ageing-time': self.ageingtime,

plugins/modules/notification/pushbullet.py

@@ -48,6 +48,10 @@ options:
         type: str
         description:
           - Body of the notification, e.g. Details of the fault you're alerting.
+    url:
+        type: str
+        description:
+          - URL field, used when I(push_type) is C(link).
 
 notes:
    - Requires pushbullet.py Python package on the remote host.

plugins/modules/packaging/language/bundler.py

@@ -33,6 +33,7 @@ options:
       - If not specified, it will default to the temporary working directory
   exclude_groups:
     type: list
+    elements: str
     description:
       - A list of Gemfile groups to exclude during operations. This only
         applies when state is C(present). Bundler considers this
@@ -134,7 +135,7 @@ def main():
             executable=dict(default=None, required=False),
             state=dict(default='present', required=False, choices=['present', 'latest']),
             chdir=dict(default=None, required=False, type='path'),
-            exclude_groups=dict(default=None, required=False, type='list'),
+            exclude_groups=dict(default=None, required=False, type='list', elements='str'),
             clean=dict(default=False, required=False, type='bool'),
             gemfile=dict(default=None, required=False, type='path'),
             local=dict(default=False, required=False, type='bool'),

plugins/modules/packaging/language/maven_artifact.py

@@ -141,6 +141,10 @@ options:
         required: false
         default: 'download'
         choices: ['never', 'download', 'change', 'always']
+    directory_mode:
+        type: str
+        description:
+            - Filesystem permission mode applied recursively to I(dest) when it is a directory.
 extends_documentation_fragment:
     - files
 '''
@@ -342,7 +346,7 @@ class Artifact(object):
         if len(parts) >= 3:
             g = parts[0]
             a = parts[1]
-            v = parts[len(parts) - 1]
+            v = parts[-1]
             t = None
             c = None
             if len(parts) == 4:
@@ -595,8 +599,7 @@ def main():
             client_key=dict(type="path", required=False),
             keep_name=dict(required=False, default=False, type='bool'),
             verify_checksum=dict(required=False, default='download', choices=['never', 'download', 'change', 'always']),
-            directory_mode=dict(type='str'),  # Used since https://github.com/ansible/ansible/pull/24965, not sure
-                                              # if this should really be here.
+            directory_mode=dict(type='str'),
         ),
         add_file_common_args=True,
         mutually_exclusive=([('version', 'version_by_spec')])

plugins/modules/packaging/language/pip_package_info.py

@@ -20,6 +20,7 @@ options:
     default: ['pip']
     required: False
     type: list
+    elements: path
 requirements:
     - The requested pip executables must be installed on the target.
 author:
@@ -115,7 +116,11 @@ def main():
 
     # start work
     global module
-    module = AnsibleModule(argument_spec=dict(clients={'type': 'list', 'default': ['pip']},), supports_check_mode=True)
+    module = AnsibleModule(
+        argument_spec=dict(
+            clients=dict(type='list', elements='path', default=['pip']),
+        ),
+        supports_check_mode=True)
     packages = {}
     results = {'packages': {}}
     clients = module.params['clients']

plugins/modules/packaging/os/pkgutil.py

@@ -130,7 +130,7 @@ def packages_not_latest(module, names, site, update_catalog):
         cmd.append('-U')
     cmd.append('-c')
     if site is not None:
-        cmd.extend('-t', site)
+        cmd.extend(['-t', site])
     if names != ['*']:
         cmd.extend(names)
     rc, out, err = run_command(module, cmd)
@@ -159,7 +159,7 @@ def package_install(module, state, pkgs, site, update_catalog, force):
     if update_catalog:
         cmd.append('-U')
     if site is not None:
-        cmd.extend('-t', site)
+        cmd.extend(['-t', site])
     if force:
         cmd.append('-f')
     cmd.extend(pkgs)
@@ -174,7 +174,7 @@ def package_upgrade(module, pkgs, site, update_catalog, force):
     if update_catalog:
         cmd.append('-U')
     if site is not None:
-        cmd.extend('-t', site)
+        cmd.extend(['-t', site])
     if force:
         cmd.append('-f')
     cmd += pkgs

plugins/modules/packaging/os/pulp_repo.py

@@ -16,6 +16,7 @@ author: "Joe Adams (@sysadmind)"
 short_description: Add or remove Pulp repos from a remote host.
 description:
   - Add or remove Pulp repos from a remote host.
+  - Note, this is for Pulp 2 only.
 options:
   add_export_distributor:
     description:

plugins/modules/packaging/os/svr4pkg.py

@@ -108,8 +108,7 @@ from ansible.module_utils.basic import AnsibleModule
 
 
 def package_installed(module, name, category):
-    cmd = [module.get_bin_path('pkginfo', True)]
-    cmd.append('-q')
+    cmd = [module.get_bin_path('pkginfo', True), '-q']
     if category:
         cmd.append('-c')
     cmd.append(name)

plugins/modules/packaging/os/zypper.py

@@ -336,7 +336,7 @@ def get_cmd(m, subcommand):
     "puts together the basic zypper command arguments with those passed to the module"
     is_install = subcommand in ['install', 'update', 'patch', 'dist-upgrade']
     is_refresh = subcommand == 'refresh'
-    cmd = ['/usr/bin/zypper', '--quiet', '--non-interactive', '--xmlout']
+    cmd = [m.get_bin_path('zypper', required=True), '--quiet', '--non-interactive', '--xmlout']
     if m.params['extra_args_precommand']:
         args_list = m.params['extra_args_precommand'].split()
         cmd.extend(args_list)

plugins/modules/packaging/os/zypper_repository.py

@@ -141,9 +141,9 @@ from ansible.module_utils.basic import AnsibleModule, missing_required_lib
 REPO_OPTS = ['alias', 'name', 'priority', 'enabled', 'autorefresh', 'gpgcheck']
 
 
-def _get_cmd(*args):
+def _get_cmd(module, *args):
     """Combines the non-interactive zypper command with arguments/subcommands"""
-    cmd = ['/usr/bin/zypper', '--quiet', '--non-interactive']
+    cmd = [module.get_bin_path('zypper', required=True), '--quiet', '--non-interactive']
     cmd.extend(args)
 
     return cmd
@@ -151,7 +151,7 @@ def _get_cmd(*args):
 
 def _parse_repos(module):
     """parses the output of zypper --xmlout repos and return a parse repo dictionary"""
-    cmd = _get_cmd('--xmlout', 'repos')
+    cmd = _get_cmd(module, '--xmlout', 'repos')
 
     if not HAS_XML:
         module.fail_json(msg=missing_required_lib("python-xml"), exception=XML_IMP_ERR)
@@ -230,7 +230,7 @@ def repo_exists(module, repodata, overwrite_multiple):
 def addmodify_repo(module, repodata, old_repos, zypper_version, warnings):
     "Adds the repo, removes old repos before, that would conflict."
     repo = repodata['url']
-    cmd = _get_cmd('addrepo', '--check')
+    cmd = _get_cmd(module, 'addrepo', '--check')
     if repodata['name']:
         cmd.extend(['--name', repodata['name']])
 
@@ -274,14 +274,14 @@ def addmodify_repo(module, repodata, old_repos, zypper_version, warnings):
 
 def remove_repo(module, repo):
     "Removes the repo."
-    cmd = _get_cmd('removerepo', repo)
+    cmd = _get_cmd(module, 'removerepo', repo)
 
     rc, stdout, stderr = module.run_command(cmd, check_rc=True)
     return rc, stdout, stderr
 
 
 def get_zypper_version(module):
-    rc, stdout, stderr = module.run_command(['/usr/bin/zypper', '--version'])
+    rc, stdout, stderr = module.run_command([module.get_bin_path('zypper', required=True), '--version'])
     if rc != 0 or not stdout.startswith('zypper '):
         return LooseVersion('1.0')
     return LooseVersion(stdout.split()[1])
@@ -290,9 +290,9 @@ def get_zypper_version(module):
 def runrefreshrepo(module, auto_import_keys=False, shortname=None):
     "Forces zypper to refresh repo metadata."
     if auto_import_keys:
-        cmd = _get_cmd('--gpg-auto-import-keys', 'refresh', '--force')
+        cmd = _get_cmd(module, '--gpg-auto-import-keys', 'refresh', '--force')
     else:
-        cmd = _get_cmd('refresh', '--force')
+        cmd = _get_cmd(module, 'refresh', '--force')
     if shortname is not None:
         cmd.extend(['-r', shortname])
 

plugins/modules/remote_management/lxca/lxca_cmms.py

@@ -20,6 +20,7 @@ options:
   uuid:
     description:
       uuid of device, this is string with length greater than 16.
+    type: str
 
   command_options:
     description:
@@ -29,10 +30,12 @@ options:
         - cmms
         - cmms_by_uuid
         - cmms_by_chassis_uuid
+    type: str
 
   chassis:
     description:
       uuid of chassis, this is string with length greater than 16.
+    type: str
 
 extends_documentation_fragment:
 - community.general.lxca_common

plugins/modules/remote_management/lxca/lxca_nodes.py

@@ -20,6 +20,7 @@ options:
   uuid:
     description:
       uuid of device, this is string with length greater than 16.
+    type: str
 
   command_options:
     description:
@@ -31,10 +32,12 @@ options:
         - nodes_by_chassis_uuid
         - nodes_status_managed
         - nodes_status_unmanaged
+    type: str
 
   chassis:
     description:
       uuid of chassis, this is string with length greater than 16.
+    type: str
 
 extends_documentation_fragment:
 - community.general.lxca_common