internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-04-28 09:26:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: internet:11.3.0
Branches Tags
internet:main internet:stable-12 internet:stable-11 internet:stable-10 internet:stable-9 internet:stable-8 internet:stable-7 internet:stable-6 internet:stable-5 internet:stable-4 internet:stable-3 internet:stable-2 internet:stable-1
internet:12.6.0 internet:11.4.7 internet:12.5.0 internet:11.4.6 internet:12.4.0 internet:11.4.5 internet:10.7.8 internet:12.3.0 internet:11.4.4 internet:12.2.0 internet:10.7.7 internet:11.4.3 internet:12.1.0 internet:11.4.2 internet:12.0.1 internet:12.0.0 internet:11.4.1 internet:10.7.6 internet:9.5.13 internet:11.4.0 internet:10.7.5 internet:9.5.12 internet:11.3.0 internet:10.7.4 internet:11.2.1 internet:11.2.0 internet:10.7.3 internet:9.5.11 internet:11.1.2 internet:11.1.1 internet:11.1.0 internet:10.7.2 internet:9.5.10 internet:11.0.0 internet:10.7.1 internet:9.5.9 internet:8.6.11 internet:10.7.0 internet:9.5.8 internet:10.6.0 internet:9.5.7 internet:10.5.0 internet:9.5.6 internet:10.4.0 internet:9.5.5 internet:10.3.1 internet:10.3.0 internet:9.5.4 internet:8.6.10 internet:10.2.0 internet:9.5.3 internet:8.6.9 internet:10.1.0 internet:9.5.2 internet:8.6.8 internet:10.0.1 internet:10.0.0 internet:9.5.1 internet:8.6.7 internet:7.5.9 internet:9.5.0 internet:8.6.6 internet:9.4.0 internet:8.6.5 internet:9.3.0 internet:8.6.4 internet:9.2.0 internet:8.6.3 internet:9.1.0 internet:8.6.2 internet:9.0.1 internet:9.0.0 internet:8.6.1 internet:7.5.8 internet:6.6.9 internet:8.6.0 internet:7.5.7 internet:8.5.0 internet:7.5.6 internet:6.6.8 internet:8.4.0 internet:7.5.5 internet:8.3.0 internet:7.5.4 internet:8.2.0 internet:7.5.3 internet:8.1.0 internet:7.5.2 internet:8.0.2 internet:8.0.1 internet:7.5.1 internet:6.6.7 internet:5.8.10 internet:8.0.0 internet:7.5.0 internet:6.6.6 internet:7.4.0 internet:6.6.5 internet:7.3.0 internet:6.6.4 internet:7.2.1 internet:7.2.0 internet:6.6.3 internet:5.8.9 internet:7.1.0 internet:6.6.2 internet:7.0.1 internet:6.6.1 internet:7.0.0 internet:4.8.11 internet:6.6.0 internet:5.8.8 internet:6.5.0 internet:5.8.7 internet:4.8.10 internet:6.4.0 internet:5.8.6 internet:6.3.0 internet:5.8.5 internet:6.2.0 internet:5.8.4 internet:6.1.0 internet:5.8.3 internet:5.8.2 internet:6.0.1 internet:5.8.1 internet:6.0.0 internet:4.8.9 internet:3.8.10 internet:6.0.0-a1 internet:5.8.0 internet:4.8.8 internet:5.7.0 internet:4.8.7 internet:5.6.0 internet:5.5.0 internet:4.8.6 internet:3.8.9 internet:5.4.0 internet:4.8.5 internet:5.3.0 internet:4.8.4 internet:5.2.0 internet:4.8.3 internet:5.1.1 internet:5.1.0 internet:5.0.2 internet:4.8.2 internet:3.8.8 internet:5.0.1 internet:5.0.0 internet:4.8.1 internet:3.8.7 internet:2.5.9 internet:1.3.14 internet:5.0.0-a1 internet:4.8.0 internet:4.7.0 internet:3.8.6 internet:4.6.1 internet:4.6.0 internet:4.5.0 internet:3.8.5 internet:4.4.0 internet:2.5.8 internet:1.3.13 internet:4.3.0 internet:3.8.4 internet:4.2.0 internet:3.8.3 internet:3.8.2 internet:4.1.0 internet:4.0.2 internet:4.0.1 internet:2.5.7 internet:4.0.0 internet:3.8.1 internet:3.8.0 internet:3.7.0 internet:2.5.6 internet:3.6.0 internet:1.3.12 internet:3.5.0 internet:2.5.5 internet:3.4.0 internet:3.3.2 internet:3.3.1 internet:3.3.0 internet:2.5.4 internet:1.3.11 internet:3.2.0 internet:2.5.3 internet:3.1.0 internet:3.0.2 internet:2.5.2 internet:3.0.1 internet:3.0.0 internet:1.3.10 internet:2.5.1 internet:2.5.0 internet:2.4.0 internet:2.3.0 internet:1.3.9 internet:1.3.8 internet:2.2.0 internet:1.3.7 internet:2.1.1 internet:2.1.0 internet:2.0.1 internet:1.3.6 internet:2.0.0 internet:1.3.5 internet:1.3.4 internet:1.3.3 internet:1.3.2 internet:1.3.1 internet:1.3.0 internet:1.2.0 internet:1.1.0 internet:1.0.0 internet:0.3.0-experimental.meta.redirects-3 internet:0.2.1 internet:0.3.0-experimental.meta.redirects internet:0.2.0 internet:0.1.4 internet:0.1.3 internet:0.1.2 internet:0.1.1 internet:0.1.0
...
compare: internet:stable-11
Branches Tags
internet:stable-12 internet:main internet:stable-11 internet:stable-10 internet:stable-9 internet:stable-8 internet:stable-7 internet:stable-6 internet:stable-5 internet:stable-4 internet:stable-3 internet:stable-2 internet:stable-1
internet:12.6.0 internet:11.4.7 internet:12.5.0 internet:11.4.6 internet:12.4.0 internet:11.4.5 internet:10.7.8 internet:12.3.0 internet:11.4.4 internet:12.2.0 internet:10.7.7 internet:11.4.3 internet:12.1.0 internet:11.4.2 internet:12.0.1 internet:12.0.0 internet:11.4.1 internet:10.7.6 internet:9.5.13 internet:11.4.0 internet:10.7.5 internet:9.5.12 internet:11.3.0 internet:10.7.4 internet:11.2.1 internet:11.2.0 internet:10.7.3 internet:9.5.11 internet:11.1.2 internet:11.1.1 internet:11.1.0 internet:10.7.2 internet:9.5.10 internet:11.0.0 internet:10.7.1 internet:9.5.9 internet:8.6.11 internet:10.7.0 internet:9.5.8 internet:10.6.0 internet:9.5.7 internet:10.5.0 internet:9.5.6 internet:10.4.0 internet:9.5.5 internet:10.3.1 internet:10.3.0 internet:9.5.4 internet:8.6.10 internet:10.2.0 internet:9.5.3 internet:8.6.9 internet:10.1.0 internet:9.5.2 internet:8.6.8 internet:10.0.1 internet:10.0.0 internet:9.5.1 internet:8.6.7 internet:7.5.9 internet:9.5.0 internet:8.6.6 internet:9.4.0 internet:8.6.5 internet:9.3.0 internet:8.6.4 internet:9.2.0 internet:8.6.3 internet:9.1.0 internet:8.6.2 internet:9.0.1 internet:9.0.0 internet:8.6.1 internet:7.5.8 internet:6.6.9 internet:8.6.0 internet:7.5.7 internet:8.5.0 internet:7.5.6 internet:6.6.8 internet:8.4.0 internet:7.5.5 internet:8.3.0 internet:7.5.4 internet:8.2.0 internet:7.5.3 internet:8.1.0 internet:7.5.2 internet:8.0.2 internet:8.0.1 internet:7.5.1 internet:6.6.7 internet:5.8.10 internet:8.0.0 internet:7.5.0 internet:6.6.6 internet:7.4.0 internet:6.6.5 internet:7.3.0 internet:6.6.4 internet:7.2.1 internet:7.2.0 internet:6.6.3 internet:5.8.9 internet:7.1.0 internet:6.6.2 internet:7.0.1 internet:6.6.1 internet:7.0.0 internet:4.8.11 internet:6.6.0 internet:5.8.8 internet:6.5.0 internet:5.8.7 internet:4.8.10 internet:6.4.0 internet:5.8.6 internet:6.3.0 internet:5.8.5 internet:6.2.0 internet:5.8.4 internet:6.1.0 internet:5.8.3 internet:5.8.2 internet:6.0.1 internet:5.8.1 internet:6.0.0 internet:4.8.9 internet:3.8.10 internet:6.0.0-a1 internet:5.8.0 internet:4.8.8 internet:5.7.0 internet:4.8.7 internet:5.6.0 internet:5.5.0 internet:4.8.6 internet:3.8.9 internet:5.4.0 internet:4.8.5 internet:5.3.0 internet:4.8.4 internet:5.2.0 internet:4.8.3 internet:5.1.1 internet:5.1.0 internet:5.0.2 internet:4.8.2 internet:3.8.8 internet:5.0.1 internet:5.0.0 internet:4.8.1 internet:3.8.7 internet:2.5.9 internet:1.3.14 internet:5.0.0-a1 internet:4.8.0 internet:4.7.0 internet:3.8.6 internet:4.6.1 internet:4.6.0 internet:4.5.0 internet:3.8.5 internet:4.4.0 internet:2.5.8 internet:1.3.13 internet:4.3.0 internet:3.8.4 internet:4.2.0 internet:3.8.3 internet:3.8.2 internet:4.1.0 internet:4.0.2 internet:4.0.1 internet:2.5.7 internet:4.0.0 internet:3.8.1 internet:3.8.0 internet:3.7.0 internet:2.5.6 internet:3.6.0 internet:1.3.12 internet:3.5.0 internet:2.5.5 internet:3.4.0 internet:3.3.2 internet:3.3.1 internet:3.3.0 internet:2.5.4 internet:1.3.11 internet:3.2.0 internet:2.5.3 internet:3.1.0 internet:3.0.2 internet:2.5.2 internet:3.0.1 internet:3.0.0 internet:1.3.10 internet:2.5.1 internet:2.5.0 internet:2.4.0 internet:2.3.0 internet:1.3.9 internet:1.3.8 internet:2.2.0 internet:1.3.7 internet:2.1.1 internet:2.1.0 internet:2.0.1 internet:1.3.6 internet:2.0.0 internet:1.3.5 internet:1.3.4 internet:1.3.3 internet:1.3.2 internet:1.3.1 internet:1.3.0 internet:1.2.0 internet:1.1.0 internet:1.0.0 internet:0.3.0-experimental.meta.redirects-3 internet:0.2.1 internet:0.3.0-experimental.meta.redirects internet:0.2.0 internet:0.1.4 internet:0.1.3 internet:0.1.2 internet:0.1.1 internet:0.1.0

133 Commits
11.3.0 ... stable-11

Author SHA1 Message Date
Felix Fontein
607c1ce085 Prepare 11.4.8. 2026-04-22 20:51:54 +02:00
Felix Fontein
ac0c24637a [stable-11] Replace default favicon URL again (#11909) (#11914) 
Replace default favicon URL again (#11909)

* replace default favicon URL

* add changelog fragment for PR 11909

* fix syntax for change fragment



* use higher res favicon by default

---------



(cherry picked from commit d57a667274)

Co-authored-by: Lars Krahl <57526005+mmslkr@users.noreply.github.com>
Co-authored-by: Lars Krahl <lars.krahl@telekom.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-04-22 20:17:10 +02:00
Felix Fontein
d7d7395fa0 [stable-11] Move ansible-core 2.18 to EOL CI (#11901) (#11905) 
Move ansible-core 2.18 to EOL CI (#11901)

Move ansible-core 2.18 to EOL CI.

(cherry picked from commit 9ef1dbb6d5)
 2026-04-20 17:04:26 +02:00
patchback[bot]
4689cc307e [PR #11898/6b5bf0a0 backport][stable-11] Fix FQCNs in examples (#11900) 
Fix FQCNs in examples (#11898)

Fix FQCNs in examples.

(cherry picked from commit 6b5bf0a0bc)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-04-20 15:17:50 +02:00
Felix Fontein
5da7b7d509 The next release will be 11.4.8. 2026-04-20 13:56:38 +02:00
Felix Fontein
334f8d3708 Release 11.4.7. 2026-04-20 12:33:14 +02:00
patchback[bot]
485b8b9f23 [PR #11812/e2a7dc46 backport][stable-11] sefcontext: flush in-process matchpathcon cache (#11853) 
sefcontext: flush in-process matchpathcon cache (#11812)

* fix sefcontext: flush in-process matchpathcon cache after changes

Fixes https://github.com/ansible-collections/community.general/issues/888



* update changelog fragment with PR number and URL



---------


(cherry picked from commit e2a7dc467d)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-17 18:31:47 +02:00
patchback[bot]
865c96e66c [PR #11850/f8869af6 backport][stable-11] homebrew_cask: fix sudo_password failing with special characters (#11866) 
* homebrew_cask: fix sudo_password failing with special characters (#11850)

* homebrew_cask: fix sudo_password with special characters in password

The SUDO_ASKPASS script embedded the password inside single quotes, which
breaks shell parsing whenever the password contains a single quote. Use a
quoted heredoc (cat <<'SUDO_PASS') instead, which treats the content
completely literally regardless of special characters.

Also replace .file.close() with .flush() (correct semantics — flushes
the write buffer without leaving the NamedTemporaryFile in a half-closed
state) and remove the redundant add_cleanup_file() call (the context
manager already deletes the file on exit).

Fixes #4957

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* homebrew_cask: add changelog fragment for #11850

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* homebrew_cask: fix sudo_password example and clarify ansible_become_password

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* homebrew_cask: use shlex.quote() for sudo_password instead of heredoc

shlex.quote() is the standard Python approach for shell-safe quoting
and handles all special characters without the edge cases of heredocs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
(cherry picked from commit f8869af65f)

* Make Python 2 compatible.

---------

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-04-17 18:31:36 +02:00
patchback[bot]
14498b7ad1 [PR #11862/342a76d5 backport][stable-11] Remove unstable CI target (#11869) 
Remove unstable CI target (#11862)

Remove unstable CI target.

(cherry picked from commit 342a76d5dd)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-04-17 18:31:23 +02:00
Felix Fontein
76372a8975 [stable-11] Fix flatpak module for Fedora 44 (#11847) 
CI: Replace Fedora 43 with 44 for devel (#11836)

* Replace Fedora 43 with 44 for devel in CI.

* Adjust tests.

* Adjust flatpak module to Fedora 44.

(cherry picked from commit ef656cb9b6)
 2026-04-17 07:03:28 +02:00
Felix Fontein
1fa6d37c0b [stable-11] CI: Temporarily skip failing callback unit tests for ansible-core 2.21+ (#11845) 
CI: Temporarily skip failing callback unit tests for ansible-core 2.21+ (#11842)

Temporarily skip failing unit tests.

(cherry picked from commit 7884a3f2a2)
 2026-04-16 21:44:57 +02:00
patchback[bot]
07704d22fa [PR #11826/7dcd3c1c backport][stable-11] lxd_container: document that config values must be strings (#11828) 
lxd_container: document that config values must be strings (#11826)

Fixes #8307


(cherry picked from commit 7dcd3c1c45)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 22:01:53 +02:00
patchback[bot]
9343652086 [PR #11823/71723268 backport][stable-11] lvol: fix LVM version regex to handle date formats without dashes (#11830) 
lvol: fix LVM version regex to handle date formats without dashes (#11823)

* lvol: fix LVM version regex to handle date formats without dashes

Fixes #5445



* lvol: add changelog fragment for issue 5445



---------


(cherry picked from commit 7172326868)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 22:01:44 +02:00
patchback[bot]
62c026968a [PR #11815/78d004d9 backport][stable-11] lvg: clarify desired-state semantics of pvs parameter in docs (#11822) 
lvg: clarify desired-state semantics of pvs parameter in docs (#11815)

lvg: doc adjustment
(cherry picked from commit 78d004d96e)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-04-14 22:03:03 +02:00
Felix Fontein
a15260f85f Prepare 11.4.7. 2026-04-08 20:14:29 +02:00
patchback[bot]
bc13d83a64 [PR #11754/b780224d backport][stable-11] mssql_script: only pass params to cursor.execute() when provided (#11759) 
mssql_script: only pass params to cursor.execute() when provided (#11754)

* mssql_script: only pass params to cursor.execute() when provided

Fixes #11699



* mssql_script: add changelog fragment for PR #11754



---------


(cherry picked from commit b780224d6d)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-08 20:06:04 +02:00
Felix Fontein
b9e5db4373 [stable-11] Change devel to stable-2.21 in CI (#11744) 
Change devel to stable-2.21 in CI.
 2026-04-07 08:43:44 +02:00
patchback[bot]
2e5d3a0e1f [PR #11720/982f9472 backport][stable-11] test(integration): fix for ansible-core devel changes in register (#11723) 
test(integration): fix for ansible-core devel changes in register (#11720)

(cherry picked from commit 982f9472c5)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-04-03 07:34:50 +02:00
patchback[bot]
dabdc16010 [PR #11685/909458a6 backport][stable-11] docs: improve timezone module examples and add hwclock usage (#11695) 
docs: improve timezone module examples and add hwclock usage (#11685)

* docs: add variable-based example for timezone module

### Summary
Added a variable-based example to the EXAMPLES section of the timezone module.

### Changes
- Added an example demonstrating how to set timezone dynamically using a variable

### Motivation
Using variables is a common practice in Ansible playbooks. This example helps users understand how to make the module usage more flexible and reusable.

* docs: improve timezone module examples with hwclock usage

### Summary
Improved the EXAMPLES section of the timezone module by adding a more meaningful, module-specific example.

### Changes
- Added an example demonstrating usage of the `hwclock` parameter
- Simplified examples to avoid redundancy
- Fixed formatting issues causing CI failures (invalid YAML, lint errors)

### Motivation
The previous examples were minimal and did not demonstrate module-specific features. This update adds a more practical use case and ensures the examples follow proper formatting and validation rules.

(cherry picked from commit 909458a661)

Co-authored-by: Anshjeet Mahir <anshjeetmahir123@gmail.com>
 2026-03-27 12:45:07 +01:00
Felix Fontein
bd56572025 The next release will be 11.4.7. 2026-03-23 21:39:54 +01:00
Felix Fontein
2b22a3c60b Release 11.4.6. 2026-03-23 21:15:32 +01:00
patchback[bot]
4f418ce747 [PR #11656/4dad53ab backport][stable-11] counter_enabled callback: honor display_ok_hosts setting (#11666) 
counter_enabled callback: honor display_ok_hosts setting (#11656)

* fix(callback/counter_enabled): honor display_ok_hosts setting

* add changelog frag

* Update changelogs/fragments/11656-counter_enabled-display_ok_hosts.yml

(cherry picked from commit 4dad53abac)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-03-23 20:34:32 +01:00
Felix Fontein
fb26dbfa31 Prepare 11.4.6. 2026-03-22 20:34:40 +01:00
patchback[bot]
4bd1bb8c2a [PR #11645/a09e879f backport][stable-11] xfconf: fix boolean return values (#11649) 
xfconf: fix boolean return values (#11645)

* xfconf: fix boolean return values

* add changelog frag

(cherry picked from commit a09e879ff2)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-03-22 20:33:24 +01:00
patchback[bot]
a742525c89 [PR #11631/b4336659 backport][stable-11] CI: Remove FreeBSD 14.3 for devel, and replace macOS 15.3 with 26.3 (#11633) 
CI: Remove FreeBSD 14.3 for devel, and replace macOS 15.3 with 26.3 (#11631)

* Replace FreeBSD 14.3 with 14.4, and macOS 15.3 with 26.3.

* FreeBSD 14.4 seems to have the same problem as FreeBSD 15.0, disabling for now.

(cherry picked from commit b4336659f6)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-03-21 21:13:53 +01:00
Felix Fontein
badfef8070 [stable-11] CI: Replace apt_repository and apt_key with deb822_repository (#11625) (#11628) 
CI: Replace apt_repository and apt_key with deb822_repository (#11625)

Replace apt_repository and apt_key with deb822_repository.

(cherry picked from commit bc22fbcaa0)
 2026-03-20 08:06:15 +01:00
patchback[bot]
33ed69bc93 [PR #11612/5e4fbfee backport][stable-11] Update BOTMETA.yml (#11615) 
Update BOTMETA.yml (#11612)

remove myself from teams

(cherry picked from commit 5e4fbfeee0)

Co-authored-by: Anatoly Pugachev <matorola@gmail.com>
 2026-03-18 07:05:02 +01:00
patchback[bot]
8736ff46f2 [PR #11541/4cd91ba4 backport][stable-11] Fix templating bug in iptables_state tests (#11571) 
Fix templating bug in iptables_state tests (#11541)

* Fix templating bug in iptables_state tests.

* Try to install older packages on RHEL.

(cherry picked from commit 4cd91ba4d4)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-03-11 22:15:49 +01:00
patchback[bot]
543a292f4b [PR #11548/2f33ff10 backport][stable-11] keycloak_authentication: fix TypeError when flow has no authenticationExecutions (#11564) 
keycloak_authentication: fix TypeError when flow has no authenticationExecutions (#11548)

* TIAAS-12174: fix(keycloak_authentication): handle None authenticationExecutions

When a flow is defined without authenticationExecutions, module.params.get()
returns None but the key still exists in the config dict. The 'in' check
passes but iterating over None raises TypeError.

Guard the iteration with an explicit None check.

* keycloak_authentication: add changelog fragment for NoneType fix

* keycloak_authentication: update changelog fragment with PR link

* Update plugins/modules/keycloak_authentication.py



* Changelog polishing

---------



(cherry picked from commit 2f33ff1041)

Co-authored-by: Ivan Kokalovic <67540157+koke1997@users.noreply.github.com>
Co-authored-by: Ivan Kokalovic <ivan.kokalovic@example.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-03-10 06:57:43 +01:00
patchback[bot]
a93ae0c1ae [PR #11552/aaef821f backport][stable-11] Update links to iocage. Current iocage documentation is at freebsd.gi… (#11553) 
Update links to iocage. Current iocage documentation is at freebsd.gi… (#11552)

Update links to iocage. Current iocage documentation is at freebsd.github.io/iocage/

(cherry picked from commit aaef821f60)

Co-authored-by: Vladimir Botka <vbotka@gmail.com>
 2026-03-06 05:49:49 +00:00
Felix Fontein
b247603961 [stable-11] Update tests to pass on macOS arm64 (#11544) (#11546) 
Update tests to pass on macOS arm64 (#11544)

(cherry picked from commit 9b9d8eac09)

Co-authored-by: Matt Clay <matt@mystile.com>
 2026-02-27 19:29:50 +01:00
Felix Fontein
d91ff5c282 The next release will be 11.4.6. 2026-02-23 18:23:41 +01:00
Felix Fontein
c66a43aa27 Release 11.4.5. 2026-02-23 17:48:41 +01:00
Felix Fontein
30ac14bfc1 Prepare 11.4.5. 2026-02-22 16:40:03 +01:00
Felix Fontein
d9e48f0488 [stable-11] python_requirements_info: use importlib.metadata when available (#11495) (#11497) 
python_requirements_info: use importlib.metadata when available (#11495)

Use importlib.metadata when available.

(cherry picked from commit 88adca3fb4)
 2026-02-11 07:12:00 +01:00
patchback[bot]
80efe01bbf [PR #11484/63ddca7f backport][stable-11] supervisorctl: remove unstable tag from integration tests (#11492) 
supervisorctl: remove unstable tag from integration tests (#11484)

(cherry picked from commit 63ddca7f21)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2026-02-10 21:51:15 +01:00
Felix Fontein
7bfdae02e9 The next release will be 11.4.5. 2026-01-26 18:45:47 +01:00
Felix Fontein
a552266120 Release 11.4.4. 2026-01-26 18:22:40 +01:00
patchback[bot]
2c16874370 [PR #11440/53e1e86b backport][stable-11] Logstash plugin version fix (#11449) 
Logstash plugin version fix (#11440)

* logstash_plugin: fix argument order when using version parameter

* logstash_plugin: add integration tests

* logstash_plugin: add changelog fragment

(cherry picked from commit 53e1e86bcc)

Co-authored-by: Nicolas Boutet <amd3002@gmail.com>
 2026-01-26 06:26:54 +01:00
Felix Fontein
275961b4ad Prepare 11.4.4. 2026-01-20 22:42:33 +01:00
Felix Fontein
c083b2fa6c [stable-11] Update ignore.txt (#11428) 
Update ignore.txt.
 2026-01-15 22:02:29 +01:00
Felix Fontein
cc32ee2889 Fix markup in changelog. 2026-01-11 14:28:14 +01:00
Felix Fontein
e677c46329 Make sure stable-12 CI runs in cron. 
(cherry picked from commit 28b16eab66)
 2026-01-11 00:43:16 +01:00
patchback[bot]
e90b6d0184 [PR #11417/a689bb8e backport][stable-11] CI: Arch Linux switched to Python 3.14 (#11419) 
CI: Arch Linux switched to Python 3.14 (#11417)

Arch Linux switched to Python 3.14.

(cherry picked from commit a689bb8e8d)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-01-11 00:41:07 +01:00
patchback[bot]
c398c6bb96 [PR #11401/0e6ba072 backport][stable-11] Update CI pipelines (#11404) 
Update CI pipelines (#11401)

Update CI pipelines:
- Fedora 42 -> 43 for devel
- RHEL 10.0 -> 10.1 for all ansible-core branches
- FreeBSD 13.5 -> 15.0 for devel
- Alpine 3.22 -> 3.23 for devel

(cherry picked from commit 0e6ba07261)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-01-08 12:28:37 +01:00
patchback[bot]
6185f06f64 [PR #11387/d4089ca2 backport][stable-11] Update RHEL 9.x to 9.7 in CI (#11392) 
Update RHEL 9.x to 9.7 in CI (#11387)

* Update RHEL 9.x to 9.7 in CI.

* Add skips.

(cherry picked from commit d4089ca29a)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-01-06 18:17:59 +01:00
Felix Fontein
91ba894643 [stable-11] cloudflare_dns: also allow 128 as a value for flag (#11377) (#11384) 
cloudflare_dns: also allow 128 as a value for flag (#11377)

* Also allow 128 as a value for flag.

* Forgot to add changelog fragment.

(cherry picked from commit c00fb4fb5c)
 2026-01-05 18:57:35 +01:00
patchback[bot]
5807791c80 [PR #11357/ddf05104 backport][stable-11] Add missing integration test aliases files (#11371) 
Add missing integration test aliases files (#11357)

* Add missing aliases files.

* Fix directory name.

* Add another missing aliases file.

* Adjust test to also work with newer jsonpatch versions.

(cherry picked from commit ddf05104f3)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2026-01-02 15:03:05 +01:00
patchback[bot]
378c73a2a1 [PR #11369/20ba59cc backport][stable-11] Added "See Also" section (#11373) 
Added "See Also" section (#11369)

* Added "See Also" section

* Corrected seealso documentation

* Update ini_file.py

Removed seealso descriptions

* Update to_ini.py

Removed seealso descriptions

* Update from_ini.py

Removed seealso descriptions

(cherry picked from commit 20ba59cce6)

Co-authored-by: daomah <129229601+daomah@users.noreply.github.com>
 2026-01-02 15:02:54 +01:00
Felix Fontein
a8e60d0358 The next release will be 11.4.4. 2025-12-29 15:21:16 +01:00
Felix Fontein
f2d6ac54e9 Release 11.4.3. 2025-12-29 14:46:32 +01:00
patchback[bot]
9d7fe2f0ae [PR #11332/280d269d backport][stable-11] fix: listen_ports_facts return no facts when using with podman (#11334) 
fix: listen_ports_facts return no facts when using with podman (#11332)

* fix: listen_ports_facts return no facts when using with podman

* Update changelogs/fragments/listen-ports-facts-return-no-facts.yml



---------


(cherry picked from commit 280d269d78)

Co-authored-by: Daniel Gonçalves <dangoncalves@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-12-28 21:15:32 +01:00
Felix Fontein
57b3ce9572 Prepare 11.4.3. 2025-12-23 21:39:27 +01:00
patchback[bot]
405435236f [PR #11316/3debc968 backport][stable-11] Fixing documentation for scaleway_private_network module. (#11318) 
Fixing documentation for scaleway_private_network module. (#11316)

(cherry picked from commit 3debc968a4)

Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
 2025-12-23 14:19:57 +01:00
patchback[bot]
538a701f89 [PR #11295/a5aec7d6 backport][stable-11] Fix typo in auth_username in examples (#11298) 
Fix typo in auth_username in examples (#11295)

(cherry picked from commit a5aec7d61a)

Co-authored-by: Ivan Kokalovic <67540157+koke1997@users.noreply.github.com>
 2025-12-19 21:10:10 +01:00
patchback[bot]
5d3132cfe0 [PR #11284/df349459 backport][stable-11] keycloak_authentication_required_actions: fix examples (#11287) 
keycloak_authentication_required_actions: fix examples (#11284)

The correct parameter name is "required_actions" (plural).

(cherry picked from commit df34945991)

Co-authored-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
 2025-12-15 19:25:04 +01:00
patchback[bot]
41690c84a2 [PR #11277/1b15e595 backport][stable-11] use FQCN for extending docs with files and url (#11282) 
use FQCN for extending docs with files and url (#11277)

* use FQCN for extending docs with files and url

* remove typo

(cherry picked from commit 1b15e595e0)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-12-14 12:16:23 +01:00
patchback[bot]
5d9f58b69d [PR #11276/a96a5c44 backport][stable-11] sysrc tests: skip FreeBSD 14.2 for ezjail tests (#11279) 
sysrc tests: skip FreeBSD 14.2 for ezjail tests (#11276)

Looks like 14.2 no longer works.

(cherry picked from commit a96a5c44a5)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-12-14 12:06:01 +01:00
Alexei Znamensky
b2f16f184a test(integration): monit: backport of PR 11255 (#11273) 
* test(integration): monit: backport of PR 11255

* add changelog frag
 2025-12-12 07:25:09 +01:00
patchback[bot]
bc61b2d656 [PR #11260/a977c6f7 backport][stable-11] fix(sanitize_cr): avoid crash when realmrep is empty (#11267) 
fix(sanitize_cr): avoid crash when realmrep is empty (#11260)

* fix(docs): missing info on id when creating realms

* fix(sanitize_cr): avoid crash when realmrep is empty

* remove unrelated change

* remove unrelated change

* added changlog

* correct: changelogs

* Update changelogs



---------



(cherry picked from commit a977c6f7c1)

Co-authored-by: Guillaume Dorschner <44686652+GuillaumeDorschner@users.noreply.github.com>
Co-authored-by: Guillaume Dorschner <guillaume.dorschner@thalesgroup.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-12-08 23:03:21 +01:00
Alexei Znamensky
364e491b7e [stable-11] monit: fix check for pending (#11253) 
* monit: fix check for pending

* add changelog frag

* adjust testcases
 2025-12-03 19:19:55 +13:00
Felix Fontein
df3898b08c Next release will be 11.4.3. 2025-12-01 21:30:31 +01:00
Felix Fontein
aeb672e809 Release 11.4.2. 2025-12-01 20:47:18 +01:00
Felix Fontein
3724b36934 Prepare 11.4.2. 2025-11-30 08:37:53 +01:00
patchback[bot]
d9c09095c4 [PR #11216/6b4100d7 backport][stable-11] CONTRIBUTING.md: fixes/improvements (#11220) 
CONTRIBUTING.md: fixes/improvements (#11216)

* CONTRIBUTING.md: fixes/improvements

* Update CONTRIBUTING.md



---------


(cherry picked from commit 6b4100d70f)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-11-25 22:10:42 +01:00
Felix Fontein
43e709b9f2 [stable-11] Fix crash in module_utils.datetime.fromtimestamp() (#11206) (#11214) 
Fix crash in module_utils.datetime.fromtimestamp() (#11206)

Fix crash in module_utils.datetime.fromtimestamp().

(cherry picked from commit cbf13ab6c9)
 2025-11-25 21:41:49 +01:00
Michael Galati
a2042c9b93 [PR #11179/ebb53416 backport][stable-11] mas: Fix parsing on mas 3.0.0+. (#11211) 
mas: Fix parsing on mas 3.0.0+. (#11179)

* mas: Fix parsing on mas 3.0.0+.

`mas` changed the formatting of `mas list` with version 3, which breaks
the parsing this module uses to determine which apps are installed.  In
particular, app IDs may now have leading space, which causes us to split
the string too early.

* Changelog fragment.

* Better format examples and changlog fragment.

(cherry picked from commit ebb534166e)
 2025-11-25 06:46:29 +01:00
Felix Fontein
67bb94ae89 [stable-11] Bump actions/checkout from 5 to 6 in the ci group (#11200) (#11202) 
Bump actions/checkout from 5 to 6 in the ci group (#11200)

Bumps the ci group with 1 update: [actions/checkout](https://github.com/actions/checkout).

Updates `actions/checkout` from 5 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
...



(cherry picked from commit a803156277)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 18:44:00 +01:00
patchback[bot]
4298003ac8 [PR #11185/4517b86e backport][stable-11] snmp_facts: update docs with dependency constraint (#11188) 
snmp_facts: update docs with dependency constraint (#11185)

(cherry picked from commit 4517b86ed4)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-11-22 22:44:05 +01:00
Felix Fontein
1b44e595a3 [stable-11] docs: migrate RTD URLs to docs.ansible.com (#11109) (#11176) 
docs: migrate RTD URLs to docs.ansible.com (#11109)

* docs: update readthedocs.io URLs to docs.ansible.com equivalents

🤖 Generated with Claude Code
https://claude.ai/code



* Adjust favicon URL.



---------




(cherry picked from commit d98df2d3a5)

Co-authored-by: John Barker <john@johnrbarker.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Don Naro <dnaro@redhat.com>
 2025-11-19 18:22:31 +01:00
patchback[bot]
d9f99fdf8d [PR #11159/6bf0780d backport][stable-11] xfconf: update state=absent doc (#11161) 
xfconf: update state=absent doc (#11159)

(cherry picked from commit 6bf0780d23)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-11-15 21:11:01 +01:00
patchback[bot]
542772500b [PR #11150/32f0ad2f backport][stable-11] Fixed typo in decompress example documentation (#11152) 
Fixed typo in decompress example documentation (#11150)

(cherry picked from commit 32f0ad2f97)

Co-authored-by: Thomas Löhr <tlhr@users.noreply.github.com>
 2025-11-13 23:11:47 +01:00
patchback[bot]
b66b26259a [PR #11123/1a82e93c backport][stable-11] Re-enable Copr integration tests (#11125) 
Re-enable Copr integration tests (#11123)

Fixes: https://github.com/ansible-collections/community.general/issues/10987
(cherry picked from commit 1a82e93c6d)

Co-authored-by: Maxwell G <maxwell@gtmx.me>
 2025-11-12 19:46:16 +01:00
Felix Fontein
0567de50d8 [stable-11] Move ansible-core 2.17 to EOL CI (#11127) 
Move ansible-core 2.17 to EOL CI.
 2025-11-12 19:45:58 +01:00
Felix Fontein
147ffc6b48 [stable-11] Use Cobbler API version format to check version (#11045) (#11118) 
Use Cobbler API version format to check version (#11045)

* Use Cobbler API version format to check version

Cobbler use the formula below to return the version:

float(format(int(elems[0]) + 0.1 * int(elems[1]) + 0.001 * int(elems[2]), '.3f'))

Which means that 3.3.7 is changed to 3.307 which is > 3.4.

* Compare Cobbler version as a float

* Remove LooseVersion import

(cherry picked from commit 6f11d75047)

Co-authored-by: Bruno Travouillon <devel@travouillon.fr>
 2025-11-12 06:59:31 +01:00
Felix Fontein
4594f7cd18 [stable-11] Add ignore.txt entries for bad-return-value-key (#11111) (#11116) 
Add ignore.txt entries for bad-return-value-key (#11111)

Add ignore.txt entries.

(cherry picked from commit 62492fe742)
 2025-11-12 06:53:58 +01:00
patchback[bot]
008de3e245 [PR #11089/c26a4e61 backport][stable-11] consul_kv: adjust RV in docs (#11091) 
consul_kv: adjust RV in docs (#11089)

(cherry picked from commit c26a4e613b)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-11-11 06:09:15 +01:00
Felix Fontein
943c021446 [stable-11] Migrate 1 RTD URLs to docs.ansible.com (#11081) (#11083) 
Migrate 1 RTD URLs to docs.ansible.com (#11081)

Migrate RTD URLs to docs.ansible.com

Updated 1 ansible.readthedocs.io URLs to docs.ansible.com equivalents
as part of the Read the Docs migration.

🤖 Generated with Claude Code
https://claude.ai/code


(cherry picked from commit e8bdf46627)

Co-authored-by: John Barker <john@johnrbarker.com>
Co-authored-by: Claude <noreply@anthropic.com>
 2025-11-10 20:35:15 +01:00
patchback[bot]
4ef7b7573b [PR #11031/3cbe44e2 backport][stable-11] Update TSS lookup plugin documentation and add Delinea Platform authentication examples (#11073) 
Update TSS lookup plugin documentation and add Delinea Platform authentication examples (#11031)

* - Update documentation from Thycotic to Delinea branding
- Add comprehensive Platform authentication examples
- Enhance existing examples with clearer task names
- Improve RETURN section documentation
- Fix AccessTokenAuthorizer initialization with base_url parameter
- Add support for both Secret Server and Platform authentication methods

* Fixed lintitng issue and added changelog fragment file.

* Removed documentation changes from changelog file.

(cherry picked from commit 3cbe44e269)

Co-authored-by: delinea-sagar <131447653+delinea-sagar@users.noreply.github.com>
 2025-11-10 06:47:40 +01:00
patchback[bot]
a0ae0a7c76 [PR #11057/0d8521c7 backport][stable-11] supervisorctl: investigate integration tests (#11064) 
supervisorctl: investigate integration tests (#11057)

* supervisorctl: investigate integration tests

* wait for supervisord to complete stop

* adjust in module

(cherry picked from commit 0d8521c718)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-11-09 09:52:55 +01:00
patchback[bot]
4408972762 [PR #11053/ac4f657d backport][stable-11] opendj_backendprop: docs improvements (#11061) 
opendj_backendprop: docs improvements (#11053)

(cherry picked from commit ac4f657d43)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-11-09 09:52:41 +01:00
Felix Fontein
dce8b507fd [stable-11] filesystem: xfs resize: minimal required increment (#11033) (#11042) 
filesystem: xfs resize: minimal required increment (#11033)

Internally XFS uses allocation groups. Allocation groups have a maximum
size of 1 TiB - 1 block. For devices >= 4 TiB XFS uses max size
allocation groups. If a filesystem is extended and the last allocation
group is already at max size, a new allocation group is added. An
allocation group seems to require at least 64 4 KiB blocks.

For devices with integer TiB size (>4), this creates a filesystem that
has initially has 1 unused block per TiB size. The `resize` option
detects this unused space, and tries to resize the filesystem.  The
xfs_growfs call is successful (exit 0), but does not increase the file
system size. This is detected as repeated change in the task.

Test case:
```
- hosts: localhost
  tasks:
    - ansible.builtin.command:
        cmd: truncate -s 4T /media/xfs.img
        creates: /media/xfs.img
      notify: loopdev xfs

    - ansible.builtin.meta: flush_handlers

    - name: pickup xfs.img resize
      ansible.builtin.command:
        cmd: losetup -c /dev/loop0
      changed_when: false

    - community.general.filesystem:
        dev: "/dev/loop0"
        fstype: "xfs"

    - ansible.posix.mount:
        src: "/dev/loop0"
        fstype: "xfs"
        path: "/media/xfs"
        state: "mounted"

    # always shows a diff even for newly created filesystems
    - community.general.filesystem:
        dev: "/dev/loop0"
        fstype: "xfs"
        resizefs: true

  handlers:
    - name: loopdev xfs
      ansible.builtin.command:
        cmd: losetup /dev/loop0 /media/xfs.img
```

NB: If the last allocation group is not yet at max size, the filesystem
can be resized. Detecting this requires considering the XFS topology.
Other filesystems (at least ext4) also seem to require a minimum
increment after the initial device size, but seem to use the entire
device after initial creation.

Fun observation: creating a 64(+) TiB filesystem leaves a 64(+) block
gap at the end, that is allocated in a subsequent xfs_growfs call.


(cherry picked from commit f5943201b9)

Co-authored-by: jnaab <25617714+jnaab@users.noreply.github.com>
Co-authored-by: Johannes Naab <johannes.naab@hetzner-cloud.de>
 2025-11-08 10:00:56 +01:00
Alexei Znamensky
40eec12c2c xfconf: fix existing empty array case (#11026) (#11027) 
* xfconf: fix existing empty array case

* fix xfconf_info as well

* add changelog frag

(cherry picked from commit b28ac655fc)
 2025-11-02 22:07:52 +01:00
Felix Fontein
cd4a02605e Adjust CI schedules: remove stable-9, move stable-10 to weekly. 
(cherry picked from commit 09d8b2bb77)
 2025-11-02 14:10:30 +01:00
Felix Fontein
0929d24077 The next release will be 11.4.2. 2025-11-02 14:10:15 +01:00
Felix Fontein
ac7b95e710 Release 11.4.1. 2025-11-02 13:04:47 +01:00
patchback[bot]
cd50836977 [PR #11001/eb6337c0 backport][stable-11] omapi_host: fix bytes vs. str confusion (#11022) 
omapi_host: fix bytes vs. str confusion (#11001)

* omapi_host: fix bytes vs. str confusion

After an update of the control node from Debian
bookworm to trixie, the omapi_host module fails to
work with the error message:

Key of type 'bytes' is not JSON serializable by the
'module_legacy_m2c' profile.

https://github.com/ansible/ansible/issues/85937 had the
same error, but the fix is a bit more intricate here
because the result dict is dynamically generated from
an API response object.

This also fixes unpacking the MAC and IP address and
hardware type, which were broken for Python3.

* Merge suggestion for changelog fragment



* do not unpack_ip twice

Noticed by Felix Fontein <felix@fontein.de>

* mention py3k in changelog fragment, too

---------


(cherry picked from commit eb6337c0c9)

Co-authored-by: mirabilos <tg@mirbsd.org>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-30 20:30:00 +01:00
patchback[bot]
23cc57c9f6 [PR #11005/54af64ad backport][stable-11] keycloak_user: mark credentials[].value as no_log=True (#11012) 
keycloak_user: mark credentials[].value as no_log=True (#11005)

Mark credentials[].value as no_log=True.

(cherry picked from commit 54af64ad36)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-29 17:15:36 +00:00
patchback[bot]
b9119335cd [PR #10955/e84f59a6 backport][stable-11] fix(pritunl_user): improve resilience to null or missing user parameters (#11014) 
fix(pritunl_user): improve resilience to null or missing user parameters (#10955)

* fix(pritunl_user): improve resilience to null or missing user parameters

* added changelog fragment - 10955

* standardize 10955 changelog fragment content



* simplify user params comparison



* simplify list fetch



* simplify remote value retrieval



---------



(cherry picked from commit e84f59a62d)

Co-authored-by: David Jenkins <david.jenkins@twosixtech.com>
Co-authored-by: djenkins <djenkins@twosix.net>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-29 17:15:18 +00:00
patchback[bot]
e4e33e6824 [PR #10965/ce0d06b3 backport][stable-11] onepassword: extend CLI class initialization with additional parameters (#11007) 
onepassword: extend CLI class initialization with additional parameters (#10965)

* onepassword: extend CLI class initialization with additional parameters

* add changelog fragment 10965-onepassword-bugfix.yml

* Update changelogs/fragments/10965-onepassword-bugfix.yml



---------


(cherry picked from commit ce0d06b306)

Co-authored-by: Matthew <mjmjelde@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-28 21:38:35 +01:00
Felix Fontein
9cb619ff6c [stable-11] terraform: Fix bug when None values aren't processed correctly (#10961) (#11003) 
terraform: Fix bug when None values aren't processed correctly (#10961)

* terraform: Fix bug when None values aren't processed correctly

Just found that i can't pass null values as complex variables into terraform using this module, while i can do that with terraform itself. Fixed undesired behavior.

* chore: changelog fragment 10961-terraform-complexvars-null-bugfix.yaml

* Update changelogs/fragments/10961-terraform-complexvars-null-bugfix.yaml



* Update plugins/modules/terraform.py



* Update plugins/modules/terraform.py



* Fix condition to check for None type in terraform.py

---------


(cherry picked from commit af8c4fb95e)

Co-authored-by: nbragin4 <139489942+nbragin4@users.noreply.github.com>
 2025-10-28 20:53:57 +01:00
Felix Fontein
47e808da51 Prepare 11.4.1. 2025-10-27 19:40:08 +01:00
patchback[bot]
01b25a8236 [PR #10988/f6781f65 backport][stable-11] CI: temporarily disable tests for copr (#10991) 
CI: temporarily disable tests for copr (#10988)

Temporarily disable tests for copr.

(cherry picked from commit f6781f654e)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-26 21:59:52 +01:00
patchback[bot]
6cf8ce06ca [PR #10953/258e65f5 backport][stable-11] keycloak_user_rolemapping: docs fixes and examples about mapping realm roles in keycloak_user_rolemapping (#10963) 
keycloak_user_rolemapping: docs fixes and examples about mapping realm roles in keycloak_user_rolemapping (#10953)

* Fix docs and add examples about mapping realm roles for keycloak_user_rolemapping.py module (#7149)

* fix sanity tests

(cherry picked from commit 258e65f5fc)

Co-authored-by: Stanislav Shamilov <shamilovstas@protonmail.com>
 2025-10-23 21:37:47 +02:00
Felix Fontein
31f130a56f Add ignore.txt entries. 2025-10-23 21:32:04 +02:00
patchback[bot]
7ef0705984 [PR #10956/4c7be8f2 backport][stable-11] cloudflare_dns: rollback validation for CAA records (#10957) 
cloudflare_dns: rollback validation for CAA records (#10956)

* cloudflare_dns: rollback validation for CAA records

* add changelog frag

(cherry picked from commit 4c7be8f268)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-23 07:05:39 +02:00
patchback[bot]
5e326a25a4 [PR #10948/7572b46c backport][stable-11] filesystem: docs adjustments (#10952) 
filesystem: docs adjustments (#10948)

(cherry picked from commit 7572b46c7b)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-21 06:45:36 +02:00
patchback[bot]
6526e0196a [PR #10933/c850e209 backport][stable-11] Add support for client auth in Keycloak cllient secrets module (#10946) 
Add support for client auth in Keycloak cllient secrets module (#10933)

* keycloak: add client authentication support for client_secret



* readd ['token', 'auth_realm']



---------


(cherry picked from commit c850e209ab)

Signed-off-by: Marius Bertram <marius@brtrm.de>
Co-authored-by: Marius Bertram <marius@brtrm.de>
 2025-10-19 21:22:44 +02:00
patchback[bot]
e757adbfca [PR #10918/7e666a9c backport][stable-11] fix(modules/gitlab_runner): Fix exception in check mode on new runners (#10944) 
fix(modules/gitlab_runner): Fix exception in check mode on new runners (#10918)

* fix(modules/gitlab_runner): Fix exception in check mode on new runners

When a new runner is added in check mode, the role used to throw an
exception. Fix this by returning a valid runner object instead of a
boolean.

Fixes #8854

* docs: Add changelog fragment

(cherry picked from commit 7e666a9c31)

Co-authored-by: carlfriedrich <carlfriedrich@posteo.de>
 2025-10-19 09:31:24 +02:00
patchback[bot]
3a2ce4add5 [PR #10937/2bd44584 backport][stable-11] cloudflare_dns: rollback validation for SRV records (#10938) 
cloudflare_dns: rollback validation for SRV records (#10937)

* cloudflare_dns: rollback validation for SRV records

* add changelog frag

(cherry picked from commit 2bd44584d3)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-18 09:47:57 +02:00
patchback[bot]
3868664046 [PR #10926/9dedd774 backport][stable-11] Add __init__.py to work around ansible-test/pylint bug (#10928) 
Add __init__.py to work around ansible-test/pylint bug (#10926)

Add __init__.py to work around ansible-test/pylint bug.

(cherry picked from commit 9dedd77459)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-15 21:55:32 +02:00
Felix Fontein
476914013d [stable-11] Add stable-2.20 to CI, bump version of devel branch (#10923) (#10924) 
Add stable-2.20 to CI, bump version of devel branch (#10923)

Add stable-2.20 to CI, bump version of devel branch.

(cherry picked from commit 8472dc22ea)
 2025-10-15 12:57:20 +02:00
patchback[bot]
dcfaee08a0 [PR #10914/c5253c50 backport][stable-11] build(deps): bump github/codeql-action from 3 to 4 in the ci group (#10915) 
build(deps): bump github/codeql-action from 3 to 4 in the ci group (#10914)

Bumps the ci group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

Updates `github/codeql-action` from 3 to 4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
...



(cherry picked from commit c5253c5007)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 09:57:50 +02:00
patchback[bot]
78b61cc5cb [PR #10910/10bdd9c5 backport][stable-11] tests/unit/plugins/modules/test_composer.yaml: remove redundant lines (#10911) 
tests/unit/plugins/modules/test_composer.yaml: remove redundant lines (#10910)

(cherry picked from commit 10bdd9c56b)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-12 11:05:00 +02:00
patchback[bot]
32438bdf80 [PR #10891/5f471b8e backport][stable-11] refactor dict from literal list (#10895) 
refactor dict from literal list (#10891)

* refactor dict from literal list

* add changelog frag

(cherry picked from commit 5f471b8e5b)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-10 19:15:49 +02:00
patchback[bot]
8685d12996 [PR #10893/14a858fd backport][stable-11] random_string: replace random.SystemRandom() with secrets.SystemRandom() (#10894) 
random_string: replace random.SystemRandom() with secrets.SystemRandom() (#10893)

* random_string: replace random.SystemRandom() with secrets.SystemRandom()



* add the forgotten blank line



* Update changelogs/fragments/replace-random-with-secrets.yml



* readd the description



* Update changelogs/fragments/replace-random-with-secrets.yml



---------



(cherry picked from commit 14a858fd9c)

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-10 19:15:21 +02:00
patchback[bot]
f0c18ec730 [PR #10887/68b83451 backport][stable-11] pacman: link to yay bug report (#10890) 
pacman: link to yay bug report (#10887)

Link to yay bug report.

(cherry picked from commit 68b8345199)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-10 08:10:22 +02:00
Felix Fontein
3d4dc21a68 The next release will be 11.4.1. 2025-10-06 19:04:32 +02:00
Felix Fontein
49e620cb6a Release 11.4.0. 2025-10-06 18:29:30 +02:00
patchback[bot]
e82c2ad80d [PR #10842/f34842b7 backport][stable-11] Keycloak client scope support (#10882) 
Keycloak client scope support (#10842)

* first commit

* sanity

* fixe test

* trailing white space

* sanity

* Fragment

* test sanity

* Update changelogs/fragments/10842-keycloak-client-scope-support.yml



* Update plugins/modules/keycloak_client.py



* add client_scopes_behavior

* Sanity

* Sanity

* Update plugins/modules/keycloak_client.py



* Fix typo.



* Update plugins/modules/keycloak_client.py



* Update plugins/modules/keycloak_client.py



* Update plugins/modules/keycloak_client.py



* Update plugins/modules/keycloak_client.py



---------




(cherry picked from commit f34842b7b2)

Co-authored-by: desand01 <desrosiers.a@hotmail.com>
Co-authored-by: Andre Desrosiers <andre.desrosiers@ssss.gouv.qc.ca>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-06 18:28:38 +02:00
patchback[bot]
74dfcae673 [PR #10880/30894f41 backport][stable-11] github_app_access_token: add support for GitHub Enterprise Server (#10881) 
github_app_access_token: add support for GitHub Enterprise Server (#10880)

* github_app_access_token: add support for GitHub Enterprise Server (#10879)
Add option to specify api endpoint for a GitHub Enterprise Server.
If option is not specified, defaults to https://api.github.com.

* refactor: apply changes as suggested by felixfontein

* docs: fix nox check error and type-o

nox check: plugins/lookup/github_app_access_token.py:57:1: DOCUMENTATION: error: too many blank lines (1 > 0)  (empty-lines)

* refactor: apply changes as suggested by russoz

* refactor: apply changes as suggested by felixfontein

(cherry picked from commit 30894f4144)

Co-authored-by: Chris <chodonne@gmail.com>
 2025-10-06 18:28:31 +02:00
patchback[bot]
1e01aeacb4 [PR #10873/6cd46654 backport][stable-11] Avoid six in plugin code (#10875) 
Avoid six in plugin code (#10873)

Avoid six in plugin code.

(cherry picked from commit 6cd4665412)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-05 07:36:47 +02:00
patchback[bot]
3b207ba0fd [PR #10874/750adb43 backport][stable-11] pipx: adjustments for pipx 1.8.0 (#10876) 
pipx: adjustments for pipx 1.8.0 (#10874)

* pipx: adjustments for pipx 1.8.0

* add changelog frag

* typo

(cherry picked from commit 750adb431a)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-05 07:23:57 +02:00
patchback[bot]
90850b3763 [PR #10689/cc41d9da backport][stable-11] gem: fix soundness issue when uninstalling default gems on Ubuntu (#10878) 
gem: fix soundness issue when uninstalling default gems on Ubuntu (#10689)

* Attempt to fix gem soundness issue

* Return command execution

* Fix value error

* Attempt to fix failling tests

* Fix minor issues

* Update changelog

* Update tests/integration/targets/gem/tasks/main.yml



* Update changelogs/fragments/10689-gem-prevent-soundness-issue.yml



* Remove state and name from gem error message

* Improve gem uninstall check

* Make unit tests pass

* Fix linting issues

* gem: Remove length chenck and adapt unit tests

* Adapt gem unit tests

* gem: improve error msg

* Fix sanity error

* Fix linting issue

---------


(cherry picked from commit cc41d9da60)

Co-authored-by: Giorgos Drosos <56369797+gdrosos@users.noreply.github.com>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-10-05 07:23:48 +02:00
patchback[bot]
5af8d6132d [PR #10829/7c40c6b6 backport][stable-11] Keycloak role fix changed status (#10839) 
Keycloak role fix changed status (#10829)

* Exclude aliases before comparison

* add test

* fragment

* Update changelogs/fragments/10829-fix-keycloak-role-changed-status.yml



---------



(cherry picked from commit 7c40c6b6b5)

Co-authored-by: desand01 <desrosiers.a@hotmail.com>
Co-authored-by: Andre Desrosiers <andre.desrosiers@ssss.gouv.qc.ca>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-10-05 07:08:09 +02:00
patchback[bot]
bce7efb866 [PR #10863/9d0150b2 backport][stable-11] [doc] update requirements for all consul modules/lookups (#10872) 
[doc] update requirements for all consul modules/lookups (#10863)

* [doc] update requirements for consul_kv module

python-consul has been unmaintained for a while. It uses a legacy way of passing the Consul token when sending requests. This leads to warning messages in Consul log, and will eventually break communication. Using the maintained py-consul library ensures compatibility to newer Consul versions.

* [doc] replace all python-consul occurrences with py-consul

* [fix] tests and possible pip server errors

* [chore] remove referencce to python-consul in comment

---------


(cherry picked from commit 9d0150b2c3)

Co-authored-by: Sebastian Damm <SipSeb@users.noreply.github.com>
Co-authored-by: Sebastian Damm <sebastian.damm@pascom.net>
 2025-10-03 07:53:16 +02:00
patchback[bot]
edd8981af6 [PR #10867/41b65161 backport][stable-11] Fix typos: s/the the/the/ (#10868) 
Fix typos: s/the the/the/ (#10867)

(cherry picked from commit 41b65161bd)

Co-authored-by: Pierre Riteau <pierre@stackhpc.com>
 2025-09-30 21:54:43 +02:00
patchback[bot]
c2adcfa51d [PR #10864/4b644ae4 backport][stable-11] docs: fix sphinx warnings in uthelper guide (#10865) 
docs: fix sphinx warnings in uthelper guide (#10864)

(cherry picked from commit 4b644ae41b)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-09-28 12:42:23 +02:00
Felix Fontein
fd72e9b2a3 Add repository configuration to antsibull-nox.toml. 
(cherry picked from commit e9b1788bb9)
 2025-09-26 07:04:11 +02:00
patchback[bot]
96ed253c79 [PR #10861/8b5f4b05 backport][stable-11] Fix RST syntax error (#10862) 
Fix RST syntax error (#10861)

Fix RST syntax error.

(cherry picked from commit 8b5f4b055f)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-25 21:13:55 +02:00
patchback[bot]
b21e6466c7 [PR #10857/68684a7a backport][stable-11] github_deploy_key: make sure variable exists before use (#10860) 
github_deploy_key: make sure variable exists before use (#10857)

Make sure variable exists before use.

(cherry picked from commit 68684a7a4c)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-25 20:49:03 +02:00
patchback[bot]
de8d1760c4 [PR #10852/648ff7db backport][stable-11] yaml cache plugin: make compatible with ansible-core 2.19 (#10856) 
yaml cache plugin: make compatible with ansible-core 2.19 (#10852)

Make compatible with ansible-core 2.19.

(cherry picked from commit 648ff7db02)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-25 20:34:42 +02:00
Felix Fontein
a098845a0f Prepare 11.4.0. 2025-09-21 20:46:10 +02:00
patchback[bot]
ff6735f0ce [PR #10840/b865bf57 backport][stable-11] Fix keycloak sub-group search (#10846) 
Fix keycloak sub-group search (#10840)

* fix bug in missing realm argument when searching for groups

* MR change fragment

* 39+1=40

(cherry picked from commit b865bf5751)

Co-authored-by: Jakub Danek <danekja@users.noreply.github.com>
 2025-09-21 20:44:22 +02:00
patchback[bot]
657268120c [PR #10832/0f23b9e3 backport][stable-11] Force Content-type header to application/json if is_pre740 is false (#10848) 
Force Content-type header to application/json if is_pre740 is false (#10832)

* Force Content-type header to application/json if is_pre740 is false

* Remove response variable from fail_json module

* Add a missing blank line to match pep8 requirement

* Add changelog fragment of issue #10796

* Rename fragment section

* Improve fragment readability



---------



(cherry picked from commit 0f23b9e391)

Co-authored-by: X <2465124+broferek@users.noreply.github.com>
Co-authored-by: ludovic <ludovic.petetin@aleph-networks.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-21 20:44:12 +02:00
patchback[bot]
e541b5b709 [PR #10830/2bf8ae88 backport][stable-11] timezone: mention that Debian 13 also needs util-linux-extra (#10837) 
timezone: mention that Debian 13 also needs util-linux-extra (#10830)

Mention that Debian 13 also needs util-linux-extra.

(cherry picked from commit 2bf8ae88be)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-18 22:14:58 +02:00
patchback[bot]
9a3fd8fabe [PR #10812/7a231a24 backport][stable-11] gitlab_*_variable: add description option (#10834) 
gitlab_*_variable: add `description` option (#10812)

(cherry picked from commit 7a231a248e)

Co-authored-by: David Phillips <phillid@users.noreply.github.com>
 2025-09-18 22:14:48 +02:00
patchback[bot]
baf124bc17 [PR #10805/833e6e36 backport][stable-11] homebrew: Support old_tokens and oldnames in homebrew package data (#10831) 
homebrew: Support old_tokens and oldnames in homebrew package data (#10805)

* homebrew: Support old_tokens and oldnames in homebrew package data

Fixes #10804

Since brew info will accept old_tokens (for casks) and oldnames (for formulae) when provided by the homebrew module "name" argument, the module also needs to consider thes old names as valid for the given package.  This commit updates _extract_package_name to do that.

All existing package name tests, including existing tests for name aliases and tap prefixing, have been consolidated with new name tests into package_names.yml.

* Added changelog fragment.

* homebrew: replace non-py2 compliant f-string usage

* code formatting lint, and py2 compatibility fixes

* homebrew: added licenses to new files, nox lint

* Update plugins/modules/homebrew.py

use str.format() instead of string addition



* Update tests/integration/targets/homebrew/tasks/casks.yml



* Update tests/integration/targets/homebrew/tasks/package_names_item.yml



* Update tests/integration/targets/homebrew/tasks/formulae.yml



* Fixes for performance concerns on new homebrew tests.
1) tests for alternate package names are commented out in main.yml.
2) the "install via alternate name, uninstall via base name" test
   case was deemed duplicative, and has been deleted .
3) minor fixes to use jinja2 "~" for string concat instead of "+"

* Fix nox lint

---------


(cherry picked from commit 833e6e36de)

Co-authored-by: brad2014 <brad2014@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-15 19:39:57 +02:00
patchback[bot]
712bd5194d [PR #10810/c1e877d2 backport][stable-11] github_app_access_token: fix compatibility import of jwt (#10826) 
github_app_access_token: fix compatibility import of jwt (#10810)

Fix compatibility import of jwt.

(cherry picked from commit c1e877d254)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-09-13 10:31:01 +02:00
patchback[bot]
0dfa80d386 [PR #10822/0911db45 backport][stable-11] pipx: review tests (#10824) 
pipx: review tests (#10822)

(cherry picked from commit 0911db457e)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-09-13 10:30:52 +02:00
patchback[bot]
e1eb88def5 [PR #10823/562d2ae5 backport][stable-11] parted: join command list for fail_json message (#10827) 
parted: join command list for fail_json message (#10823)

* parted: join command list for fail_json message

* add changelog frag

(cherry picked from commit 562d2ae5b1)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2025-09-13 10:30:42 +02:00
patchback[bot]
bdf0c4e0bf [PR #10818/d2e2395a backport][stable-11] Speed up tests in android_sdk module (#10821) 
Speed up tests in android_sdk module (#10818)

changed the dependency that is used to test the functionality in android_sdk module. The previous dependency was ~100MB, the current one is ~6MB. This should speed up the tests a bit and reduce the traffic.

(cherry picked from commit d2e2395ae3)

Co-authored-by: Stanislav Shamilov <shamilovstas@protonmail.com>
 2025-09-12 19:42:53 +02:00
patchback[bot]
0b2f50a3ed [PR #10813/a7e4cee4 backport][stable-11] Remove obsolete test conditions (#10815) 
Remove obsolete test conditions (#10813)

* Fedora 31 and 32 are EOL, remove conditions related


(cherry picked from commit a7e4cee47d)

Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
 2025-09-12 06:41:19 +02:00
213 changed files with 2796 additions and 950 deletions
Expand all files Collapse all files

325
.azure-pipelines/azure-pipelines.yml
View File

@@ -29,14 +29,14 @@ schedules:
always: true
branches:
include:
- stable-12
- stable-11
- stable-10
- cron: 0 11 * * 0
displayName: Weekly (old stable branches)
always: true
branches:
include:
- stable-9
- stable-10
variables:
- name: checkoutPath
@@ -57,14 +57,27 @@ pool: Standard
stages:
### Sanity
- stage: Sanity_devel
displayName: Sanity devel
- stage: Sanity_2_21
displayName: Sanity 2.21
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: devel/sanity/{0}
testFormat: 2.21/sanity/{0}
targets:
- test: 1
- test: 2
- test: 3
- test: 4
- stage: Sanity_2_20
displayName: Sanity 2.20
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: 2.20/sanity/{0}
targets:
- test: 1
- test: 2
@@ -83,41 +96,15 @@ stages:
- test: 2
- test: 3
- test: 4
- stage: Sanity_2_18
displayName: Sanity 2.18
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: 2.18/sanity/{0}
targets:
- test: 1
- test: 2
- test: 3
- test: 4
- stage: Sanity_2_17
displayName: Sanity 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: 2.17/sanity/{0}
targets:
- test: 1
- test: 2
- test: 3
- test: 4
### Units
- stage: Units_devel
displayName: Units devel
- stage: Units_2_21
displayName: Units 2.21
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: devel/units/{0}/1
testFormat: 2.21/units/{0}/1
targets:
- test: 3.9
- test: '3.10'
@@ -125,6 +112,18 @@ stages:
- test: '3.12'
- test: '3.13'
- test: '3.14'
- stage: Units_2_20
displayName: Units 2.20
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.20/units/{0}/1
targets:
- test: 3.9
- test: "3.12"
- test: "3.14"
- stage: Units_2_19
displayName: Units 2.19
dependsOn: []
@@ -137,68 +136,64 @@ stages:
- test: 3.8
- test: "3.11"
- test: "3.13"
- stage: Units_2_18
displayName: Units 2.18
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.18/units/{0}/1
targets:
- test: 3.8
- test: "3.11"
- test: "3.13"
- stage: Units_2_17
displayName: Units 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.17/units/{0}/1
targets:
- test: 3.7
- test: "3.10"
- test: "3.12"
## Remote
- stage: Remote_devel_extra_vms
displayName: Remote devel extra VMs
- stage: Remote_2_21_extra_vms
displayName: Remote 2.21 extra VMs
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/{0}
testFormat: 2.21/{0}
targets:
- name: Alpine 3.22
test: alpine/3.22
# - name: Fedora 42
# test: fedora/42
- name: Alpine 3.23
test: alpine/3.23
# - name: Fedora 43
# test: fedora/43
- name: Ubuntu 22.04
test: ubuntu/22.04
- name: Ubuntu 24.04
test: ubuntu/24.04
groups:
- vm
- stage: Remote_devel
displayName: Remote devel
- stage: Remote_2_21
displayName: Remote 2.21
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/{0}
testFormat: 2.21/{0}
targets:
- name: macOS 26.3
test: macos/26.3
- name: RHEL 10.1
test: rhel/10.1
- name: RHEL 9.7
test: rhel/9.7
# TODO: enable this ASAP!
# - name: FreeBSD 15.0
# test: freebsd/15.0
# TODO: enable this ASAP!
# - name: FreeBSD 14.4
# test: freebsd/14.4
groups:
- 1
- 2
- 3
- stage: Remote_2_20
displayName: Remote 2.20
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.20/{0}
targets:
- name: macOS 15.3
test: macos/15.3
- name: RHEL 10.0
test: rhel/10.0
- name: RHEL 9.6
test: rhel/9.6
- name: RHEL 10.1
test: rhel/10.1
- name: FreeBSD 14.3
test: freebsd/14.3
- name: FreeBSD 13.5
test: freebsd/13.5
groups:
- 1
- 2
@@ -211,68 +206,48 @@ stages:
parameters:
testFormat: 2.19/{0}
targets:
- name: RHEL 9.5
test: rhel/9.5
- name: RHEL 10.0
test: rhel/10.0
- name: RHEL 10.1
test: rhel/10.1
- name: FreeBSD 14.2
test: freebsd/14.2
groups:
- 1
- 2
- 3
- stage: Remote_2_18
displayName: Remote 2.18
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.18/{0}
targets:
- name: macOS 14.3
test: macos/14.3
- name: RHEL 9.4
test: rhel/9.4
- name: FreeBSD 14.1
test: freebsd/14.1
groups:
- 1
- 2
- 3
- stage: Remote_2_17
displayName: Remote 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.17/{0}
targets:
- name: FreeBSD 13.5
test: freebsd/13.5
- name: RHEL 9.3
test: rhel/9.3
groups:
- 1
- 2
- 3
### Docker
- stage: Docker_devel
displayName: Docker devel
- stage: Docker_2_21
displayName: Docker 2.21
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/linux/{0}
testFormat: 2.21/linux/{0}
targets:
- name: Fedora 43
test: fedora43
- name: Alpine 3.23
test: alpine323
- name: Ubuntu 22.04
test: ubuntu2204
- name: Ubuntu 24.04
test: ubuntu2404
groups:
- 1
- 2
- 3
- stage: Docker_2_20
displayName: Docker 2.20
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.20/linux/{0}
targets:
- name: Fedora 42
test: fedora42
- name: Alpine 3.22
test: alpine322
- name: Ubuntu 22.04
test: ubuntu2204
- name: Ubuntu 24.04
test: ubuntu2404
groups:
- 1
- 2
@@ -293,51 +268,15 @@ stages:
- 1
- 2
- 3
- stage: Docker_2_18
displayName: Docker 2.18
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.18/linux/{0}
targets:
- name: Fedora 40
test: fedora40
- name: Alpine 3.20
test: alpine320
- name: Ubuntu 24.04
test: ubuntu2404
groups:
- 1
- 2
- 3
- stage: Docker_2_17
displayName: Docker 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.17/linux/{0}
targets:
- name: Fedora 39
test: fedora39
- name: Alpine 3.19
test: alpine319
- name: Ubuntu 20.04
test: ubuntu2004
groups:
- 1
- 2
- 3
### Community Docker
- stage: Docker_community_devel
displayName: Docker (community images) devel
- stage: Docker_community_2_21
displayName: Docker (community images) 2.21
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/linux-community/{0}
testFormat: 2.21/linux-community/{0}
targets:
- name: Debian 11 Bullseye
test: debian-bullseye/3.9
@@ -346,7 +285,7 @@ stages:
- name: Debian 13 Trixie
test: debian-13-trixie/3.13
- name: ArchLinux
test: archlinux/3.13
test: archlinux/3.14
groups:
- 1
- 2
@@ -354,18 +293,29 @@ stages:
### Generic
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - stage: Generic_devel
# displayName: Generic devel
# - stage: Generic_2_21
# displayName: Generic 2.21
# dependsOn: []
# jobs:
# - template: templates/matrix.yml
# parameters:
# nameFormat: Python {0}
# testFormat: devel/generic/{0}/1
# testFormat: 2.21/generic/{0}/1
# targets:
# - test: '3.9'
# - test: '3.12'
# - test: '3.14'
# - stage: Generic_2_20
# displayName: Generic 2.20
# dependsOn: []
# jobs:
# - template: templates/matrix.yml
# parameters:
# nameFormat: Python {0}
# testFormat: 2.20/generic/{0}/1
# targets:
# - test: '3.10'
# - test: '3.14'
# - stage: Generic_2_19
# displayName: Generic 2.19
# dependsOn: []
@@ -377,54 +327,27 @@ stages:
# targets:
# - test: '3.9'
# - test: '3.13'
# - stage: Generic_2_18
# displayName: Generic 2.18
# dependsOn: []
# jobs:
# - template: templates/matrix.yml
# parameters:
# nameFormat: Python {0}
# testFormat: 2.18/generic/{0}/1
# targets:
# - test: '3.8'
# - test: '3.13'
# - stage: Generic_2_17
# displayName: Generic 2.17
# dependsOn: []
# jobs:
# - template: templates/matrix.yml
# parameters:
# nameFormat: Python {0}
# testFormat: 2.17/generic/{0}/1
# targets:
# - test: '3.7'
# - test: '3.12'
- stage: Summary
condition: succeededOrFailed()
dependsOn:
- Sanity_devel
- Sanity_2_21
- Sanity_2_20
- Sanity_2_19
- Sanity_2_18
- Sanity_2_17
- Units_devel
- Units_2_21
- Units_2_20
- Units_2_19
- Units_2_18
- Units_2_17
- Remote_devel_extra_vms
- Remote_devel
- Remote_2_21_extra_vms
- Remote_2_21
- Remote_2_20
- Remote_2_19
- Remote_2_18
- Remote_2_17
- Docker_devel
- Docker_2_21
- Docker_2_20
- Docker_2_19
- Docker_2_18
- Docker_2_17
- Docker_community_devel
- Docker_community_2_21
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - Generic_devel
# - Generic_2_21
# - Generic_2_20
# - Generic_2_19
# - Generic_2_18
# - Generic_2_17
jobs:
- template: templates/coverage.yml

4
.github/BOTMETA.yml vendored
View File

@@ -1592,7 +1592,7 @@ macros:
plugin_utils: plugins/plugin_utils
tests: plugins/test
team_ansible_core:
team_aix: MorrisA bcoca d-little flynn1973 gforster kairoaraujo marvin-sinister mator molekuul ramooncamacho wtcross
team_aix: MorrisA bcoca d-little flynn1973 gforster kairoaraujo marvin-sinister molekuul ramooncamacho wtcross
team_bsd: JoergFiedler MacLemon bcoca dch jasperla mekanix opoplawski overhacked tuxillo
team_consul: sgargan apollo13 Ilgmi
team_cyberark_conjur: jvanderhoof ryanprior
@@ -1614,7 +1614,7 @@ macros:
team_redfish: mraineri tomasg2012 xmadsen renxulei rajeevkallur bhavya06 jyundt
team_rhsm: cnsnyder ptoscano
team_scaleway: remyleone abarbare
team_solaris: bcoca fishman jasperla jpdasma mator scathatheworm troy2914 xen0l
team_solaris: bcoca fishman jasperla jpdasma scathatheworm troy2914 xen0l
team_suse: commel evrardjp lrupp AnderEnder alxgu andytom sealor
team_virt: joshainglis karmab Thulium-Drake Ajpantuso
team_wdc: mikemoerk

2
.github/ISSUE_TEMPLATE/bug_report.yml vendored
View File

@@ -146,7 +146,7 @@ body:
attributes:
label: Code of Conduct
description: |
Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
Read the [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
options:
- label: I agree to follow the Ansible Code of Conduct
required: true

8
.github/ISSUE_TEMPLATE/config.yml vendored
View File

@@ -7,7 +7,7 @@
blank_issues_enabled: false # default: true
contact_links:
- name: Security bug report
url: https://docs.ansible.com/ansible-core/devel/community/reporting_bugs_and_features.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
url: https://docs.ansible.com/projects/ansible-core/devel/community/reporting_bugs_and_features.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
about: |
Please learn how to report security vulnerabilities here.
@@ -16,12 +16,12 @@ contact_links:
a prompt response.
For more information, see
https://docs.ansible.com/ansible/latest/community/reporting_bugs_and_features.html
https://docs.ansible.com/projects/ansible/latest/community/reporting_bugs_and_features.html
- name: Ansible Code of Conduct
url: https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
url: https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
about: Be nice to other members of the community.
- name: Talks to the community
url: https://docs.ansible.com/ansible/latest/community/communication.html?utm_medium=github&utm_source=issue_template_chooser#mailing-list-information
url: https://docs.ansible.com/projects/ansible/latest/community/communication.html?utm_medium=github&utm_source=issue_template_chooser#mailing-list-information
about: Please ask and answer usage questions here
- name: Working groups
url: https://github.com/ansible/community/wiki

2
.github/ISSUE_TEMPLATE/documentation_report.yml vendored
View File

@@ -122,7 +122,7 @@ body:
attributes:
label: Code of Conduct
description: |
Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
Read the [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
options:
- label: I agree to follow the Ansible Code of Conduct
required: true

2
.github/ISSUE_TEMPLATE/feature_request.yml vendored
View File

@@ -66,7 +66,7 @@ body:
attributes:
label: Code of Conduct
description: |
Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
Read the [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
options:
- label: I agree to follow the Ansible Code of Conduct
required: true

2
.github/pull_request_template.md vendored
View File

@@ -4,7 +4,7 @@
<!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
<!--- Please do not forget to include a changelog fragment:
https://docs.ansible.com/ansible/devel/community/collection_development_process.html#creating-changelog-fragments
https://docs.ansible.com/projects/ansible/devel/community/collection_development_process.html#creating-changelog-fragments
No need to include one for docs-only or test-only PR, and for new plugin/module PRs.
Read about more details in CONTRIBUTING.md.
-->

101
.github/workflows/ansible-test.yml vendored
View File

@@ -30,6 +30,8 @@ jobs:
matrix:
ansible:
- '2.16'
- '2.17'
- '2.18'
runs-on: ubuntu-latest
steps:
- name: Perform sanity testing
@@ -63,6 +65,18 @@ jobs:
python: '3.6'
- ansible: '2.16'
python: '3.11'
- ansible: '2.17'
python: '3.7'
- ansible: '2.17'
python: '3.10'
- ansible: '2.17'
python: '3.12'
- ansible: '2.18'
python: '3.8'
- ansible: '2.18'
python: '3.11'
- ansible: '2.18'
python: '3.13'
steps:
- name: >-
@@ -136,19 +150,80 @@ jobs:
docker: alpine3
python: ''
target: azp/posix/3/
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - ansible: '2.16'
# docker: default
# python: '2.7'
# target: azp/generic/1/
# - ansible: '2.16'
# docker: default
# python: '3.6'
# target: azp/generic/1/
# - ansible: '2.16'
# docker: default
# python: '3.11'
# target: azp/generic/1/
# 2.17
- ansible: '2.17'
docker: fedora39
python: ''
target: azp/posix/1/
- ansible: '2.17'
docker: fedora39
python: ''
target: azp/posix/2/
- ansible: '2.17'
docker: fedora39
python: ''
target: azp/posix/3/
- ansible: '2.17'
docker: alpine319
python: ''
target: azp/posix/1/
- ansible: '2.17'
docker: alpine319
python: ''
target: azp/posix/2/
- ansible: '2.17'
docker: alpine319
python: ''
target: azp/posix/3/
- ansible: '2.17'
docker: ubuntu2004
python: ''
target: azp/posix/1/
- ansible: '2.17'
docker: ubuntu2004
python: ''
target: azp/posix/2/
- ansible: '2.17'
docker: ubuntu2004
python: ''
target: azp/posix/3/
# 2.18
- ansible: '2.18'
docker: fedora40
python: ''
target: azp/posix/1/
- ansible: '2.18'
docker: fedora40
python: ''
target: azp/posix/2/
- ansible: '2.18'
docker: fedora40
python: ''
target: azp/posix/3/
- ansible: '2.18'
docker: ubuntu2404
python: ''
target: azp/posix/1/
- ansible: '2.18'
docker: ubuntu2404
python: ''
target: azp/posix/2/
- ansible: '2.18'
docker: ubuntu2404
python: ''
target: azp/posix/3/
- ansible: '2.18'
docker: alpine320
python: ''
target: azp/posix/1/
- ansible: '2.18'
docker: alpine320
python: ''
target: azp/posix/2/
- ansible: '2.18'
docker: alpine320
python: ''
target: azp/posix/3/
steps:
- name: >-

6
.github/workflows/codeql-analysis.yml vendored
View File

@@ -24,15 +24,15 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
persist-credentials: false
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@v4
with:
languages: python
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@v4

2
.github/workflows/nox.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
name: "Run extra sanity tests"
steps:
- name: Check out collection
uses: actions/checkout@v5
uses: actions/checkout@v6
with:
persist-credentials: false
- name: Run nox

291
CHANGELOG.md
View File

@@ -2,48 +2,76 @@
**Topics**
- <a href="#v11-3-0">v11\.3\.0</a>
- <a href="#v11-4-7">v11\.4\.7</a>
- <a href="#release-summary">Release Summary</a>
- <a href="#minor-changes">Minor Changes</a>
- <a href="#deprecated-features">Deprecated Features</a>
- <a href="#bugfixes">Bugfixes</a>
- <a href="#v11-4-6">v11\.4\.6</a>
- <a href="#release-summary-1">Release Summary</a>
- <a href="#bugfixes-1">Bugfixes</a>
- <a href="#v11-4-5">v11\.4\.5</a>
- <a href="#release-summary-2">Release Summary</a>
- <a href="#bugfixes-2">Bugfixes</a>
- <a href="#v11-4-4">v11\.4\.4</a>
- <a href="#release-summary-3">Release Summary</a>
- <a href="#bugfixes-3">Bugfixes</a>
- <a href="#v11-4-3">v11\.4\.3</a>
- <a href="#release-summary-4">Release Summary</a>
- <a href="#bugfixes-4">Bugfixes</a>
- <a href="#v11-4-2">v11\.4\.2</a>
- <a href="#release-summary-5">Release Summary</a>
- <a href="#minor-changes">Minor Changes</a>
- <a href="#bugfixes-5">Bugfixes</a>
- <a href="#v11-4-1">v11\.4\.1</a>
- <a href="#release-summary-6">Release Summary</a>
- <a href="#minor-changes-1">Minor Changes</a>
- <a href="#security-fixes">Security Fixes</a>
- <a href="#bugfixes-6">Bugfixes</a>
- <a href="#v11-4-0">v11\.4\.0</a>
- <a href="#release-summary-7">Release Summary</a>
- <a href="#minor-changes-2">Minor Changes</a>
- <a href="#bugfixes-7">Bugfixes</a>
- <a href="#v11-3-0">v11\.3\.0</a>
- <a href="#release-summary-8">Release Summary</a>
- <a href="#minor-changes-3">Minor Changes</a>
- <a href="#deprecated-features">Deprecated Features</a>
- <a href="#bugfixes-8">Bugfixes</a>
- <a href="#new-plugins">New Plugins</a>
- <a href="#filter">Filter</a>
- <a href="#new-modules">New Modules</a>
- <a href="#v11-2-1">v11\.2\.1</a>
- <a href="#release-summary-1">Release Summary</a>
- <a href="#bugfixes-1">Bugfixes</a>
- <a href="#release-summary-9">Release Summary</a>
- <a href="#bugfixes-9">Bugfixes</a>
- <a href="#v11-2-0">v11\.2\.0</a>
- <a href="#release-summary-2">Release Summary</a>
- <a href="#minor-changes-1">Minor Changes</a>
- <a href="#release-summary-10">Release Summary</a>
- <a href="#minor-changes-4">Minor Changes</a>
- <a href="#deprecated-features-1">Deprecated Features</a>
- <a href="#bugfixes-2">Bugfixes</a>
- <a href="#bugfixes-10">Bugfixes</a>
- <a href="#new-plugins-1">New Plugins</a>
- <a href="#lookup">Lookup</a>
- <a href="#new-modules-1">New Modules</a>
- <a href="#v11-1-2">v11\.1\.2</a>
- <a href="#release-summary-3">Release Summary</a>
- <a href="#minor-changes-2">Minor Changes</a>
- <a href="#bugfixes-3">Bugfixes</a>
- <a href="#release-summary-11">Release Summary</a>
- <a href="#minor-changes-5">Minor Changes</a>
- <a href="#bugfixes-11">Bugfixes</a>
- <a href="#v11-1-1">v11\.1\.1</a>
- <a href="#release-summary-4">Release Summary</a>
- <a href="#minor-changes-3">Minor Changes</a>
- <a href="#bugfixes-4">Bugfixes</a>
- <a href="#release-summary-12">Release Summary</a>
- <a href="#minor-changes-6">Minor Changes</a>
- <a href="#bugfixes-12">Bugfixes</a>
- <a href="#v11-1-0">v11\.1\.0</a>
- <a href="#release-summary-5">Release Summary</a>
- <a href="#minor-changes-4">Minor Changes</a>
- <a href="#release-summary-13">Release Summary</a>
- <a href="#minor-changes-7">Minor Changes</a>
- <a href="#deprecated-features-2">Deprecated Features</a>
- <a href="#bugfixes-5">Bugfixes</a>
- <a href="#bugfixes-13">Bugfixes</a>
- <a href="#new-plugins-2">New Plugins</a>
- <a href="#callback">Callback</a>
- <a href="#new-modules-2">New Modules</a>
- <a href="#v11-0-0">v11\.0\.0</a>
- <a href="#release-summary-6">Release Summary</a>
- <a href="#minor-changes-5">Minor Changes</a>
- <a href="#release-summary-14">Release Summary</a>
- <a href="#minor-changes-8">Minor Changes</a>
- <a href="#deprecated-features-3">Deprecated Features</a>
- <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
- <a href="#security-fixes">Security Fixes</a>
- <a href="#bugfixes-6">Bugfixes</a>
- <a href="#security-fixes-1">Security Fixes</a>
- <a href="#bugfixes-14">Bugfixes</a>
- <a href="#known-issues">Known Issues</a>
- <a href="#new-plugins-3">New Plugins</a>
- <a href="#callback-1">Callback</a>
@@ -54,17 +82,182 @@
- <a href="#new-modules-3">New Modules</a>
This changelog describes changes after version 10\.0\.0\.
<a id="v11-3-0"></a>
## v11\.3\.0
<a id="v11-4-7"></a>
## v11\.4\.7
<a id="release-summary"></a>
### Release Summary
Regular bugfix and feature release\.
Regular bugfix release\.
<a id="bugfixes"></a>
### Bugfixes
* flatpak \- support new output message when an update resulted in no action that appears on Fedora 44 \([https\://github\.com/ansible\-collections/community\.general/pull/11836](https\://github\.com/ansible\-collections/community\.general/pull/11836)\)\.
* homebrew\_cask \- fix <code>sudo\_password</code> failing when the password contains single quotes or other special shell characters \([https\://github\.com/ansible\-collections/community\.general/issues/4957](https\://github\.com/ansible\-collections/community\.general/issues/4957)\, [https\://github\.com/ansible\-collections/community\.general/pull/11850](https\://github\.com/ansible\-collections/community\.general/pull/11850)\)\.
* lvol \- fix LVM version parsing \([https\://github\.com/ansible\-collections/community\.general/issues/5445](https\://github\.com/ansible\-collections/community\.general/issues/5445)\, [https\://github\.com/ansible\-collections/community\.general/pull/11823](https\://github\.com/ansible\-collections/community\.general/pull/11823)\)\.
* mssql\_script \- only passes <code>params</code> to <code>cursor\.execute\(\)</code> when the user actually provides them \([https\://github\.com/ansible\-collections/community\.general/issues/11699](https\://github\.com/ansible\-collections/community\.general/issues/11699)\, [https\://github\.com/ansible\-collections/community\.general/pull/11754](https\://github\.com/ansible\-collections/community\.general/pull/11754)\)\.
* sefcontext \- flush the in\-process <code>matchpathcon</code> cache after applying changes\, so subsequent tasks running in the same process \(for example via the Mitogen connection plugin\) see the updated SELinux file context rules instead of stale cached data \([https\://github\.com/ansible\-collections/community\.general/issues/888](https\://github\.com/ansible\-collections/community\.general/issues/888)\, [https\://github\.com/ansible\-collections/community\.general/pull/11812](https\://github\.com/ansible\-collections/community\.general/pull/11812)\)\.
<a id="v11-4-6"></a>
## v11\.4\.6
<a id="release-summary-1"></a>
### Release Summary
Regular bugfix release\.
<a id="bugfixes-1"></a>
### Bugfixes
* counter\_enabled callback plugin \- fix plugin not observing <code>display\_ok\_hosts</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/3978](https\://github\.com/ansible\-collections/community\.general/issues/3978)\, [https\://github\.com/ansible\-collections/community\.general/pull/11656](https\://github\.com/ansible\-collections/community\.general/pull/11656)\)\.
* keycloak\_authentication \- fix <code>TypeError</code> crash when a flow is defined without <code>authenticationExecutions</code> \([https\://github\.com/ansible\-collections/community\.general/issues/11547](https\://github\.com/ansible\-collections/community\.general/issues/11547)\, [https\://github\.com/ansible\-collections/community\.general/pull/11548](https\://github\.com/ansible\-collections/community\.general/pull/11548)\)\.
* xfconf \- representation of boolean properties was not consistent between Python and <code>xfconf\-query</code>\, leading to broken idempotency \([https\://github\.com/ansible\-collections/community\.general/pull/11645](https\://github\.com/ansible\-collections/community\.general/pull/11645)\)\.
<a id="v11-4-5"></a>
## v11\.4\.5
<a id="release-summary-2"></a>
### Release Summary
Regular bugfix release\.
<a id="bugfixes-2"></a>
### Bugfixes
* python\_requirements\_info \- use <code>importlib\.metadata</code> if <code>pkg\_resources</code> from <code>setuptools</code> cannot be imported\. That module has been removed from setuptools 82\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/issues/11491](https\://github\.com/ansible\-collections/community\.general/issues/11491)\, [https\://github\.com/ansible\-collections/community\.general/pull/11492](https\://github\.com/ansible\-collections/community\.general/pull/11492)\)\.
<a id="v11-4-4"></a>
## v11\.4\.4
<a id="release-summary-3"></a>
### Release Summary
Regular bugfix release\.
<a id="bugfixes-3"></a>
### Bugfixes
* cloudflare\_dns \- also allow <code>flag\=128</code> for CAA records \([https\://github\.com/ansible\-collections/community\.general/issues/11355](https\://github\.com/ansible\-collections/community\.general/issues/11355)\, [https\://github\.com/ansible\-collections/community\.general/pull/11377](https\://github\.com/ansible\-collections/community\.general/pull/11377)\)\.
* logstash\_plugin \- fix argument order when using <code>version</code> parameter\. The plugin name must come after options like <code>\-\-version</code> for the <code>logstash\-plugin</code> CLI to work correctly \([https\://github\.com/ansible\-collections/community\.general/issues/10745](https\://github\.com/ansible\-collections/community\.general/issues/10745)\, [https\://github\.com/ansible\-collections/community\.general/pull/11440](https\://github\.com/ansible\-collections/community\.general/pull/11440)\)\.
<a id="v11-4-3"></a>
## v11\.4\.3
<a id="release-summary-4"></a>
### Release Summary
Regular bugfix release\.
<a id="bugfixes-4"></a>
### Bugfixes
* keycloak\_realm \- fixed crash in <code>sanitize\_cr\(\)</code> when <code>realmrep</code> was <code>None</code> \([https\://github\.com/ansible\-collections/community\.general/pull/11260](https\://github\.com/ansible\-collections/community\.general/pull/11260)\)\.
* listen\_ports\_facts \- fix handling of empty PID lists when <code>command\=ss</code> \([https\://github\.com/ansible\-collections/community\.general/pull/11332](https\://github\.com/ansible\-collections/community\.general/pull/11332)\)\.
* monit \- add delay of 0\.5 seconds after state change and check for status \([https\://github\.com/ansible\-collections/community\.general/pull/11255](https\://github\.com/ansible\-collections/community\.general/pull/11255)\)\.
* monit \- internal state was not reflecting when operation is \"pending\" in <code>monit</code> \([https\://github\.com/ansible\-collections/community\.general/pull/11245](https\://github\.com/ansible\-collections/community\.general/pull/11245)\)\.
<a id="v11-4-2"></a>
## v11\.4\.2
<a id="release-summary-5"></a>
### Release Summary
Regular bugfix release\.
<a id="minor-changes"></a>
### Minor Changes
* tss lookup plugin \- fixed <code>AccessTokenAuthorizer</code> initialization to include <code>base\_url</code> parameter for proper token authentication \([https\://github\.com/ansible\-collections/community\.general/pull/11031](https\://github\.com/ansible\-collections/community\.general/pull/11031)\)\.
<a id="bugfixes-5"></a>
### Bugfixes
* cobbler\_system \- compare the version as a float which is the type returned by the Cobbler API \([https\://github\.com/ansible\-collections/community\.general/issues/11044](https\://github\.com/ansible\-collections/community\.general/issues/11044)\)\.
* datetime module utils \- fix bug in <code>fromtimestamp\(\)</code> that caused the function to crash\. This function is not used in community\.general \([https\://github\.com/ansible\-collections/community\.general/pull/11206](https\://github\.com/ansible\-collections/community\.general/pull/11206)\)\.
* filesystem \- avoid false positive change detection on XFS resize due to unusable slack space \([https\://github\.com/ansible\-collections/community\.general/pull/11033](https\://github\.com/ansible\-collections/community\.general/pull/11033)\)\.
* mas \- parse CLI output correctly when listing installed apps with mas 3\.0\.0\+ \([https\://github\.com/ansible\-collections/community\.general/pull/11179](https\://github\.com/ansible\-collections/community\.general/pull/11179)\)\.
* xfconf \- fix handling of empty array properties \([https\://github\.com/ansible\-collections/community\.general/pull/11026](https\://github\.com/ansible\-collections/community\.general/pull/11026)\)\.
* xfconf\_info \- fix handling of empty array properties \([https\://github\.com/ansible\-collections/community\.general/pull/11026](https\://github\.com/ansible\-collections/community\.general/pull/11026)\)\.
<a id="v11-4-1"></a>
## v11\.4\.1
<a id="release-summary-6"></a>
### Release Summary
Regular bugfix release\.
<a id="minor-changes-1"></a>
### Minor Changes
* dependent lookup plugin \- refactor dict initialization\, no impact to users \([https\://github\.com/ansible\-collections/community\.general/pull/10891](https\://github\.com/ansible\-collections/community\.general/pull/10891)\)\.
* pacemaker\_cluster\.py \- refactor dict initialization\, no impact to users \([https\://github\.com/ansible\-collections/community\.general/pull/10891](https\://github\.com/ansible\-collections/community\.general/pull/10891)\)\.
* pacemaker\_resource\.py \- refactor dict initialization\, no impact to users \([https\://github\.com/ansible\-collections/community\.general/pull/10891](https\://github\.com/ansible\-collections/community\.general/pull/10891)\)\.
* pacemaker\_stonith\.py \- refactor dict initialization\, no impact to users \([https\://github\.com/ansible\-collections/community\.general/pull/10891](https\://github\.com/ansible\-collections/community\.general/pull/10891)\)\.
* scaleway module\_utils \- improve code readability\, no impact to users \([https\://github\.com/ansible\-collections/community\.general/pull/10891](https\://github\.com/ansible\-collections/community\.general/pull/10891)\)\.
<a id="security-fixes"></a>
### Security Fixes
* keycloak\_user \- the parameter <code>credentials\[\]\.value</code> is now marked as <code>no\_log\=true</code>\. Before it was logged by Ansible\, unless the task was marked as <code>no\_log\: true</code>\. Since this parameter can be used for passwords\, this resulted in credential leaking \([https\://github\.com/ansible\-collections/community\.general/issues/11000](https\://github\.com/ansible\-collections/community\.general/issues/11000)\, [https\://github\.com/ansible\-collections/community\.general/pull/11005](https\://github\.com/ansible\-collections/community\.general/pull/11005)\)\.
<a id="bugfixes-6"></a>
### Bugfixes
* cloudflare\_dns \- roll back changes to CAA record validation \([https\://github\.com/ansible\-collections/community\.general/issues/10934](https\://github\.com/ansible\-collections/community\.general/issues/10934)\, [https\://github\.com/ansible\-collections/community\.general/pull/10956](https\://github\.com/ansible\-collections/community\.general/pull/10956)\)\.
* cloudflare\_dns \- roll back changes to SRV record validation \([https\://github\.com/ansible\-collections/community\.general/issues/10934](https\://github\.com/ansible\-collections/community\.general/issues/10934)\, [https\://github\.com/ansible\-collections/community\.general/pull/10937](https\://github\.com/ansible\-collections/community\.general/pull/10937)\)\.
* gitlab\_runner \- fix exception in check mode when a new runner is created \([https\://github\.com/ansible\-collections/community\.general/issues/8854](https\://github\.com/ansible\-collections/community\.general/issues/8854)\)\.
* keycloak\_clientsecret\, keycloak\_clientsecret\_info \- make <code>client\_auth</code> work \([https\://github\.com/ansible\-collections/community\.general/issues/10932](https\://github\.com/ansible\-collections/community\.general/issues/10932)\, [https\://github\.com/ansible\-collections/community\.general/pull/10933](https\://github\.com/ansible\-collections/community\.general/pull/10933)\)\.
* omapi\_host \- make return values compatible with ansible\-core 2\.19 and Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/11001](https\://github\.com/ansible\-collections/community\.general/pull/11001)\)\.
* onepassword\_doc and onepassword\_ssh\_key lookup plugins \- ensure that all connection parameters are passed to CLI class \([https\://github\.com/ansible\-collections/community\.general/pull/10965](https\://github\.com/ansible\-collections/community\.general/pull/10965)\)\.
* pritunl\_user \- improve resilience when comparing user parameters if remote fields are <code>null</code> or missing\. List parameters \(<code>groups</code>\, <code>mac\_addresses</code>\) now safely default to empty lists for comparison and avoids <code>KeyError</code> issues \([https\://github\.com/ansible\-collections/community\.general/issues/10954](https\://github\.com/ansible\-collections/community\.general/issues/10954)\, [https\://github\.com/ansible\-collections/community\.general/pull/10955](https\://github\.com/ansible\-collections/community\.general/pull/10955)\)\.
* random\_string lookup plugin \- replace <code>random\.SystemRandom\(\)</code> with <code>secrets\.SystemRandom\(\)</code> when generating strings\. This has no practical effect\, as both are the same \([https\://github\.com/ansible\-collections/community\.general/pull/10893](https\://github\.com/ansible\-collections/community\.general/pull/10893)\)\.
* terraform \- fix bug when <code>null</code> values inside complex vars are throwing error instead of being passed to terraform\. Now terraform can handle <code>null\`\`s in \`\`complex\_vars</code> itself \([https\://github\.com/ansible\-collections/community\.general/pull/10961](https\://github\.com/ansible\-collections/community\.general/pull/10961)\)\.
<a id="v11-4-0"></a>
## v11\.4\.0
<a id="release-summary-7"></a>
### Release Summary
Regular bugfix and feature release\.
<a id="minor-changes-2"></a>
### Minor Changes
* github\_app\_access\_token lookup plugin \- add support for GitHub Enterprise Server \([https\://github\.com/ansible\-collections/community\.general/issues/10879](https\://github\.com/ansible\-collections/community\.general/issues/10879)\, [https\://github\.com/ansible\-collections/community\.general/pull/10880](https\://github\.com/ansible\-collections/community\.general/pull/10880)\)\.
* gitlab\_group\_variable \- add <code>description</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/10812](https\://github\.com/ansible\-collections/community\.general/pull/10812)\)\.
* gitlab\_instance\_variable \- add <code>description</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/10812](https\://github\.com/ansible\-collections/community\.general/pull/10812)\)\.
* gitlab\_project\_variable \- add <code>description</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/10812](https\://github\.com/ansible\-collections/community\.general/pull/10812)\, [https\://github\.com/ansible\-collections/community\.general/issues/8584](https\://github\.com/ansible\-collections/community\.general/issues/8584)\, [https\://github\.com/ansible\-collections/community\.general/issues/10809](https\://github\.com/ansible\-collections/community\.general/issues/10809)\)\.
* keycloak\_client \- add idempotent support for <code>optional\_client\_scopes</code> and <code>optional\_client\_scopes</code>\, and ensure consistent change detection between check mode and live run \([https\://github\.com/ansible\-collections/community\.general/issues/5495](https\://github\.com/ansible\-collections/community\.general/issues/5495)\, [https\://github\.com/ansible\-collections/community\.general/pull/10842](https\://github\.com/ansible\-collections/community\.general/pull/10842)\)\.
* pipx module\_utils \- use <code>PIPX\_USE\_EMOJI</code> to disable emojis in the output of <code>pipx</code> 1\.8\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10874](https\://github\.com/ansible\-collections/community\.general/pull/10874)\)\.
<a id="bugfixes-7"></a>
### Bugfixes
* Avoid usage of deprecated <code>ansible\.module\_utils\.six</code> in all code that does not have to support Python 2 \([https\://github\.com/ansible\-collections/community\.general/pull/10873](https\://github\.com/ansible\-collections/community\.general/pull/10873)\)\.
* gem \- fix soundness issue when uninstalling default gems on Ubuntu \([https\://github\.com/ansible\-collections/community\.general/issues/10451](https\://github\.com/ansible\-collections/community\.general/issues/10451)\, [https\://github\.com/ansible\-collections/community\.general/pull/10689](https\://github\.com/ansible\-collections/community\.general/pull/10689)\)\.
* github\_app\_access\_token lookup plugin \- fix compatibility imports for using jwt \([https\://github\.com/ansible\-collections/community\.general/issues/10807](https\://github\.com/ansible\-collections/community\.general/issues/10807)\, [https\://github\.com/ansible\-collections/community\.general/pull/10810](https\://github\.com/ansible\-collections/community\.general/pull/10810)\)\.
* github\_deploy\_key \- fix bug during error handling if no body was present in the result \([https\://github\.com/ansible\-collections/community\.general/issues/10853](https\://github\.com/ansible\-collections/community\.general/issues/10853)\, [https\://github\.com/ansible\-collections/community\.general/pull/10857](https\://github\.com/ansible\-collections/community\.general/pull/10857)\)\.
* homebrew \- do not fail when cask or formula name has changed in homebrew repo \([https\://github\.com/ansible\-collections/community\.general/issues/10804](https\://github\.com/ansible\-collections/community\.general/issues/10804)\, [https\://github\.com/ansible\-collections/community\.general/pull/10805](https\://github\.com/ansible\-collections/community\.general/pull/10805)\)\.
* keycloak\_group \- fixes an issue where module ignores realm when searching subgroups by name \([https\://github\.com/ansible\-collections/community\.general/pull/10840](https\://github\.com/ansible\-collections/community\.general/pull/10840)\)\.
* keycloak\_role \- fixes an issue where the module incorrectly returns <code>changed\=true</code> when using the alias <code>clientId</code> in composite roles \([https\://github\.com/ansible\-collections/community\.general/pull/10829](https\://github\.com/ansible\-collections/community\.general/pull/10829)\)\.
* parted \- variable is a list\, not text \([https\://github\.com/ansible\-collections/community\.general/pull/10823](https\://github\.com/ansible\-collections/community\.general/pull/10823)\, [https\://github\.com/ansible\-collections/community\.general/issues/10817](https\://github\.com/ansible\-collections/community\.general/issues/10817)\)\.
* rocketchat \- fix message delivery in Rocket Chat \>\= 7\.5\.3 by forcing <code>Content\-Type</code> header to <code>application/json</code> instead of the default <code>application/x\-www\-form\-urlencoded</code> \([https\://github\.com/ansible\-collections/community\.general/issues/10796](https\://github\.com/ansible\-collections/community\.general/issues/10796)\, [https\://github\.com/ansible\-collections/community\.general/pull/10796](https\://github\.com/ansible\-collections/community\.general/pull/10796)\)\.
* yaml cache plugin \- make compatible with ansible\-core 2\.19 \([https\://github\.com/ansible\-collections/community\.general/issues/10849](https\://github\.com/ansible\-collections/community\.general/issues/10849)\, [https\://github\.com/ansible\-collections/community\.general/issues/10852](https\://github\.com/ansible\-collections/community\.general/issues/10852)\)\.
<a id="v11-3-0"></a>
## v11\.3\.0
<a id="release-summary-8"></a>
### Release Summary
Regular bugfix and feature release\.
<a id="minor-changes-3"></a>
### Minor Changes
* android\_sdk \- minor refactor to improve readability \([https\://github\.com/ansible\-collections/community\.general/pull/10712](https\://github\.com/ansible\-collections/community\.general/pull/10712)\)\.
* django module utils \- simplify/consolidate the common settings for the command line \([https\://github\.com/ansible\-collections/community\.general/pull/10684](https\://github\.com/ansible\-collections/community\.general/pull/10684)\)\.
* django\_check \- rename parameter <code>database</code> to <code>databases</code>\, add alias for compatibility \([https\://github\.com/ansible\-collections/community\.general/pull/10700](https\://github\.com/ansible\-collections/community\.general/pull/10700)\)\.
@@ -118,7 +311,7 @@ Regular bugfix and feature release\.
* oci\_vcn \- module is deprecated and will be removed in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/issues/10318](https\://github\.com/ansible\-collections/community\.general/issues/10318)\, [https\://github\.com/ansible\-collections/community\.general/pull/10652](https\://github\.com/ansible\-collections/community\.general/pull/10652)\)\.
* oracle\* doc fragments \- fragments are deprecated and will be removed in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/issues/10318](https\://github\.com/ansible\-collections/community\.general/issues/10318)\, [https\://github\.com/ansible\-collections/community\.general/pull/10652](https\://github\.com/ansible\-collections/community\.general/pull/10652)\)\.
<a id="bugfixes"></a>
<a id="bugfixes-8"></a>
### Bugfixes
* kdeconfig \- <code>kwriteconfig</code> executable could not be discovered automatically on systems with only <code>kwriteconfig6</code> installed\. <code>kwriteconfig6</code> can now be discovered by Ansible \([https\://github\.com/ansible\-collections/community\.general/issues/10746](https\://github\.com/ansible\-collections/community\.general/issues/10746)\, [https\://github\.com/ansible\-collections/community\.general/pull/10751](https\://github\.com/ansible\-collections/community\.general/pull/10751)\)\.
@@ -138,19 +331,19 @@ Regular bugfix and feature release\.
<a id="new-modules"></a>
### New Modules
* community\.general\.django\_dumpdata \- Wrapper for C\(django\-admin dumpdata\)\.
* community\.general\.django\_loaddata \- Wrapper for C\(django\-admin loaddata\)\.
* community\.general\.django\_dumpdata \- Wrapper for <code>django\-admin dumpdata</code>\.
* community\.general\.django\_loaddata \- Wrapper for <code>django\-admin loaddata</code>\.
* community\.general\.pacemaker\_stonith \- Manage Pacemaker STONITH\.
<a id="v11-2-1"></a>
## v11\.2\.1
<a id="release-summary-1"></a>
<a id="release-summary-9"></a>
### Release Summary
Bugfix release\.
<a id="bugfixes-1"></a>
<a id="bugfixes-9"></a>
### Bugfixes
* Avoid deprecated functionality in ansible\-core 2\.20 \([https\://github\.com/ansible\-collections/community\.general/pull/10687](https\://github\.com/ansible\-collections/community\.general/pull/10687)\)\.
@@ -162,12 +355,12 @@ Bugfix release\.
<a id="v11-2-0"></a>
## v11\.2\.0
<a id="release-summary-2"></a>
<a id="release-summary-10"></a>
### Release Summary
Regular bugfix and features release\.
<a id="minor-changes-1"></a>
<a id="minor-changes-4"></a>
### Minor Changes
* apk \- using safer mechanism to run external command \([https\://github\.com/ansible\-collections/community\.general/issues/10479](https\://github\.com/ansible\-collections/community\.general/issues/10479)\, [https\://github\.com/ansible\-collections/community\.general/pull/10520](https\://github\.com/ansible\-collections/community\.general/pull/10520)\)\.
@@ -205,7 +398,7 @@ Regular bugfix and features release\.
* github\_repo \- deprecate <code>force\_defaults\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/10435](https\://github\.com/ansible\-collections/community\.general/pull/10435)\)\.
* rocketchat \- the default value for <code>is\_pre740</code>\, currently <code>true</code>\, is deprecated and will change to <code>false</code> in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10490](https\://github\.com/ansible\-collections/community\.general/pull/10490)\)\.
<a id="bugfixes-2"></a>
<a id="bugfixes-10"></a>
### Bugfixes
* jenkins\_plugin \- install latest compatible version instead of latest \([https\://github\.com/ansible\-collections/community\.general/issues/854](https\://github\.com/ansible\-collections/community\.general/issues/854)\, [https\://github\.com/ansible\-collections/community\.general/pull/10346](https\://github\.com/ansible\-collections/community\.general/pull/10346)\)\.
@@ -229,12 +422,12 @@ Regular bugfix and features release\.
<a id="v11-1-2"></a>
## v11\.1\.2
<a id="release-summary-3"></a>
<a id="release-summary-11"></a>
### Release Summary
Bugfix release\.
<a id="minor-changes-2"></a>
<a id="minor-changes-5"></a>
### Minor Changes
* gem \- remove redundant constructs from argument specs \([https\://github\.com/ansible\-collections/community\.general/pull/10505](https\://github\.com/ansible\-collections/community\.general/pull/10505)\)\.
@@ -368,7 +561,7 @@ Bugfix release\.
* zypper \- remove redundant constructs from argument specs \([https\://github\.com/ansible\-collections/community\.general/pull/10513](https\://github\.com/ansible\-collections/community\.general/pull/10513)\)\.
* zypper\_repository \- remove redundant constructs from argument specs \([https\://github\.com/ansible\-collections/community\.general/pull/10513](https\://github\.com/ansible\-collections/community\.general/pull/10513)\)\.
<a id="bugfixes-3"></a>
<a id="bugfixes-11"></a>
### Bugfixes
* apk \- fix check for empty/whitespace\-only package names \([https\://github\.com/ansible\-collections/community\.general/pull/10532](https\://github\.com/ansible\-collections/community\.general/pull/10532)\)\.
@@ -382,12 +575,12 @@ Bugfix release\.
<a id="v11-1-1"></a>
## v11\.1\.1
<a id="release-summary-4"></a>
<a id="release-summary-12"></a>
### Release Summary
Bugfix release for the next Ansible 12 pre\-release\.
<a id="minor-changes-3"></a>
<a id="minor-changes-6"></a>
### Minor Changes
* aerospike\_migrations \- remove redundant constructs from argument specs \([https\://github\.com/ansible\-collections/community\.general/pull/10494](https\://github\.com/ansible\-collections/community\.general/pull/10494)\)\.
@@ -418,7 +611,7 @@ Bugfix release for the next Ansible 12 pre\-release\.
* filesystem \- remove redundant constructs from argument specs \([https\://github\.com/ansible\-collections/community\.general/pull/10494](https\://github\.com/ansible\-collections/community\.general/pull/10494)\)\.
* sysrc \- adjustments to the code \([https\://github\.com/ansible\-collections/community\.general/pull/10417](https\://github\.com/ansible\-collections/community\.general/pull/10417)\)\.
<a id="bugfixes-4"></a>
<a id="bugfixes-12"></a>
### Bugfixes
* apache2\_module \- avoid ansible\-core 2\.19 deprecation \([https\://github\.com/ansible\-collections/community\.general/pull/10459](https\://github\.com/ansible\-collections/community\.general/pull/10459)\)\.
@@ -436,12 +629,12 @@ Bugfix release for the next Ansible 12 pre\-release\.
<a id="v11-1-0"></a>
## v11\.1\.0
<a id="release-summary-5"></a>
<a id="release-summary-13"></a>
### Release Summary
Regular bugfix and feature release\.
<a id="minor-changes-4"></a>
<a id="minor-changes-7"></a>
### Minor Changes
* cloudflare\_dns \- adds support for PTR records \([https\://github\.com/ansible\-collections/community\.general/pull/10267](https\://github\.com/ansible\-collections/community\.general/pull/10267)\)\.
@@ -496,7 +689,7 @@ Regular bugfix and feature release\.
* catapult \- module is deprecated and will be removed in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/issues/10318](https\://github\.com/ansible\-collections/community\.general/issues/10318)\, [https\://github\.com/ansible\-collections/community\.general/pull/10329](https\://github\.com/ansible\-collections/community\.general/pull/10329)\)\.
* pacemaker\_cluster \- the parameter <code>state</code> will become a required parameter in community\.general 12\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10227](https\://github\.com/ansible\-collections/community\.general/pull/10227)\)\.
<a id="bugfixes-5"></a>
<a id="bugfixes-13"></a>
### Bugfixes
* dependent lookup plugin \- avoid deprecated ansible\-core 2\.19 functionality \([https\://github\.com/ansible\-collections/community\.general/pull/10359](https\://github\.com/ansible\-collections/community\.general/pull/10359)\)\.
@@ -522,12 +715,12 @@ Regular bugfix and feature release\.
<a id="v11-0-0"></a>
## v11\.0\.0
<a id="release-summary-6"></a>
<a id="release-summary-14"></a>
### Release Summary
This is release 11\.0\.0 of <code>community\.general</code>\, released on 2025\-06\-16\.
<a id="minor-changes-5"></a>
<a id="minor-changes-8"></a>
### Minor Changes
* CmdRunner module utils \- the convenience method <code>cmd\_runner\_fmt\.as\_fixed\(\)</code> now accepts multiple arguments as a list \([https\://github\.com/ansible\-collections/community\.general/pull/9893](https\://github\.com/ansible\-collections/community\.general/pull/9893)\)\.
@@ -636,7 +829,7 @@ This is release 11\.0\.0 of <code>community\.general</code>\, released on 2025\-
* iocage inventory plugin \- adjust standard preamble for Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9584](https\://github\.com/ansible\-collections/community\.general/pull/9584)\)\.
* iocage inventory plugin \- clean up string conversions \([https\://github\.com/ansible\-collections/community\.general/pull/9379](https\://github\.com/ansible\-collections/community\.general/pull/9379)\)\.
* iocage inventory plugin \- the new parameter <code>hooks\_results</code> of the plugin is a list of files inside a jail that provide configuration parameters for the inventory\. The inventory plugin reads the files from the jails and put the contents into the items of created variable <code>iocage\_hooks</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9650](https\://github\.com/ansible\-collections/community\.general/issues/9650)\, [https\://github\.com/ansible\-collections/community\.general/pull/9651](https\://github\.com/ansible\-collections/community\.general/pull/9651)\)\.
* iocage inventory plugin \- the new parameter <code>inventory\_hostname\_tag</code> of the plugin provides the name of the tag in the C\(iocage properties notes\) that contains the jails alias\. The new parameter <code>inventory\_hostname\_required</code>\, if enabled\, makes the tag mandatory \([https\://github\.com/ansible\-collections/community\.general/issues/10206](https\://github\.com/ansible\-collections/community\.general/issues/10206)\, [https\://github\.com/ansible\-collections/community\.general/pull/10207](https\://github\.com/ansible\-collections/community\.general/pull/10207)\)\.
* iocage inventory plugin \- the new parameter <code>inventory\_hostname\_tag</code> of the plugin provides the name of the tag in the <code>iocage properties notes</code> that contains the jails alias\. The new parameter <code>inventory\_hostname\_required</code>\, if enabled\, makes the tag mandatory \([https\://github\.com/ansible\-collections/community\.general/issues/10206](https\://github\.com/ansible\-collections/community\.general/issues/10206)\, [https\://github\.com/ansible\-collections/community\.general/pull/10207](https\://github\.com/ansible\-collections/community\.general/pull/10207)\)\.
* iocage inventory plugin \- the new parameter <code>sudo</code> of the plugin lets the command <code>iocage list \-l</code> to run as root on the iocage host\. This is needed to get the IPv4 of a running DHCP jail \([https\://github\.com/ansible\-collections/community\.general/issues/9572](https\://github\.com/ansible\-collections/community\.general/issues/9572)\, [https\://github\.com/ansible\-collections/community\.general/pull/9573](https\://github\.com/ansible\-collections/community\.general/pull/9573)\)\.
* iptables\_state action plugin \- adjust standard preamble for Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9583](https\://github\.com/ansible\-collections/community\.general/pull/9583)\)\.
* iptables\_state action plugin \- use f\-strings instead of interpolations or <code>format</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9318](https\://github\.com/ansible\-collections/community\.general/pull/9318)\)\.
@@ -915,13 +1108,13 @@ This is release 11\.0\.0 of <code>community\.general</code>\, released on 2025\-
* redfish\_utils module utils \- the <code>\_init\_session</code> method has been removed \([https\://github\.com/ansible\-collections/community\.general/pull/10126](https\://github\.com/ansible\-collections/community\.general/pull/10126)\)\.
* stackpath\_compute inventory plugin \- the plugin was removed since the company and the service were sunset in June 2024 \([https\://github\.com/ansible\-collections/community\.general/pull/10126](https\://github\.com/ansible\-collections/community\.general/pull/10126)\)\.
<a id="security-fixes"></a>
<a id="security-fixes-1"></a>
### Security Fixes
* keycloak\_authentication \- API calls did not properly set the <code>priority</code> during update resulting in incorrectly sorted authentication flows\. This apparently only affects Keycloak 25 or newer \([https\://github\.com/ansible\-collections/community\.general/pull/9263](https\://github\.com/ansible\-collections/community\.general/pull/9263)\)\.
* keycloak\_client \- Sanitize <code>saml\.encryption\.private\.key</code> so it does not show in the logs \([https\://github\.com/ansible\-collections/community\.general/pull/9621](https\://github\.com/ansible\-collections/community\.general/pull/9621)\)\.
<a id="bugfixes-6"></a>
<a id="bugfixes-14"></a>
### Bugfixes
* apache2\_mod\_proxy \- make compatible with Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9762](https\://github\.com/ansible\-collections/community\.general/pull/9762)\)\.
@@ -1044,8 +1237,8 @@ This is release 11\.0\.0 of <code>community\.general</code>\, released on 2025\-
* community\.general\.ldap\_inc \- Use the Modify\-Increment LDAP V3 feature to increment an attribute value\.
* community\.general\.lvm\_pv \- Manage LVM Physical Volumes\.
* community\.general\.pacemaker\_resource \- Manage pacemaker resources\.
* community\.general\.systemd\_creds\_decrypt \- C\(systemd\)\'s C\(systemd\-creds decrypt\) plugin\.
* community\.general\.systemd\_creds\_encrypt \- C\(systemd\)\'s C\(systemd\-creds encrypt\) plugin\.
* community\.general\.systemd\_info \- Gather C\(systemd\) unit info\.
* community\.general\.systemd\_creds\_decrypt \- <code>systemd</code>\'s <code>systemd\-creds decrypt</code> plugin\.
* community\.general\.systemd\_creds\_encrypt \- <code>systemd</code>\'s <code>systemd\-creds encrypt</code> plugin\.
* community\.general\.systemd\_info \- Gather <code>systemd</code> unit info\.
* community\.general\.xdg\_mime \- Set default handler for MIME types\, for applications using XDG tools\.
* community\.general\.zpool \- Manage ZFS zpools\.

177
CHANGELOG.rst
View File

@@ -6,6 +6,171 @@ Community General Release Notes
This changelog describes changes after version 10.0.0.
v11.4.7
=======
Release Summary
---------------
Regular bugfix release.
Bugfixes
--------
- flatpak - support new output message when an update resulted in no action that appears on Fedora 44 (https://github.com/ansible-collections/community.general/pull/11836).
- homebrew_cask - fix ``sudo_password`` failing when the password contains single quotes or other special shell characters (https://github.com/ansible-collections/community.general/issues/4957, https://github.com/ansible-collections/community.general/pull/11850).
- lvol - fix LVM version parsing (https://github.com/ansible-collections/community.general/issues/5445, https://github.com/ansible-collections/community.general/pull/11823).
- mssql_script - only passes ``params`` to ``cursor.execute()`` when the user actually provides them (https://github.com/ansible-collections/community.general/issues/11699, https://github.com/ansible-collections/community.general/pull/11754).
- sefcontext - flush the in-process ``matchpathcon`` cache after applying changes, so subsequent tasks running in the same process (for example via the Mitogen connection plugin) see the updated SELinux file context rules instead of stale cached data (https://github.com/ansible-collections/community.general/issues/888, https://github.com/ansible-collections/community.general/pull/11812).
v11.4.6
=======
Release Summary
---------------
Regular bugfix release.
Bugfixes
--------
- counter_enabled callback plugin - fix plugin not observing ``display_ok_hosts`` option (https://github.com/ansible-collections/community.general/issues/3978, https://github.com/ansible-collections/community.general/pull/11656).
- keycloak_authentication - fix ``TypeError`` crash when a flow is defined without ``authenticationExecutions`` (https://github.com/ansible-collections/community.general/issues/11547, https://github.com/ansible-collections/community.general/pull/11548).
- xfconf - representation of boolean properties was not consistent between Python and ``xfconf-query``, leading to broken idempotency (https://github.com/ansible-collections/community.general/pull/11645).
v11.4.5
=======
Release Summary
---------------
Regular bugfix release.
Bugfixes
--------
- python_requirements_info - use ``importlib.metadata`` if ``pkg_resources`` from ``setuptools`` cannot be imported. That module has been removed from setuptools 82.0.0 (https://github.com/ansible-collections/community.general/issues/11491, https://github.com/ansible-collections/community.general/pull/11492).
v11.4.4
=======
Release Summary
---------------
Regular bugfix release.
Bugfixes
--------
- cloudflare_dns - also allow ``flag=128`` for CAA records (https://github.com/ansible-collections/community.general/issues/11355, https://github.com/ansible-collections/community.general/pull/11377).
- logstash_plugin - fix argument order when using ``version`` parameter. The plugin name must come after options like ``--version`` for the ``logstash-plugin`` CLI to work correctly (https://github.com/ansible-collections/community.general/issues/10745, https://github.com/ansible-collections/community.general/pull/11440).
v11.4.3
=======
Release Summary
---------------
Regular bugfix release.
Bugfixes
--------
- keycloak_realm - fixed crash in ``sanitize_cr()`` when ``realmrep`` was ``None`` (https://github.com/ansible-collections/community.general/pull/11260).
- listen_ports_facts - fix handling of empty PID lists when ``command=ss`` (https://github.com/ansible-collections/community.general/pull/11332).
- monit - add delay of 0.5 seconds after state change and check for status (https://github.com/ansible-collections/community.general/pull/11255).
- monit - internal state was not reflecting when operation is "pending" in ``monit`` (https://github.com/ansible-collections/community.general/pull/11245).
v11.4.2
=======
Release Summary
---------------
Regular bugfix release.
Minor Changes
-------------
- tss lookup plugin - fixed ``AccessTokenAuthorizer`` initialization to include ``base_url`` parameter for proper token authentication (https://github.com/ansible-collections/community.general/pull/11031).
Bugfixes
--------
- cobbler_system - compare the version as a float which is the type returned by the Cobbler API (https://github.com/ansible-collections/community.general/issues/11044).
- datetime module utils - fix bug in ``fromtimestamp()`` that caused the function to crash. This function is not used in community.general (https://github.com/ansible-collections/community.general/pull/11206).
- filesystem - avoid false positive change detection on XFS resize due to unusable slack space (https://github.com/ansible-collections/community.general/pull/11033).
- mas - parse CLI output correctly when listing installed apps with mas 3.0.0+ (https://github.com/ansible-collections/community.general/pull/11179).
- xfconf - fix handling of empty array properties (https://github.com/ansible-collections/community.general/pull/11026).
- xfconf_info - fix handling of empty array properties (https://github.com/ansible-collections/community.general/pull/11026).
v11.4.1
=======
Release Summary
---------------
Regular bugfix release.
Minor Changes
-------------
- dependent lookup plugin - refactor dict initialization, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_cluster.py - refactor dict initialization, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_resource.py - refactor dict initialization, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_stonith.py - refactor dict initialization, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
- scaleway module_utils - improve code readability, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
Security Fixes
--------------
- keycloak_user - the parameter ``credentials[].value`` is now marked as ``no_log=true``. Before it was logged by Ansible, unless the task was marked as ``no_log: true``. Since this parameter can be used for passwords, this resulted in credential leaking (https://github.com/ansible-collections/community.general/issues/11000, https://github.com/ansible-collections/community.general/pull/11005).
Bugfixes
--------
- cloudflare_dns - roll back changes to CAA record validation (https://github.com/ansible-collections/community.general/issues/10934, https://github.com/ansible-collections/community.general/pull/10956).
- cloudflare_dns - roll back changes to SRV record validation (https://github.com/ansible-collections/community.general/issues/10934, https://github.com/ansible-collections/community.general/pull/10937).
- gitlab_runner - fix exception in check mode when a new runner is created (https://github.com/ansible-collections/community.general/issues/8854).
- keycloak_clientsecret, keycloak_clientsecret_info - make ``client_auth`` work (https://github.com/ansible-collections/community.general/issues/10932, https://github.com/ansible-collections/community.general/pull/10933).
- omapi_host - make return values compatible with ansible-core 2.19 and Python 3 (https://github.com/ansible-collections/community.general/pull/11001).
- onepassword_doc and onepassword_ssh_key lookup plugins - ensure that all connection parameters are passed to CLI class (https://github.com/ansible-collections/community.general/pull/10965).
- pritunl_user - improve resilience when comparing user parameters if remote fields are ``null`` or missing. List parameters (``groups``, ``mac_addresses``) now safely default to empty lists for comparison and avoids ``KeyError`` issues (https://github.com/ansible-collections/community.general/issues/10954, https://github.com/ansible-collections/community.general/pull/10955).
- random_string lookup plugin - replace ``random.SystemRandom()`` with ``secrets.SystemRandom()`` when generating strings. This has no practical effect, as both are the same (https://github.com/ansible-collections/community.general/pull/10893).
- terraform - fix bug when ``null`` values inside complex vars are throwing error instead of being passed to terraform. Now terraform can handle ``null``s in ``complex_vars`` itself (https://github.com/ansible-collections/community.general/pull/10961).
v11.4.0
=======
Release Summary
---------------
Regular bugfix and feature release.
Minor Changes
-------------
- github_app_access_token lookup plugin - add support for GitHub Enterprise Server (https://github.com/ansible-collections/community.general/issues/10879, https://github.com/ansible-collections/community.general/pull/10880).
- gitlab_group_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812).
- gitlab_instance_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812).
- gitlab_project_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812, https://github.com/ansible-collections/community.general/issues/8584, https://github.com/ansible-collections/community.general/issues/10809).
- keycloak_client - add idempotent support for ``optional_client_scopes`` and ``optional_client_scopes``, and ensure consistent change detection between check mode and live run (https://github.com/ansible-collections/community.general/issues/5495, https://github.com/ansible-collections/community.general/pull/10842).
- pipx module_utils - use ``PIPX_USE_EMOJI`` to disable emojis in the output of ``pipx`` 1.8.0 (https://github.com/ansible-collections/community.general/pull/10874).
Bugfixes
--------
- Avoid usage of deprecated ``ansible.module_utils.six`` in all code that does not have to support Python 2 (https://github.com/ansible-collections/community.general/pull/10873).
- gem - fix soundness issue when uninstalling default gems on Ubuntu (https://github.com/ansible-collections/community.general/issues/10451, https://github.com/ansible-collections/community.general/pull/10689).
- github_app_access_token lookup plugin - fix compatibility imports for using jwt (https://github.com/ansible-collections/community.general/issues/10807, https://github.com/ansible-collections/community.general/pull/10810).
- github_deploy_key - fix bug during error handling if no body was present in the result (https://github.com/ansible-collections/community.general/issues/10853, https://github.com/ansible-collections/community.general/pull/10857).
- homebrew - do not fail when cask or formula name has changed in homebrew repo (https://github.com/ansible-collections/community.general/issues/10804, https://github.com/ansible-collections/community.general/pull/10805).
- keycloak_group - fixes an issue where module ignores realm when searching subgroups by name (https://github.com/ansible-collections/community.general/pull/10840).
- keycloak_role - fixes an issue where the module incorrectly returns ``changed=true`` when using the alias ``clientId`` in composite roles (https://github.com/ansible-collections/community.general/pull/10829).
- parted - variable is a list, not text (https://github.com/ansible-collections/community.general/pull/10823, https://github.com/ansible-collections/community.general/issues/10817).
- rocketchat - fix message delivery in Rocket Chat >= 7.5.3 by forcing ``Content-Type`` header to ``application/json`` instead of the default ``application/x-www-form-urlencoded`` (https://github.com/ansible-collections/community.general/issues/10796, https://github.com/ansible-collections/community.general/pull/10796).
- yaml cache plugin - make compatible with ansible-core 2.19 (https://github.com/ansible-collections/community.general/issues/10849, https://github.com/ansible-collections/community.general/issues/10852).
v11.3.0
=======
@@ -90,8 +255,8 @@ Filter
New Modules
-----------
- community.general.django_dumpdata - Wrapper for C(django-admin dumpdata).
- community.general.django_loaddata - Wrapper for C(django-admin loaddata).
- community.general.django_dumpdata - Wrapper for ``django-admin dumpdata``.
- community.general.django_loaddata - Wrapper for ``django-admin loaddata``.
- community.general.pacemaker_stonith - Manage Pacemaker STONITH.
v11.2.1
@@ -588,7 +753,7 @@ Minor Changes
- iocage inventory plugin - adjust standard preamble for Python 3 (https://github.com/ansible-collections/community.general/pull/9584).
- iocage inventory plugin - clean up string conversions (https://github.com/ansible-collections/community.general/pull/9379).
- iocage inventory plugin - the new parameter ``hooks_results`` of the plugin is a list of files inside a jail that provide configuration parameters for the inventory. The inventory plugin reads the files from the jails and put the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650, https://github.com/ansible-collections/community.general/pull/9651).
- iocage inventory plugin - the new parameter ``inventory_hostname_tag`` of the plugin provides the name of the tag in the C(iocage properties notes) that contains the jails alias. The new parameter ``inventory_hostname_required``, if enabled, makes the tag mandatory (https://github.com/ansible-collections/community.general/issues/10206, https://github.com/ansible-collections/community.general/pull/10207).
- iocage inventory plugin - the new parameter ``inventory_hostname_tag`` of the plugin provides the name of the tag in the ``iocage properties notes`` that contains the jails alias. The new parameter ``inventory_hostname_required``, if enabled, makes the tag mandatory (https://github.com/ansible-collections/community.general/issues/10206, https://github.com/ansible-collections/community.general/pull/10207).
- iocage inventory plugin - the new parameter ``sudo`` of the plugin lets the command ``iocage list -l`` to run as root on the iocage host. This is needed to get the IPv4 of a running DHCP jail (https://github.com/ansible-collections/community.general/issues/9572, https://github.com/ansible-collections/community.general/pull/9573).
- iptables_state action plugin - adjust standard preamble for Python 3 (https://github.com/ansible-collections/community.general/pull/9583).
- iptables_state action plugin - use f-strings instead of interpolations or ``format`` (https://github.com/ansible-collections/community.general/pull/9318).
@@ -996,8 +1161,8 @@ New Modules
- community.general.ldap_inc - Use the Modify-Increment LDAP V3 feature to increment an attribute value.
- community.general.lvm_pv - Manage LVM Physical Volumes.
- community.general.pacemaker_resource - Manage pacemaker resources.
- community.general.systemd_creds_decrypt - C(systemd)'s C(systemd-creds decrypt) plugin.
- community.general.systemd_creds_encrypt - C(systemd)'s C(systemd-creds encrypt) plugin.
- community.general.systemd_info - Gather C(systemd) unit info.
- community.general.systemd_creds_decrypt - ``systemd``'s ``systemd-creds decrypt`` plugin.
- community.general.systemd_creds_encrypt - ``systemd``'s ``systemd-creds encrypt`` plugin.
- community.general.systemd_info - Gather ``systemd`` unit info.
- community.general.xdg_mime - Set default handler for MIME types, for applications using XDG tools.
- community.general.zpool - Manage ZFS zpools.

29
CONTRIBUTING.md
View File

@@ -6,7 +6,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
# Contributing
We follow [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) in all our contributions and interactions within this repository.
We follow [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html) in all our contributions and interactions within this repository.
If you are a committer, also refer to the [collection's committer guidelines](https://github.com/ansible-collections/community.general/blob/main/commit-rights.md).
@@ -20,33 +20,38 @@ so you can cooperate to create a better solution together.
* If you are interested in starting with an easy issue, look for [issues with an `easyfix` label](https://github.com/ansible-collections/community.general/labels/easyfix).
* Often issues that are waiting for contributors to pick up have [the `waiting_on_contributor` label](https://github.com/ansible-collections/community.general/labels/waiting_on_contributor).
## Open pull requests
## Review pull requests
Look through currently [open pull requests](https://github.com/ansible-collections/community.general/pulls).
You can help by reviewing them. Reviews help move pull requests to merge state. Some good pull requests cannot be merged only due to a lack of reviews. And it is always worth saying that good reviews are often more valuable than pull requests themselves.
Note that reviewing does not only mean code review, but also offering comments on new interfaces added to existing plugins/modules, interfaces of new plugins/modules, improving language (not everyone is a native english speaker), or testing bugfixes and new features!
Note that reviewing does not only mean code review, but also offering comments on new interfaces added to existing plugins/modules, interfaces of new plugins/modules, improving language (not everyone is a native English speaker), or testing bugfixes and new features!
Also, consider taking up a valuable, reviewed, but abandoned pull request which you could politely ask the original authors to complete yourself.
## Open pull requests
Please read our ['Contributing to collections'](https://docs.ansible.com/projects/ansible/devel/dev_guide/developing_collections_contributing.html#contributing-to-a-collection-community-general) guide.
* Try committing your changes with an informative but short commit message.
* Do not squash your commits and force-push to your branch if not needed. Reviews of your pull request are much easier with individual commits to comprehend the pull request history. All commits of your pull request branch will be squashed into one commit by GitHub upon merge.
* Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the repository checkout.
* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/collection_development_process.html#creating-a-changelog-fragment).
* Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/projects/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the repository checkout.
* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/projects/ansible/devel/community/collection_development_process.html#creating-a-changelog-fragment).
* You must not include a fragment for new modules or new plugins. Also you shouldn't include one for docs-only changes. (If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
* Please always include a link to the pull request itself, and if the PR is about an issue, also a link to the issue. Also make sure the fragment ends with a period, and begins with a lower-case letter after `-`. (Again, if you don't do this, we'll add suggestions to fix it, so don't worry too much :) )
* Avoid reformatting unrelated parts of the codebase in your PR. These types of changes will likely be requested for reversion, create additional work for reviewers, and may cause approval to be delayed.
You can also read [our Quick-start development guide](https://github.com/ansible/community-docs/blob/main/create_pr_quick_start_guide.rst).
You can also read the Ansible community's [Quick-start development guide](https://docs.ansible.com/projects/ansible/devel/community/create_pr_quick_start.html).
## Test pull requests
If you want to test a PR locally, refer to [our testing guide](https://github.com/ansible/community-docs/blob/main/test_pr_locally_guide.rst) for instructions on how do it quickly.
If you want to test a PR locally, refer to [our testing guide](https://docs.ansible.com/projects/ansible/devel/community/collection_contributors/collection_test_pr_locally.html) for instructions on how do it quickly.
If you find any inconsistencies or places in this document which can be improved, feel free to raise an issue or pull request to fix it.
## Run sanity or unit locally (with antsibull-nox)
The easiest way to run sanity and unit tests locally is to use [antsibull-nox](https://ansible.readthedocs.io/projects/antsibull-nox/).
The easiest way to run sanity and unit tests locally is to use [antsibull-nox](https://docs.ansible.com/projects/antsibull-nox/).
(If you have [nox](https://nox.thea.codes/en/stable/) installed, it will automatically install antsibull-nox in a virtual environment for you.)
### Sanity tests
@@ -88,7 +93,7 @@ If you replace `-Re` with `-e`, then the virtual environments will be re-created
Instead of using antsibull-nox, you can also run sanity and unit tests with ansible-test directly.
This also allows you to run integration tests.
You have to check out the repository into a specific path structure to be able to run `ansible-test`. The path to the git checkout must end with `.../ansible_collections/community/general`. Please see [our testing guide](https://github.com/ansible/community-docs/blob/main/test_pr_locally_guide.rst) for instructions on how to check out the repository into a correct path structure. The short version of these instructions is:
You have to check out the repository into a specific path structure to be able to run `ansible-test`. The path to the git checkout must end with `.../ansible_collections/community/general`. Please see [our testing guide](https://docs.ansible.com/projects/ansible/devel/community/collection_contributors/collection_test_pr_locally.html) for instructions on how to check out the repository into a correct path structure. The short version of these instructions is:
```.bash
mkdir -p ~/dev/ansible_collections/community
@@ -188,9 +193,9 @@ Creating new modules and plugins requires a bit more work than other Pull Reques
3. When creating a new module or plugin, please make sure that you follow various guidelines:
- Follow [development conventions](https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_best_practices.html);
- Follow [documentation standards](https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html) and
the [Ansible style guide](https://docs.ansible.com/ansible/devel/dev_guide/style_guide/index.html#style-guide);
- Follow [development conventions](https://docs.ansible.com/projects/ansible/devel/dev_guide/developing_modules_best_practices.html);
- Follow [documentation standards](https://docs.ansible.com/projects/ansible/devel/dev_guide/developing_modules_documenting.html) and
the [Ansible style guide](https://docs.ansible.com/projects/ansible/devel/dev_guide/style_guide/index.html#style-guide);
- Make sure your modules and plugins are [GPL-3.0-or-later](https://www.gnu.org/licenses/gpl-3.0-standalone.html) licensed
(new module_utils can also be [BSD-2-clause](https://opensource.org/licenses/BSD-2-Clause) licensed);
- Make sure that new plugins and modules have tests (unit tests, integration tests, or both); it is preferable to have some tests

30
README.md
View File

@@ -6,7 +6,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
# Community General Collection
[![Documentation](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/ansible/devel/collections/community/general/)
[![Documentation](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/projects/ansible/devel/collections/community/general/)
[![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-11)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
[![EOL CI](https://github.com/ansible-collections/community.general/actions/workflows/ansible-test.yml/badge.svg?branch=stable-11)](https://github.com/ansible-collections/community.general/actions)
[![Nox CI](https://github.com/ansible-collections/community.general/actions/workflows/nox.yml/badge.svg?branch=stable-11)](https://github.com/ansible-collections/community.general/actions)
@@ -15,15 +15,15 @@ SPDX-License-Identifier: GPL-3.0-or-later
This repository contains the `community.general` Ansible Collection. The collection is a part of the Ansible package and includes many modules and plugins supported by Ansible community which are not part of more specialized community collections.
You can find [documentation for this collection on the Ansible docs site](https://docs.ansible.com/ansible/latest/collections/community/general/).
You can find [documentation for this collection on the Ansible docs site](https://docs.ansible.com/projects/ansible/latest/collections/community/general/).
Please note that this collection does **not** support Windows targets. Only connection plugins included in this collection might support Windows targets, and will explicitly mention that in their documentation if they do so.
## Code of Conduct
We follow [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) in all our interactions within this project.
We follow [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html) in all our interactions within this project.
If you encounter abusive behavior violating the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html), please refer to the [policy violations](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html#policy-violations) section of the Code of Conduct for information on how to raise a complaint.
If you encounter abusive behavior violating the [Ansible Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html), please refer to the [policy violations](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html#policy-violations) section of the Code of Conduct for information on how to raise a complaint.
## Communication
@@ -33,13 +33,13 @@ If you encounter abusive behavior violating the [Ansible Code of Conduct](https:
* [Social Spaces](https://forum.ansible.com/c/chat/4): gather and interact with fellow enthusiasts.
* [News & Announcements](https://forum.ansible.com/c/news/5): track project-wide announcements including social events.
* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes.
* The Ansible [Bullhorn newsletter](https://docs.ansible.com/projects/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes.
For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/projects/ansible/devel/community/communication.html).
## Tested with Ansible
Tested with the current ansible-core 2.16, ansible-core 2.17, ansible-core 2.18, ansible-core 2.19 releases and the current development version of ansible-core. Ansible-core versions before 2.16.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
Tested with the current ansible-core 2.16, ansible-core 2.17, ansible-core 2.18, ansible-core 2.19, ansible-core 2.20, and ansible-core 2.21 releases. Ansible-core versions before 2.16.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
## External requirements
@@ -47,7 +47,7 @@ Some modules and plugins require external libraries. Please check the requiremen
## Included content
Please check the included content on the [Ansible Galaxy page for this collection](https://galaxy.ansible.com/ui/repo/published/community/general/) or the [documentation on the Ansible docs site](https://docs.ansible.com/ansible/latest/collections/community/general/).
Please check the included content on the [Ansible Galaxy page for this collection](https://galaxy.ansible.com/ui/repo/published/community/general/) or the [documentation on the Ansible docs site](https://docs.ansible.com/projects/ansible/latest/collections/community/general/).
## Using this collection
@@ -76,7 +76,7 @@ You can also install a specific version of the collection, for example, if you n
ansible-galaxy collection install community.general:==X.Y.Z
```
See [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details.
See [Ansible Using collections](https://docs.ansible.com/projects/ansible/latest/user_guide/collections_using.html) for more details.
## Contributing to this collection
@@ -90,13 +90,13 @@ You don't know how to start? Refer to our [contribution guide](https://github.co
The current maintainers are listed in the [commit-rights.md](https://github.com/ansible-collections/community.general/blob/main/commit-rights.md#people) file. If you have questions or need help, feel free to mention them in the proposals.
You can find more information in the [developer guide for collections](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html#contributing-to-collections), and in the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html).
You can find more information in the [developer guide for collections](https://docs.ansible.com/projects/ansible/devel/dev_guide/developing_collections.html#contributing-to-collections), and in the [Ansible Community Guide](https://docs.ansible.com/projects/ansible/latest/community/index.html).
Also for some notes specific to this collection see [our CONTRIBUTING documentation](https://github.com/ansible-collections/community.general/blob/main/CONTRIBUTING.md).
### Running tests
See [here](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html#testing-collections).
See [here](https://docs.ansible.com/projects/ansible/devel/dev_guide/developing_collections.html#testing-collections).
## Collection maintenance
@@ -110,7 +110,7 @@ It is necessary for maintainers of this collection to be subscribed to:
* The collection itself (the `Watch` button → `All Activity` in the upper right corner of the repository's homepage).
* The "Changes Impacting Collection Contributors and Maintainers" [issue](https://github.com/ansible-collections/overview/issues/45).
They also should be subscribed to Ansible's [The Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn).
They also should be subscribed to Ansible's [The Bullhorn newsletter](https://docs.ansible.com/projects/ansible/devel/community/communication.html#the-bullhorn).
## Publishing New Version
@@ -129,9 +129,9 @@ See [this issue](https://github.com/ansible-collections/community.general/issues
## More information
- [Ansible Collection overview](https://github.com/ansible-collections/overview)
- [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html)
- [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html)
- [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html)
- [Ansible User guide](https://docs.ansible.com/projects/ansible/latest/user_guide/index.html)
- [Ansible Developer guide](https://docs.ansible.com/projects/ansible/latest/dev_guide/index.html)
- [Ansible Community code of conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html)
## Licensing

5
antsibull-nox.toml
View File

@@ -12,6 +12,11 @@
# community.crypto's main branch needs ansible-core >= 2.17
"community.crypto" = "git+https://github.com/ansible-collections/community.crypto.git,stable-2"
[vcs]
vcs = "git"
development_branch = "main"
stable_branches = [ "stable-*" ]
[sessions]
[sessions.lint]

247
changelogs/changelog.yaml
View File

@@ -422,7 +422,7 @@ releases:
the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650,
https://github.com/ansible-collections/community.general/pull/9651).
- iocage inventory plugin - the new parameter ``inventory_hostname_tag`` of
the plugin provides the name of the tag in the C(iocage properties notes)
the plugin provides the name of the tag in the ``iocage properties notes``
that contains the jails alias. The new parameter ``inventory_hostname_required``,
if enabled, makes the tag mandatory (https://github.com/ansible-collections/community.general/issues/10206,
https://github.com/ansible-collections/community.general/pull/10207).
@@ -1048,13 +1048,13 @@ releases:
- description: Manage pacemaker resources.
name: pacemaker_resource
namespace: ''
- description: C(systemd)'s C(systemd-creds decrypt) plugin.
- description: '``systemd``''s ``systemd-creds decrypt`` plugin.'
name: systemd_creds_decrypt
namespace: ''
- description: C(systemd)'s C(systemd-creds encrypt) plugin.
- description: '``systemd``''s ``systemd-creds encrypt`` plugin.'
name: systemd_creds_encrypt
namespace: ''
- description: Gather C(systemd) unit info.
- description: Gather ``systemd`` unit info.
name: systemd_info
namespace: ''
- description: Set default handler for MIME types, for applications using XDG
@@ -1721,10 +1721,10 @@ releases:
- keycloak-realm-webauthn-policies.yml
- random_string_seed.yml
modules:
- description: Wrapper for C(django-admin dumpdata).
- description: Wrapper for ``django-admin dumpdata``.
name: django_dumpdata
namespace: ''
- description: Wrapper for C(django-admin loaddata).
- description: Wrapper for ``django-admin loaddata``.
name: django_loaddata
namespace: ''
- description: Manage Pacemaker STONITH.
@@ -1739,3 +1739,238 @@ releases:
name: to_yaml
namespace: null
release_date: '2025-09-08'
11.4.0:
changes:
bugfixes:
- Avoid usage of deprecated ``ansible.module_utils.six`` in all code that
does not have to support Python 2 (https://github.com/ansible-collections/community.general/pull/10873).
- gem - fix soundness issue when uninstalling default gems on Ubuntu (https://github.com/ansible-collections/community.general/issues/10451,
https://github.com/ansible-collections/community.general/pull/10689).
- github_app_access_token lookup plugin - fix compatibility imports for using
jwt (https://github.com/ansible-collections/community.general/issues/10807,
https://github.com/ansible-collections/community.general/pull/10810).
- github_deploy_key - fix bug during error handling if no body was present
in the result (https://github.com/ansible-collections/community.general/issues/10853,
https://github.com/ansible-collections/community.general/pull/10857).
- homebrew - do not fail when cask or formula name has changed in homebrew
repo (https://github.com/ansible-collections/community.general/issues/10804,
https://github.com/ansible-collections/community.general/pull/10805).
- keycloak_group - fixes an issue where module ignores realm when searching
subgroups by name (https://github.com/ansible-collections/community.general/pull/10840).
- keycloak_role - fixes an issue where the module incorrectly returns ``changed=true``
when using the alias ``clientId`` in composite roles (https://github.com/ansible-collections/community.general/pull/10829).
- parted - variable is a list, not text (https://github.com/ansible-collections/community.general/pull/10823,
https://github.com/ansible-collections/community.general/issues/10817).
- rocketchat - fix message delivery in Rocket Chat >= 7.5.3 by forcing ``Content-Type``
header to ``application/json`` instead of the default ``application/x-www-form-urlencoded``
(https://github.com/ansible-collections/community.general/issues/10796,
https://github.com/ansible-collections/community.general/pull/10796).
- yaml cache plugin - make compatible with ansible-core 2.19 (https://github.com/ansible-collections/community.general/issues/10849,
https://github.com/ansible-collections/community.general/issues/10852).
minor_changes:
- github_app_access_token lookup plugin - add support for GitHub Enterprise
Server (https://github.com/ansible-collections/community.general/issues/10879,
https://github.com/ansible-collections/community.general/pull/10880).
- gitlab_group_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812).
- gitlab_instance_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812).
- gitlab_project_variable - add ``description`` option (https://github.com/ansible-collections/community.general/pull/10812,
https://github.com/ansible-collections/community.general/issues/8584, https://github.com/ansible-collections/community.general/issues/10809).
- keycloak_client - add idempotent support for ``optional_client_scopes``
and ``optional_client_scopes``, and ensure consistent change detection between
check mode and live run (https://github.com/ansible-collections/community.general/issues/5495,
https://github.com/ansible-collections/community.general/pull/10842).
- pipx module_utils - use ``PIPX_USE_EMOJI`` to disable emojis in the output
of ``pipx`` 1.8.0 (https://github.com/ansible-collections/community.general/pull/10874).
release_summary: Regular bugfix and feature release.
fragments:
- 10689-gem-prevent-soundness-issue.yml
- 10796-rocketchat-force-content-type.yml
- 10805-homebrew-support-old-names.yml
- 10810-github_app_access_token-jwt.yml
- 10812-gitlab-variable-add-description.yml
- 10823-parted-fail-json-command.yml
- 10829-fix-keycloak-role-changed-status.yml
- 10840-fix-keycloak-subgroup-search-realm.yml
- 10842-keycloak-client-scope-support.yml
- 10852-yaml.yml
- 10857-github_deploy_key-err.yml
- 10873-six.yml
- 10874-pipx-180.yml
- 10880-github_app_access_token-lookup.yml
- 11.4.0.yml
release_date: '2025-10-06'
11.4.1:
changes:
bugfixes:
- cloudflare_dns - roll back changes to CAA record validation (https://github.com/ansible-collections/community.general/issues/10934,
https://github.com/ansible-collections/community.general/pull/10956).
- cloudflare_dns - roll back changes to SRV record validation (https://github.com/ansible-collections/community.general/issues/10934,
https://github.com/ansible-collections/community.general/pull/10937).
- gitlab_runner - fix exception in check mode when a new runner is created
(https://github.com/ansible-collections/community.general/issues/8854).
- keycloak_clientsecret, keycloak_clientsecret_info - make ``client_auth``
work (https://github.com/ansible-collections/community.general/issues/10932,
https://github.com/ansible-collections/community.general/pull/10933).
- omapi_host - make return values compatible with ansible-core 2.19 and Python
3 (https://github.com/ansible-collections/community.general/pull/11001).
- onepassword_doc and onepassword_ssh_key lookup plugins - ensure that all
connection parameters are passed to CLI class (https://github.com/ansible-collections/community.general/pull/10965).
- pritunl_user - improve resilience when comparing user parameters if remote
fields are ``null`` or missing. List parameters (``groups``, ``mac_addresses``)
now safely default to empty lists for comparison and avoids ``KeyError``
issues (https://github.com/ansible-collections/community.general/issues/10954,
https://github.com/ansible-collections/community.general/pull/10955).
- random_string lookup plugin - replace ``random.SystemRandom()`` with ``secrets.SystemRandom()``
when generating strings. This has no practical effect, as both are the same
(https://github.com/ansible-collections/community.general/pull/10893).
- terraform - fix bug when ``null`` values inside complex vars are throwing
error instead of being passed to terraform. Now terraform can handle ``null``s
in ``complex_vars`` itself (https://github.com/ansible-collections/community.general/pull/10961).
minor_changes:
- dependent lookup plugin - refactor dict initialization, no impact to users
(https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_cluster.py - refactor dict initialization, no impact to users
(https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_resource.py - refactor dict initialization, no impact to users
(https://github.com/ansible-collections/community.general/pull/10891).
- pacemaker_stonith.py - refactor dict initialization, no impact to users
(https://github.com/ansible-collections/community.general/pull/10891).
- scaleway module_utils - improve code readability, no impact to users (https://github.com/ansible-collections/community.general/pull/10891).
release_summary: Regular bugfix release.
security_fixes:
- 'keycloak_user - the parameter ``credentials[].value`` is now marked as
``no_log=true``. Before it was logged by Ansible, unless the task was marked
as ``no_log: true``. Since this parameter can be used for passwords, this
resulted in credential leaking (https://github.com/ansible-collections/community.general/issues/11000,
https://github.com/ansible-collections/community.general/pull/11005).'
fragments:
- 10891-dict-refactor.yml
- 10918-gitlab-runner-fix-check-mode.yml
- 10933-keycloak-add-client-auth-for-clientsecret-modules.yml
- 10934-cloudflare-dns-caa-bug.yml
- 10934-cloudflare-dns-srv-bug.yml
- 10955-pritunl_user-null-missing-params.yaml
- 10961-terraform-complexvars-null-bugfix.yaml
- 10965-onepassword-bugfix.yml
- 11.4.1.yml
- 11001-omapi.yml
- 11005-keycloak_user.yml
- replace-random-with-secrets.yml
release_date: '2025-11-02'
11.4.2:
changes:
bugfixes:
- cobbler_system - compare the version as a float which is the type returned
by the Cobbler API (https://github.com/ansible-collections/community.general/issues/11044).
- datetime module utils - fix bug in ``fromtimestamp()`` that caused the function
to crash. This function is not used in community.general (https://github.com/ansible-collections/community.general/pull/11206).
- filesystem - avoid false positive change detection on XFS resize due to
unusable slack space (https://github.com/ansible-collections/community.general/pull/11033).
- mas - parse CLI output correctly when listing installed apps with mas 3.0.0+
(https://github.com/ansible-collections/community.general/pull/11179).
- xfconf - fix handling of empty array properties (https://github.com/ansible-collections/community.general/pull/11026).
- xfconf_info - fix handling of empty array properties (https://github.com/ansible-collections/community.general/pull/11026).
minor_changes:
- tss lookup plugin - fixed ``AccessTokenAuthorizer`` initialization to include
``base_url`` parameter for proper token authentication (https://github.com/ansible-collections/community.general/pull/11031).
release_summary: Regular bugfix release.
fragments:
- 11.4.2.yml
- 11026-xfconf-empty-array.yml
- 11031-tss-lookup-delinea-rebranding.yml
- 11045-check-cobbler-version.yml
- 11179-mas-list-parsing.yml
- 11206-datetime.yml
- filesystem-xfs-resize-slack.yml
release_date: '2025-12-01'
11.4.3:
changes:
bugfixes:
- keycloak_realm - fixed crash in ``sanitize_cr()`` when ``realmrep`` was
``None`` (https://github.com/ansible-collections/community.general/pull/11260).
- listen_ports_facts - fix handling of empty PID lists when ``command=ss``
(https://github.com/ansible-collections/community.general/pull/11332).
- monit - add delay of 0.5 seconds after state change and check for status
(https://github.com/ansible-collections/community.general/pull/11255).
- monit - internal state was not reflecting when operation is "pending" in
``monit`` (https://github.com/ansible-collections/community.general/pull/11245).
release_summary: Regular bugfix release.
fragments:
- 11.4.3.yml
- 11245-monit-enum.yml
- 11255-monit-integrationtests.yml
- 11260-keycloak-realm-crash-when-no-realms.yml
- listen-ports-facts-return-no-facts.yml
release_date: '2025-12-29'
11.4.4:
changes:
bugfixes:
- cloudflare_dns - also allow ``flag=128`` for CAA records (https://github.com/ansible-collections/community.general/issues/11355,
https://github.com/ansible-collections/community.general/pull/11377).
- logstash_plugin - fix argument order when using ``version`` parameter. The
plugin name must come after options like ``--version`` for the ``logstash-plugin``
CLI to work correctly (https://github.com/ansible-collections/community.general/issues/10745,
https://github.com/ansible-collections/community.general/pull/11440).
release_summary: Regular bugfix release.
fragments:
- 11.4.4.yml
- 11377-cloudflare_dns-caa.yml
- 11440-logstash-plugin-fix-version-argument-order.yml
release_date: '2026-01-26'
11.4.5:
changes:
bugfixes:
- python_requirements_info - use ``importlib.metadata`` if ``pkg_resources``
from ``setuptools`` cannot be imported. That module has been removed from
setuptools 82.0.0 (https://github.com/ansible-collections/community.general/issues/11491,
https://github.com/ansible-collections/community.general/pull/11492).
release_summary: Regular bugfix release.
fragments:
- 11.4.5.yml
- 11492-python_requires_info.yml
release_date: '2026-02-23'
11.4.6:
changes:
bugfixes:
- counter_enabled callback plugin - fix plugin not observing ``display_ok_hosts``
option (https://github.com/ansible-collections/community.general/issues/3978,
https://github.com/ansible-collections/community.general/pull/11656).
- keycloak_authentication - fix ``TypeError`` crash when a flow is defined
without ``authenticationExecutions`` (https://github.com/ansible-collections/community.general/issues/11547,
https://github.com/ansible-collections/community.general/pull/11548).
- xfconf - representation of boolean properties was not consistent between
Python and ``xfconf-query``, leading to broken idempotency (https://github.com/ansible-collections/community.general/pull/11645).
release_summary: Regular bugfix release.
fragments:
- 11.4.6.yml
- 11645-xfconf-bool.yml
- 11656-counter_enabled-display_ok_hosts.yml
- keycloak-authentication-none-executions.yml
release_date: '2026-03-23'
11.4.7:
changes:
bugfixes:
- flatpak - support new output message when an update resulted in no action
that appears on Fedora 44 (https://github.com/ansible-collections/community.general/pull/11836).
- homebrew_cask - fix ``sudo_password`` failing when the password contains
single quotes or other special shell characters (https://github.com/ansible-collections/community.general/issues/4957,
https://github.com/ansible-collections/community.general/pull/11850).
- lvol - fix LVM version parsing (https://github.com/ansible-collections/community.general/issues/5445,
https://github.com/ansible-collections/community.general/pull/11823).
- mssql_script - only passes ``params`` to ``cursor.execute()`` when the user
actually provides them (https://github.com/ansible-collections/community.general/issues/11699,
https://github.com/ansible-collections/community.general/pull/11754).
- sefcontext - flush the in-process ``matchpathcon`` cache after applying
changes, so subsequent tasks running in the same process (for example via
the Mitogen connection plugin) see the updated SELinux file context rules
instead of stale cached data (https://github.com/ansible-collections/community.general/issues/888,
https://github.com/ansible-collections/community.general/pull/11812).
release_summary: Regular bugfix release.
fragments:
- 11.4.7.yml
- 11754-mssql-script-params-substitution.yml
- 11812-sefcontext-matchpathcon-cache-flush.yml
- 11823-lvol-lvm-version-regex.yml
- 11836-fixes.yml
- 11850-homebrew-cask-sudo-password.yml
release_date: '2026-04-20'

1
changelogs/fragments/11.4.8.yml Normal file
View File

@@ -0,0 +1 @@
release_summary: Bugfix release.

2
changelogs/fragments/11909-fix-favicon-url.yml Normal file
View File

@@ -0,0 +1,2 @@
minor_changes:
- "mattermost, rocketchat, slack - update default ``icon_url`` to ansible favicon (https://github.com/ansible-collections/community.general/pull/11909)."

4
commit-rights.md
View File

@@ -7,7 +7,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
Committers Guidelines for community.general
===========================================
This document is based on the [Ansible committer guidelines](https://github.com/ansible/ansible/blob/b57444af14062ec96e0af75fdfc2098c74fe2d9a/docs/docsite/rst/community/committer_guidelines.rst) ([latest version](https://docs.ansible.com/ansible/devel/community/committer_guidelines.html)).
This document is based on the [Ansible committer guidelines](https://github.com/ansible/ansible/blob/b57444af14062ec96e0af75fdfc2098c74fe2d9a/docs/docsite/rst/community/committer_guidelines.rst) ([latest version](https://docs.ansible.com/projects/ansible/devel/community/committer_guidelines.html)).
These are the guidelines for people with commit privileges on the Ansible Community General Collection GitHub repository. Please read the guidelines before you commit.
@@ -45,7 +45,7 @@ Individuals with direct commit access to this collection repository are entruste
- Do not commit directly.
- Do not merge your own PRs. Someone else should have a chance to review and approve the PR merge. You have a small amount of leeway here for very minor changes.
- Do not forget about non-standard / alternate environments. Consider the alternatives. Yes, people have bad/unusual/strange environments (like binaries from multiple init systems installed), but they are the ones who need us the most.
- Do not drag your community team members down. Discuss the technical merits of any pull requests you review. Avoid negativity and personal comments. For more guidance on being a good community member, read the [Ansible Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html).
- Do not drag your community team members down. Discuss the technical merits of any pull requests you review. Avoid negativity and personal comments. For more guidance on being a good community member, read the [Ansible Community Code of Conduct](https://docs.ansible.com/projects/ansible/latest/community/code_of_conduct.html).
- Do not forget about the maintenance burden. High-maintenance features may not be worth adding.
- Do not break playbooks. Always keep backwards compatibility in mind.
- Do not forget to keep it simple. Complexity breeds all kinds of problems.

2
docs/docsite/rst/guide_iocage_inventory.rst
View File

@@ -12,7 +12,7 @@ The inventory plugin :ansplugin:`community.general.iocage#inventory` gets the in
See:
* `iocage - A FreeBSD Jail Manager <https://iocage.readthedocs.io/en/latest>`_
* `iocage - A FreeBSD Jail Manager <https://freebsd.github.io/iocage/>`_
* `man iocage <https://man.freebsd.org/cgi/man.cgi?query=iocage>`_
* `Jails and Containers <https://docs.freebsd.org/en/books/handbook/jails>`_

4
docs/docsite/rst/guide_iocage_inventory_basics.rst
View File

@@ -20,7 +20,7 @@ As root at the iocage host, create three VNET jails with a DHCP interface from t
shell> iocage create --template ansible_client --name srv_3 bpf=1 dhcp=1 vnet=1
srv_3 successfully created!
See: `Configuring a VNET Jail <https://iocage.readthedocs.io/en/latest/networking.html#configuring-a-vnet-jail>`_.
See: `Configuring VNET <https://freebsd.github.io/iocage/networking.html#vimage-vnet>`_.
As admin at the controller, list the jails:
@@ -115,7 +115,7 @@ Optionally, create shared IP jails:
| None | srv_3 | off | down | jail | 14.2-RELEASE-p3 | em0|10.1.0.103/24 | - | ansible_client | no |
+------+-------+------+-------+------+-----------------+-------------------+-----+----------------+----------+
See: `Configuring a Shared IP Jail <https://iocage.readthedocs.io/en/latest/networking.html#configuring-a-shared-ip-jail>`_
See: `Configuring a Shared IP Jail <https://freebsd.github.io/iocage/networking.html#shared-ip>`_
If iocage needs environment variable(s), use the option :ansopt:`community.general.iocage#inventory:env`. For example,

2
docs/docsite/rst/guide_iocage_inventory_tags.rst
View File

@@ -19,7 +19,7 @@ Quoting `man iocage <https://man.freebsd.org/cgi/man.cgi?query=iocage>`_
Default: none
Source: local
We will use the format `notes="tag1=value1 tag2=value2 ..."`.
We will use the format ``notes="tag1=value1 tag2=value2 ..."``.
.. note::

8
docs/docsite/rst/guide_modulehelper.rst
View File

@@ -21,7 +21,7 @@ That is where ``ModuleHelper`` comes to assistance: a lot of that boilerplate co
Quickstart
""""""""""
See the `example from Ansible documentation <https://docs.ansible.com/ansible/latest/dev_guide/developing_modules_general.html#creating-a-module>`_
See the `example from Ansible documentation <https://docs.ansible.com/projects/ansible/latest/dev_guide/developing_modules_general.html#creating-a-module>`_
written with ``ModuleHelper``.
But bear in mind that it does not showcase all of MH's features:
@@ -550,9 +550,9 @@ The other option is to use the parameter ``value``, in which case the method wil
References
^^^^^^^^^^
- `Ansible Developer Guide <https://docs.ansible.com/ansible/latest/dev_guide/index.html>`_
- `Creating a module <https://docs.ansible.com/ansible/latest/dev_guide/developing_modules_general.html#creating-a-module>`_
- `Returning ansible facts <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#ansible-facts>`_
- `Ansible Developer Guide <https://docs.ansible.com/projects/ansible/latest/dev_guide/index.html>`_
- `Creating a module <https://docs.ansible.com/projects/ansible/latest/dev_guide/developing_modules_general.html#creating-a-module>`_
- `Returning ansible facts <https://docs.ansible.com/projects/ansible/latest/reference_appendices/common_return_values.html#ansible-facts>`_
- :ref:`ansible_collections.community.general.docsite.guide_vardict`

12
docs/docsite/rst/guide_uthelper.rst
View File

@@ -276,9 +276,9 @@ RunCommandMock Specification
Creates an ``UTHelper`` instance from a given test specification.
:param ansible_module: The Ansible module to be tested.
:type ansible_module: module
:type ansible_module: :py:class:`types.ModuleType`
:param test_module: The test module.
:type test_module: module
:type test_module: :py:class:`types.ModuleType`
:param test_spec: The test specification.
:type test_spec: dict
:param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.
@@ -308,11 +308,11 @@ RunCommandMock Specification
Creates an ``UTHelper`` instance from a test specification file.
:param ansible_module: The Ansible module to be tested.
:type ansible_module: module
:type ansible_module: :py:class:`types.ModuleType`
:param test_module: The test module.
:type test_module: module
:type test_module: :py:class:`types.ModuleType`
:param test_spec_filehandle: A file handle to an file stream handle providing the test specification in YAML format.
:type test_spec_filehandle: file
:type test_spec_filehandle: ``file-like object``
:param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.
:type mocks: list or None
:return: An ``UTHelper`` instance.
@@ -335,7 +335,7 @@ RunCommandMock Specification
Creates an ``UTHelper`` instance from a given Ansible module and test module.
:param ansible_module: The Ansible module to be tested.
:type ansible_module: module
:type ansible_module: :py:class:`types.ModuleType`
:param test_module_name: The name of the test module. It works if passed ``__name__``.
:type test_module_name: str
:param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.

4
galaxy.yml
View File

@@ -5,7 +5,7 @@
namespace: community
name: general
version: 11.3.0
version: 11.4.8
readme: README.md
authors:
- Ansible (https://github.com/ansible)
@@ -16,6 +16,6 @@ license_file: COPYING
tags:
- community
repository: https://github.com/ansible-collections/community.general
documentation: https://docs.ansible.com/ansible/latest/collections/community/general/
documentation: https://docs.ansible.com/projects/ansible/latest/collections/community/general/
homepage: https://github.com/ansible-collections/community.general
issues: https://github.com/ansible-collections/community.general/issues

2
meta/runtime.yml
View File

@@ -103,7 +103,7 @@ plugin_routing:
deprecation:
removal_version: 12.0.0
warning_text: >-
The plugin has been superseded by the the option `result_format=yaml` in callback plugin ansible.builtin.default from ansible-core 2.13 onwards.
The plugin has been superseded by the option `result_format=yaml` in callback plugin ansible.builtin.default from ansible-core 2.13 onwards.
connection:
docker:
redirect: community.docker.docker

2
plugins/become/pmrun.py
View File

@@ -59,8 +59,8 @@ notes:
- This plugin ignores the C(become_user) supplied and uses C(pmrun)'s own configuration to select the user.
"""
from shlex import quote as shlex_quote
from ansible.plugins.become import BecomeBase
from ansible.module_utils.six.moves import shlex_quote
class BecomeModule(BecomeBase):

6
plugins/cache/pickle.py vendored
View File

@@ -48,7 +48,6 @@ try:
except ImportError:
import pickle
from ansible.module_utils.six import PY3
from ansible.plugins.cache import BaseFileCacheModule
@@ -61,10 +60,7 @@ class CacheModule(BaseFileCacheModule):
def _load(self, filepath):
# Pickle is a binary format
with open(filepath, 'rb') as f:
if PY3:
return pickle.load(f, encoding='bytes')
else:
return pickle.load(f)
return pickle.load(f, encoding='bytes')
def _dump(self, value, filepath):
with open(filepath, 'wb') as f:

7
plugins/cache/yaml.py vendored
View File

@@ -44,8 +44,7 @@ options:
# TODO: determine whether it is OK to change to: type: float
"""
import codecs
import os
import yaml
@@ -60,9 +59,9 @@ class CacheModule(BaseFileCacheModule):
"""
def _load(self, filepath):
with codecs.open(filepath, 'r', encoding='utf-8') as f:
with open(os.path.abspath(filepath), 'r', encoding='utf-8') as f:
return AnsibleLoader(f).get_single_data()
def _dump(self, value, filepath):
with codecs.open(filepath, 'w', encoding='utf-8') as f:
with open(os.path.abspath(filepath), 'w', encoding='utf-8') as f:
yaml.dump(value, f, Dumper=AnsibleDumper, default_flow_style=False)

2
plugins/callback/counter_enabled.py
View File

@@ -164,6 +164,8 @@ class CallbackModule(CallbackBase):
msg = f"changed: {self._host_counter}/{self._host_total} [{result._host.get_name()}]"
color = C.COLOR_CHANGED
else:
if not self._plugin_options.get("display_ok_hosts", True):
return
if delegated_vars:
msg = f"ok: {self._host_counter}/{self._host_total} [{result._host.get_name()} -> {delegated_vars['ansible_host']}]"
else:

3
plugins/callback/dense.py
View File

@@ -27,7 +27,6 @@ try:
except ImportError:
pass
from ansible.module_utils.six import binary_type, text_type
from collections.abc import MutableMapping, MutableSequence
from ansible.plugins.callback.default import CallbackModule as CallbackModule_default
from ansible.utils.color import colorize, hostcolor
@@ -236,7 +235,7 @@ class CallbackModule(CallbackModule_default):
# Remove empty attributes (list, dict, str)
for attr in result.copy():
if isinstance(result[attr], (MutableSequence, MutableMapping, binary_type, text_type)):
if isinstance(result[attr], (MutableSequence, MutableMapping, bytes, str)):
if not result[attr]:
del result[attr]

2
plugins/callback/diy.py
View File

@@ -39,7 +39,7 @@ notes:
seealso:
- name: default default Ansible screen output
description: The official documentation on the B(default) callback plugin.
link: https://docs.ansible.com/ansible/latest/plugins/callback/default.html
link: https://docs.ansible.com/projects/ansible/latest/plugins/callback/default.html
requirements:
- set as stdout_callback in configuration
options:

5
plugins/callback/elastic.py
View File

@@ -88,7 +88,6 @@ from os.path import basename
from ansible.errors import AnsibleError, AnsibleRuntimeError
from ansible.module_utils.ansible_release import __version__ as ansible_version
from ansible.module_utils.six import raise_from
from ansible.plugins.callback import CallbackBase
try:
@@ -308,9 +307,7 @@ class CallbackModule(CallbackBase):
self.disabled = False
if ELASTIC_LIBRARY_IMPORT_ERROR:
raise_from(
AnsibleError('The `elastic-apm` must be installed to use this plugin'),
ELASTIC_LIBRARY_IMPORT_ERROR)
raise AnsibleError('The `elastic-apm` must be installed to use this plugin') from ELASTIC_LIBRARY_IMPORT_ERROR
self.tasks_data = OrderedDict()

3
plugins/callback/nrdp.py
View File

@@ -66,7 +66,8 @@ options:
type: string
"""
from ansible.module_utils.six.moves.urllib.parse import urlencode
from urllib.parse import urlencode
from ansible.module_utils.common.text.converters import to_bytes
from ansible.module_utils.urls import open_url
from ansible.plugins.callback import CallbackBase

14
plugins/callback/opentelemetry.py
View File

@@ -97,7 +97,7 @@ options:
otel_exporter_otlp_traces_protocol:
type: str
description:
- E(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL) represents the the transport protocol for spans.
- E(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL) represents the transport protocol for spans.
- See
U(https://opentelemetry-python.readthedocs.io/en/latest/sdk/environment_variables.html#envvar-OTEL_EXPORTER_OTLP_TRACES_PROTOCOL).
default: grpc
@@ -137,15 +137,13 @@ import json
import os
import socket
import uuid
from time import time_ns
from collections import OrderedDict
from os.path import basename
from time import time_ns
from urllib.parse import urlparse
from ansible.errors import AnsibleError
from ansible.module_utils.ansible_release import __version__ as ansible_version
from ansible.module_utils.six import raise_from
from ansible.module_utils.six.moves.urllib.parse import urlparse
from ansible.plugins.callback import CallbackBase
try:
@@ -495,9 +493,9 @@ class CallbackModule(CallbackBase):
self.otel_exporter_otlp_traces_protocol = None
if OTEL_LIBRARY_IMPORT_ERROR:
raise_from(
AnsibleError('The `opentelemetry-api`, `opentelemetry-exporter-otlp` or `opentelemetry-sdk` must be installed to use this plugin'),
OTEL_LIBRARY_IMPORT_ERROR)
raise AnsibleError(
'The `opentelemetry-api`, `opentelemetry-exporter-otlp` or `opentelemetry-sdk` must be installed to use this plugin'
) from OTEL_LIBRARY_IMPORT_ERROR
self.tasks_data = OrderedDict()

2
plugins/connection/chroot.py
View File

@@ -75,11 +75,11 @@ import os
import os.path
import subprocess
import traceback
from shlex import quote as shlex_quote
from ansible.errors import AnsibleError
from ansible.module_utils.basic import is_executable
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils.six.moves import shlex_quote
from ansible.module_utils.common.text.converters import to_bytes
from ansible.plugins.connection import ConnectionBase, BUFSIZE
from ansible.utils.display import Display

2
plugins/connection/jail.py
View File

@@ -38,9 +38,9 @@ import os
import os.path
import subprocess
import traceback
from shlex import quote as shlex_quote
from ansible.errors import AnsibleError
from ansible.module_utils.six.moves import shlex_quote
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
from ansible.plugins.connection import ConnectionBase, BUFSIZE

2
plugins/connection/zone.py
View File

@@ -31,9 +31,9 @@ import os
import os.path
import subprocess
import traceback
from shlex import quote as shlex_quote
from ansible.errors import AnsibleError
from ansible.module_utils.six.moves import shlex_quote
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils.common.text.converters import to_bytes
from ansible.plugins.connection import ConnectionBase, BUFSIZE

2
plugins/doc_fragments/django.py
View File

@@ -12,7 +12,7 @@ class ModuleDocFragment(object):
options:
venv:
description:
- Use the the Python interpreter from this virtual environment.
- Use the Python interpreter from this virtual environment.
- Pass the path to the root of the virtualenv, not the C(bin/) directory nor the C(python) executable.
type: path
settings:

10
plugins/doc_fragments/pipx.py
View File

@@ -23,12 +23,18 @@ options:
itself.
type: path
requirements:
- This module requires C(pipx) version 1.7.0 or above. Please note that C(pipx) 1.7.0 requires Python 3.8 or above.
- This module requires C(pipx) version 1.7.0 or above.
- Please note that C(pipx) 1.7.0 requires Python 3.8 or above.
- Please note that C(pipx) 1.8.0 requires Python 3.9 or above.
notes:
- This module does not install the C(pipx) python package, however that can be easily done with the module M(ansible.builtin.pip).
- This module does not require C(pipx) to be in the shell C(PATH), but it must be loadable by Python as a module.
- This module does not require C(pipx) to be in the shell C(PATH), but it must be loadable by Python as a module, meaning
that C(python -m pipx) must work.
- This module honors C(pipx) environment variables such as but not limited to E(PIPX_HOME) and E(PIPX_BIN_DIR) passed using
the R(environment Ansible keyword, playbooks_environment).
- This module disabled emojis in the output of C(pipx) commands to reduce clutter. In C(pipx) 1.8.0, the environment variable
E(USE_EMOJI) was renamed to E(PIPX_USE_EMOJI) and for compatibility with both versions, starting in community.general
11.4.0, this module sets them both to C(0) to disable emojis.
seealso:
- name: C(pipx) command manual page
description: Manual page for the command.

14
plugins/filter/from_ini.py
View File

@@ -18,6 +18,12 @@ options:
description: A string containing an INI document.
type: string
required: true
seealso:
- plugin: community.general.to_ini
plugin_type: filter
- plugin: ansible.builtin.ini
plugin_type: lookup
- module: community.general.ini_file
"""
EXAMPLES = r"""
@@ -45,10 +51,10 @@ _value:
"""
from io import StringIO
from configparser import ConfigParser
from ansible.errors import AnsibleFilterError
from ansible.module_utils.six import string_types
from ansible.module_utils.six.moves import StringIO
from ansible.module_utils.six.moves.configparser import ConfigParser
class IniParser(ConfigParser):
@@ -73,7 +79,7 @@ class IniParser(ConfigParser):
def from_ini(obj):
''' Read the given string as INI file and return a dict '''
if not isinstance(obj, string_types):
if not isinstance(obj, str):
raise AnsibleFilterError(f'from_ini requires a str, got {type(obj)}')
parser = IniParser()

3
plugins/filter/lists_mergeby.py
View File

@@ -196,7 +196,6 @@ _value:
"""
from ansible.errors import AnsibleFilterError
from ansible.module_utils.six import string_types
from collections.abc import Mapping, Sequence
from ansible.utils.vars import merge_hash
@@ -257,7 +256,7 @@ def lists_mergeby(*terms, **kwargs):
index = terms[-1]
if not isinstance(index, string_types):
if not isinstance(index, str):
msg = ("First argument after the lists for community.general.lists_mergeby must be string. "
"%s is %s")
raise AnsibleFilterError(msg % (index, type(index)))

3
plugins/filter/random_mac.py
View File

@@ -45,14 +45,13 @@ import re
from random import Random, SystemRandom
from ansible.errors import AnsibleFilterError
from ansible.module_utils.six import string_types
def random_mac(value, seed=None):
''' takes string prefix, and return it completed with random bytes
to get a complete 6 bytes MAC address '''
if not isinstance(value, string_types):
if not isinstance(value, str):
raise AnsibleFilterError('Invalid value type (%s) for random_mac (%s)' %
(type(value), value))

13
plugins/filter/to_ini.py
View File

@@ -18,6 +18,12 @@ options:
description: The dictionary that should be converted to the INI format.
type: dictionary
required: true
seealso:
- plugin: ansible.builtin.ini
plugin_type: lookup
- module: community.general.ini_file
- plugin: community.general.from_ini
plugin_type: filter
"""
EXAMPLES = r"""
@@ -49,11 +55,10 @@ _value:
type: string
"""
from ansible.errors import AnsibleFilterError
from collections.abc import Mapping
from ansible.module_utils.six.moves import StringIO
from ansible.module_utils.six.moves.configparser import ConfigParser
from configparser import ConfigParser
from io import StringIO
from ansible.errors import AnsibleFilterError
class IniParser(ConfigParser):

13
plugins/filter/to_prettytable.py
View File

@@ -117,7 +117,6 @@ except ImportError:
from ansible.errors import AnsibleFilterError
from ansible.module_utils.common.text.converters import to_text
from ansible.module_utils.six import string_types
class TypeValidationError(AnsibleFilterError):
@@ -128,7 +127,7 @@ class TypeValidationError(AnsibleFilterError):
expected: Description of expected type
"""
def __init__(self, obj, expected):
type_name = "string" if isinstance(obj, string_types) else type(obj).__name__
type_name = "string" if isinstance(obj, str) else type(obj).__name__
super().__init__(f"Expected {expected}, got a {type_name}")
@@ -157,7 +156,7 @@ def _validate_list_param(param, param_name, ensure_strings=True):
if ensure_strings:
for item in param:
if not isinstance(item, string_types):
if not isinstance(item, str):
# Maintain original error message format
if param_name == "column_order":
error_msg = "a string for column name"
@@ -183,7 +182,7 @@ def _match_key(item_dict, lookup_key):
return lookup_key
# Try boolean conversion for 'true'/'false' strings
if isinstance(lookup_key, string_types):
if isinstance(lookup_key, str):
if lookup_key.lower() == 'true' and True in item_dict:
return True
if lookup_key.lower() == 'false' and False in item_dict:
@@ -335,11 +334,11 @@ def to_prettytable(data, *args, **kwargs):
# Validate column_alignments keys and values
for key, value in column_alignments.items():
# Check that keys are strings
if not isinstance(key, string_types):
if not isinstance(key, str):
raise TypeValidationError(key, "a string for column_alignments key")
# Check that values are strings
if not isinstance(value, string_types):
if not isinstance(value, str):
raise TypeValidationError(value, "a string for column_alignments value")
# Check that values are valid alignments
@@ -391,7 +390,7 @@ def to_prettytable(data, *args, **kwargs):
row.append(item.get(matched_key, ""))
else:
# Try case-insensitive lookup as last resort
lower_col = col.lower() if isinstance(col, string_types) else str(col).lower()
lower_col = col.lower() if isinstance(col, str) else str(col).lower()
if lower_col in reverse_key_map:
row.append(item.get(reverse_key_map[lower_col], ""))
else:

3
plugins/filter/unicode_normalize.py
View File

@@ -49,7 +49,6 @@ _value:
from unicodedata import normalize
from ansible.errors import AnsibleFilterError
from ansible.module_utils.six import text_type
try:
from ansible.errors import AnsibleTypeError
@@ -69,7 +68,7 @@ def unicode_normalize(data, form='NFC'):
A normalized unicode string of the specified 'form'.
"""
if not isinstance(data, text_type):
if not isinstance(data, str):
raise AnsibleTypeError("%s is not a valid input type" % type(data))
if form not in ('NFC', 'NFD', 'NFKC', 'NFKD'):

3
plugins/inventory/cobbler.py
View File

@@ -135,7 +135,6 @@ import socket
from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, to_safe_group_name
from ansible.module_utils.six import text_type
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
@@ -264,7 +263,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
self.cobbler = xmlrpc_client.Server(self.cobbler_url, allow_none=True)
self.token = None
if self.get_option('user') is not None:
self.token = self.cobbler.login(text_type(self.get_option('user')), text_type(self.get_option('password')))
self.token = self.cobbler.login(str(self.get_option('user')), str(self.get_option('password')))
self.cache_key = self.get_cache_key(path)
self.use_cache = cache and self.get_option('cache')

2
plugins/inventory/icinga2.py
View File

@@ -95,11 +95,11 @@ compose:
"""
import json
from urllib.error import HTTPError
from ansible.errors import AnsibleParserError
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible.module_utils.urls import open_url
from ansible.module_utils.six.moves.urllib.error import HTTPError
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

8
plugins/inventory/lxd.py
View File

@@ -171,12 +171,12 @@ import json
import re
import time
import os
from urllib.parse import urlencode
from ansible.plugins.inventory import BaseInventoryPlugin
from ansible.module_utils.common.text.converters import to_native, to_text
from ansible.module_utils.common.dict_transformations import dict_merge
from ansible.module_utils.six import raise_from
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible_collections.community.general.plugins.module_utils.lxd import LXDClient, LXDClientException
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
@@ -1094,9 +1094,7 @@ class InventoryModule(BaseInventoryPlugin):
Returns:
None"""
if IPADDRESS_IMPORT_ERROR:
raise_from(
AnsibleError('another_library must be installed to use this plugin'),
IPADDRESS_IMPORT_ERROR)
raise AnsibleError('another_library must be installed to use this plugin') from IPADDRESS_IMPORT_ERROR
super(InventoryModule, self).parse(inventory, loader, path, cache=False)
# Read the inventory YAML file

2
plugins/inventory/online.py
View File

@@ -62,13 +62,13 @@ groups:
import json
from sys import version as python_version
from urllib.parse import urljoin
from ansible.errors import AnsibleError
from ansible.module_utils.urls import open_url
from ansible.plugins.inventory import BaseInventoryPlugin
from ansible.module_utils.common.text.converters import to_text
from ansible.module_utils.ansible_release import __version__ as ansible_version
from ansible.module_utils.six.moves.urllib.parse import urljoin
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

5
plugins/inventory/scaleway.py
View File

@@ -132,9 +132,8 @@ from ansible_collections.community.general.plugins.module_utils.scaleway import
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
from ansible.module_utils.urls import open_url
from ansible.module_utils.common.text.converters import to_text
from ansible.module_utils.six import raise_from
import ansible.module_utils.six.moves.urllib.parse as urllib_parse
import urllib.parse as urllib_parse
def _fetch_information(token, url):
@@ -338,7 +337,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
def parse(self, inventory, loader, path, cache=True):
if YAML_IMPORT_ERROR:
raise_from(AnsibleError('PyYAML is probably missing'), YAML_IMPORT_ERROR)
raise AnsibleError('PyYAML is probably missing') from YAML_IMPORT_ERROR
super(InventoryModule, self).parse(inventory, loader, path)
self._read_config_data(path=path)

7
plugins/lookup/consul_kv.py
View File

@@ -16,7 +16,7 @@ description:
with simple rest commands.
- C(curl -X PUT -d 'some-value' http://localhost:8500/v1/kv/ansible/somedata).
requirements:
- 'python-consul python library U(https://python-consul.readthedocs.io/en/latest/#installation)'
- 'py-consul python library U(https://github.com/criteo/py-consul?tab=readme-ov-file#installation)'
options:
_raw:
description: List of key(s) to retrieve.
@@ -112,7 +112,8 @@ _raw:
type: dict
"""
from ansible.module_utils.six.moves.urllib.parse import urlparse
from urllib.parse import urlparse
from ansible.errors import AnsibleError, AnsibleAssertionError
from ansible.plugins.lookup import LookupBase
from ansible.module_utils.common.text.converters import to_text
@@ -131,7 +132,7 @@ class LookupModule(LookupBase):
if not HAS_CONSUL:
raise AnsibleError(
'python-consul is required for consul_kv lookup. see http://python-consul.readthedocs.org/en/latest/#installation')
'py-consul is required for consul_kv lookup. see https://github.com/criteo/py-consul?tab=readme-ov-file#installation')
# get options
self.set_options(direct=kwargs)

5
plugins/lookup/dependent.py
View File

@@ -122,7 +122,6 @@ _list:
from ansible.errors import AnsibleLookupError
from collections.abc import Mapping, Sequence
from ansible.module_utils.six import string_types
from ansible.plugins.lookup import LookupBase
from ansible.template import Templar
@@ -181,7 +180,7 @@ class LookupModule(LookupBase):
if isinstance(values, Mapping):
for idx, val in sorted(values.items()):
current[key] = dict([('key', idx), ('value', val)])
current[key] = dict(key=idx, value=val)
self.__process(result, terms, index + 1, current, templar, variables)
elif isinstance(values, Sequence):
for elt in values:
@@ -215,7 +214,7 @@ class LookupModule(LookupBase):
raise AnsibleLookupError(
f'The variable {k!r} appears more than once')
vars_so_far.add(k)
if isinstance(v, string_types):
if isinstance(v, str):
data.append((k, v, None))
elif isinstance(v, (Sequence, Mapping)):
data.append((k, None, v))

3
plugins/lookup/flattened.py
View File

@@ -37,7 +37,6 @@ _raw:
type: list
"""
from ansible.errors import AnsibleError
from ansible.module_utils.six import string_types
from ansible.plugins.lookup import LookupBase
from ansible.utils.listify import listify_lookup_plugin_terms
@@ -65,7 +64,7 @@ class LookupModule(LookupBase):
# ignore undefined items
break
if isinstance(term, string_types):
if isinstance(term, str):
# convert a variable to a list
term2 = listify_lookup_plugin_terms(term, templar=self._templar)
# but avoid converting a plain string to a list of one string

28
plugins/lookup/github_app_access_token.py
View File

@@ -47,6 +47,13 @@ options:
- How long the token should last for in seconds.
default: 600
type: int
github_url:
description:
- Base URL for the GitHub API (for GitHub Enterprise Server).
- "Example: C(https://github-enterprise-server.example.com/api/v3)"
default: https://api.github.com
type: str
version_added: 11.4.0
"""
EXAMPLES = r"""
@@ -77,7 +84,8 @@ except ImportError:
HAS_PYTHON_JWT = False # vs pyjwt
if HAS_JWT and hasattr(jwt, 'JWT'):
HAS_PYTHON_JWT = True
from jwt import jwk_from_pem, jwt_instance
from jwt import jwk_from_pem, JWT
jwt_instance = JWT()
try:
from cryptography.hazmat.primitives import serialization
@@ -88,8 +96,9 @@ except ImportError:
import time
import json
from urllib.error import HTTPError
from ansible.module_utils.urls import open_url
from ansible.module_utils.six.moves.urllib.error import HTTPError
from ansible.errors import AnsibleError, AnsibleOptionsError
from ansible.plugins.lookup import LookupBase
from ansible.utils.display import Display
@@ -152,14 +161,16 @@ def encode_jwt(app_id, private_key_obj, exp=600):
raise AnsibleError(f"Error while encoding jwt: {e}")
def post_request(generated_jwt, installation_id):
github_api_url = f'https://api.github.com/app/installations/{installation_id}/access_tokens'
def post_request(generated_jwt, installation_id, api_base):
base = api_base.rstrip('/')
github_url = f"{base}/app/installations/{installation_id}/access_tokens"
headers = {
"Authorization": f'Bearer {generated_jwt}',
"Accept": "application/vnd.github.v3+json",
}
try:
response = open_url(github_api_url, headers=headers, method='POST')
response = open_url(github_url, headers=headers, method='POST')
except HTTPError as e:
try:
error_body = json.loads(e.read().decode())
@@ -167,7 +178,7 @@ def post_request(generated_jwt, installation_id):
except Exception:
error_body = {}
if e.code == 404:
raise AnsibleError("Github return error. Please confirm your installationd_id value is valid")
raise AnsibleError("Github return error. Please confirm your installation_id value is valid")
elif e.code == 401:
raise AnsibleError("Github return error. Please confirm your private key is valid")
raise AnsibleError(f"Unexpected data returned: {e} -- {error_body}")
@@ -179,10 +190,10 @@ def post_request(generated_jwt, installation_id):
return json_data.get('token')
def get_token(key_path, app_id, installation_id, private_key, expiry=600):
def get_token(key_path, app_id, installation_id, private_key, github_url, expiry=600):
jwk = read_key(key_path, private_key)
generated_jwt = encode_jwt(app_id, jwk, exp=expiry)
return post_request(generated_jwt, installation_id)
return post_request(generated_jwt, installation_id, github_url)
class LookupModule(LookupBase):
@@ -207,6 +218,7 @@ class LookupModule(LookupBase):
self.get_option('app_id'),
self.get_option('installation_id'),
self.get_option('private_key'),
self.get_option('github_url'),
self.get_option('token_expiry'),
)

6
plugins/lookup/onepassword.py
View File

@@ -85,7 +85,6 @@ from ansible.plugins.lookup import LookupBase
from ansible.errors import AnsibleLookupError, AnsibleOptionsError
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils.common.text.converters import to_bytes, to_text
from ansible.module_utils.six import with_metaclass
from ansible_collections.community.general.plugins.module_utils.onepassword import OnePasswordConfig
@@ -98,7 +97,7 @@ def _lower_if_possible(value):
return value
class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
class OnePassCLIBase(object, metaclass=abc.ABCMeta):
bin = "op"
def __init__(
@@ -610,7 +609,8 @@ class OnePass(object):
def _get_cli_class(self, cli_class=None):
if cli_class is not None:
return cli_class(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token)
return cli_class(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token,
self.account_id, self.connect_host, self.connect_token)
version = OnePassCLIBase.get_current_version()
for cls in OnePassCLIBase.__subclasses__():

5
plugins/lookup/random_string.py
View File

@@ -16,7 +16,7 @@ short_description: Generates random string
version_added: '3.2.0'
description:
- Generates random string based upon the given constraints.
- Uses L(random.SystemRandom,https://docs.python.org/3/library/random.html#random.SystemRandom), so should be strong enough
- Uses L(secrets.SystemRandom,https://docs.python.org/3/library/secrets.html#secrets.SystemRandom), so should be strong enough
for cryptographic purposes.
options:
length:
@@ -169,6 +169,7 @@ _raw:
import base64
import random
import secrets
import string
from ansible.errors import AnsibleLookupError
@@ -209,7 +210,7 @@ class LookupModule(LookupBase):
seed = self.get_option("seed")
if seed is None:
random_generator = random.SystemRandom()
random_generator = secrets.SystemRandom()
else:
random_generator = random.Random(seed)

6
plugins/lookup/revbitspss.py
View File

@@ -66,7 +66,6 @@ EXAMPLES = r"""
from ansible.plugins.lookup import LookupBase
from ansible.utils.display import Display
from ansible.errors import AnsibleError
from ansible.module_utils.six import raise_from
try:
from pam.revbits_ansible.server import SecretServer
@@ -87,10 +86,7 @@ class LookupModule(LookupBase):
def run(self, terms, variables, **kwargs):
if ANOTHER_LIBRARY_IMPORT_ERROR:
raise_from(
AnsibleError('revbits_ansible must be installed to use this plugin'),
ANOTHER_LIBRARY_IMPORT_ERROR
)
raise AnsibleError('revbits_ansible must be installed to use this plugin') from ANOTHER_LIBRARY_IMPORT_ERROR
self.set_options(var_options=variables, direct=kwargs)
secret_server = LookupModule.Client(
{

70
plugins/lookup/tss.py
View File

@@ -9,7 +9,7 @@ __metaclass__ = type
DOCUMENTATION = r"""
name: tss
author: Adam Migus (@amigus) <adam@migus.org>
short_description: Get secrets from Thycotic Secret Server
short_description: Get secrets from Delinea Secret Server
version_added: 1.0.0
description:
- Uses the Thycotic Secret Server Python SDK to get Secrets from Secret Server using token authentication with O(username)
@@ -121,14 +121,16 @@ options:
RETURN = r"""
_list:
description:
- The JSON responses to C(GET /secrets/{id}).
- The JSON responses to C(GET /secrets/{id}) and C(GET /secrets/{path}).
- See U(https://updates.thycotic.net/secretserver/restapiguide/TokenAuth/#operation--secrets--id--get).
type: list
elements: dict
"""
EXAMPLES = r"""
- hosts: localhost
# Using Secret Server Authentication
- name: Lookup secret using Secret Server user credentials
hosts: localhost
vars:
secret: >-
{{
@@ -149,7 +151,8 @@ EXAMPLES = r"""
value_name='itemValue'))['password']
}}
- hosts: localhost
- name: Lookup secret with domain user
hosts: localhost
vars:
secret: >-
{{
@@ -171,7 +174,8 @@ EXAMPLES = r"""
value_name='itemValue'))['password']
}}
- hosts: localhost
- name: Lookup secret using Secret Server token
hosts: localhost
vars:
secret_password: >-
{{
@@ -189,7 +193,8 @@ EXAMPLES = r"""
# Private key stores into certificate file which is attached with secret.
# If fetch_attachments=True then private key file will be download on specified path
# and file content will display in debug message.
- hosts: localhost
- name: Lookup secret and fetch attachments using Secret Server token
hosts: localhost
vars:
secret: >-
{{
@@ -212,7 +217,8 @@ EXAMPLES = r"""
}}
# If fetch_secret_ids_from_folder=true then secret IDs are in a folder is fetched based on folder ID
- hosts: localhost
- name: Lookup secret IDs by folder ID using Secret Server token
hosts: localhost
vars:
secret: >-
{{
@@ -232,7 +238,8 @@ EXAMPLES = r"""
}}
# If secret ID is 0 and secret_path has value then secret is fetched by secret path
- hosts: localhost
- name: Lookup secret by secret path using Secret Server user credentials
hosts: localhost
vars:
secret: >-
{{
@@ -253,12 +260,50 @@ EXAMPLES = r"""
| items2dict(key_name='slug',
value_name='itemValue'))['password']
}}
# Using Platform Authentication
- name: Lookup secret using Platform service user credentials
hosts: localhost
vars:
secret: >-
{{
lookup(
'community.general.tss',
102,
base_url='https://platform.delinea.app/',
username='platform_service_username',
password='platform_service_user_password'
)
}}
tasks:
- ansible.builtin.debug:
msg: >
the password is {{
(secret['items']
| items2dict(key_name='slug',
value_name='itemValue'))['password']
}}
- name: Lookup secret using platform token
hosts: localhost
vars:
secret_password: >-
{{
((lookup(
'community.general.tss',
102,
base_url='https://platform.delinea.app/',
token='delinea_platform_access_token',
) | from_json).get('items') | items2dict(key_name='slug', value_name='itemValue'))['password']
}}
tasks:
- ansible.builtin.debug:
msg: the password is {{ secret_password }}
"""
import abc
import os
from ansible.errors import AnsibleError, AnsibleOptionsError
from ansible.module_utils import six
from ansible.plugins.lookup import LookupBase
from ansible.utils.display import Display
@@ -289,8 +334,7 @@ except ImportError:
display = Display()
@six.add_metaclass(abc.ABCMeta)
class TSSClient(object):
class TSSClient(object, metaclass=abc.ABCMeta):
def __init__(self):
self._client = None
@@ -388,9 +432,7 @@ class TSSClientV1(TSSClient):
@staticmethod
def _get_authorizer(**server_parameters):
if server_parameters.get("token"):
return AccessTokenAuthorizer(
server_parameters["token"],
)
return AccessTokenAuthorizer(server_parameters["token"], server_parameters["base_url"])
if server_parameters.get("domain"):
return DomainPasswordGrantAuthorizer(

0
plugins/module_utils/__init__.py Normal file
View File

4
plugins/module_utils/datetime.py
View File

@@ -22,8 +22,8 @@ def ensure_timezone_info(value):
def fromtimestamp(value):
if _USE_TIMEZONE:
return _datetime.fromtimestamp(value, tz=_datetime.timezone.utc)
return _datetime.utcfromtimestamp(value)
return _datetime.datetime.fromtimestamp(value, tz=_datetime.timezone.utc)
return _datetime.datetime.utcfromtimestamp(value)
def now():

4
plugins/module_utils/gitlab.py
View File

@@ -134,7 +134,7 @@ def gitlab_authentication(module, min_version=None):
def filter_returned_variables(gitlab_variables):
# pop properties we don't know
existing_variables = [dict(x.attributes) for x in gitlab_variables]
KNOWN = ['key', 'value', 'masked', 'hidden', 'protected', 'variable_type', 'environment_scope', 'raw']
KNOWN = ['key', 'value', 'description', 'masked', 'hidden', 'protected', 'variable_type', 'environment_scope', 'raw']
for item in existing_variables:
for key in list(item.keys()):
if key not in KNOWN:
@@ -151,6 +151,7 @@ def vars_to_variables(vars, module):
{
"name": item,
"value": str(value),
"description": None,
"masked": False,
"protected": False,
"hidden": False,
@@ -163,6 +164,7 @@ def vars_to_variables(vars, module):
new_item = {
"name": item,
"value": value.get('value'),
"description": value.get('description'),
"masked": value.get('masked'),
"hidden": value.get('hidden'),
"protected": value.get('protected'),

2
plugins/module_utils/identity/keycloak/keycloak.py
View File

@@ -1671,7 +1671,7 @@ class KeycloakAPI(object):
return None
for p in name_chain[1:]:
for sg in self.get_subgroups(tmp):
for sg in self.get_subgroups(tmp, realm):
pv, is_id = self._get_normed_group_parent(p)
if is_id:

4
plugins/module_utils/identity/keycloak/keycloak_clientsecret.py
View File

@@ -35,8 +35,8 @@ def keycloak_clientsecret_module():
argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=([['id', 'client_id'],
['token', 'auth_realm', 'auth_username', 'auth_password']]),
required_together=([['auth_realm', 'auth_username', 'auth_password']]),
['token', 'auth_realm', 'auth_username', 'auth_password', 'auth_client_id', 'auth_client_secret']]),
required_together=([['auth_username', 'auth_password']]),
mutually_exclusive=[
['token', 'auth_realm'],
['token', 'auth_username'],

2
plugins/module_utils/pipx.py
View File

@@ -64,7 +64,7 @@ def pipx_runner(module, command, **kwargs):
module,
command=command,
arg_formats=arg_formats,
environ_update={'USE_EMOJI': '0'},
environ_update={'USE_EMOJI': '0', 'PIPX_USE_EMOJI': '0'},
check_rc=True,
**kwargs
)

5
plugins/module_utils/scaleway.py
View File

@@ -109,10 +109,7 @@ class SecretVariables(object):
@staticmethod
def dict_to_list(source_dict):
return [
dict(key=var[0], value=var[1])
for var in source_dict.items()
]
return [dict(key=k, value=v) for k, v in source_dict.items()]
@staticmethod
def list_to_dict(source_list, hashed=False):

2
plugins/modules/ansible_galaxy_install.py
View File

@@ -23,7 +23,7 @@ notes:
seealso:
- name: C(ansible-galaxy) command manual page
description: Manual page for the command.
link: https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html
link: https://docs.ansible.com/projects/ansible/latest/cli/ansible-galaxy.html
requirements:
- ansible-core 2.11 or newer

2
plugins/modules/archive.py
View File

@@ -14,7 +14,7 @@ DOCUMENTATION = r"""
module: archive
short_description: Creates a compressed archive of one or more files or trees
extends_documentation_fragment:
- files
- ansible.builtin.files
- community.general.attributes
description:
- Creates or extends an archive.

25
plugins/modules/cloudflare_dns.py
View File

@@ -61,9 +61,12 @@ options:
flag:
description:
- Issuer Critical Flag.
- Should be set either to V(0) for not critical, or to V(128) for critical.
- Before community.general 11.4.4, only V(0) and V(1) were valid options.
The value V(1) is still available for backwards-compatibility reasons.
- Required for O(type=CAA) when O(state=present).
type: int
choices: [0, 1]
choices: [0, 1, 128]
version_added: 8.0.0
tag:
description:
@@ -907,7 +910,7 @@ def main():
hash_type=dict(type='int', choices=[1, 2]),
key_tag=dict(type='int', no_log=False),
port=dict(type='int'),
flag=dict(type='int', choices=[0, 1]),
flag=dict(type='int', choices=[0, 1, 128]),
tag=dict(type='str', choices=['issue', 'issuewild', 'iodef']),
tags=dict(type='list', elements='str'),
priority=dict(type='int', default=1),
@@ -929,9 +932,9 @@ def main():
required_if=[
('state', 'present', ['record', 'type', 'value']),
('state', 'absent', ['record']),
('type', 'SRV', ['proto', 'service', 'value']),
('type', 'SRV', ['proto', 'service']),
('type', 'TLSA', ['proto', 'port']),
('type', 'CAA', ['flag', 'tag', 'value']),
('type', 'CAA', ['flag', 'tag']),
],
required_together=[
('account_api_key', 'account_email'),
@@ -942,8 +945,11 @@ def main():
)
if module.params['type'] == 'SRV':
if not module.params['value'] == '':
module.fail_json(msg="For SRV records the params weight, port and value all need to be defined.")
if not ((module.params['weight'] is not None and module.params['port'] is not None
and not (module.params['value'] is None or module.params['value'] == ''))
or (module.params['weight'] is None and module.params['port'] is None
and (module.params['value'] is None or module.params['value'] == ''))):
module.fail_json(msg="For SRV records the params weight, port and value all need to be defined, or not at all.")
if module.params['type'] == 'SSHFP':
if not ((module.params['algorithm'] is not None and module.params['hash_type'] is not None
@@ -960,8 +966,11 @@ def main():
module.fail_json(msg="For TLSA records the params cert_usage, selector, hash_type and value all need to be defined, or not at all.")
if module.params['type'] == 'CAA':
if not module.params['value'] == '':
module.fail_json(msg="For CAA records the params flag, tag and value all need to be defined.")
if not ((module.params['flag'] is not None and module.params['tag'] is not None
and not (module.params['value'] is None or module.params['value'] == ''))
or (module.params['flag'] is None and module.params['tag'] is None
and (module.params['value'] is None or module.params['value'] == ''))):
module.fail_json(msg="For CAA records the params flag, tag and value all need to be defined, or not at all.")
if module.params['type'] == 'DS':
if not ((module.params['key_tag'] is not None and module.params['algorithm'] is not None and module.params['hash_type'] is not None

4
plugins/modules/cobbler_system.py
View File

@@ -161,7 +161,6 @@ from ansible.module_utils.common.text.converters import to_text
from ansible_collections.community.general.plugins.module_utils.datetime import (
now,
)
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
IFPROPS_MAPPING = dict(
bondingopts='bonding_opts',
@@ -280,7 +279,8 @@ def main():
if system:
# Update existing entry
system_id = ''
if LooseVersion(str(conn.version())) >= LooseVersion('3.4'):
# https://github.com/cobbler/cobbler/blame/v3.3.7/cobbler/api.py#L277
if float(conn.version()) >= 3.4:
system_id = conn.get_system_handle(name)
else:
system_id = conn.get_system_handle(name, token)

4
plugins/modules/consul.py
View File

@@ -25,7 +25,7 @@ description:
metadata so at that stage change management is to be added.
- See U(http://consul.io) for more details.
requirements:
- python-consul
- py-consul
- requests
author: "Steve Gargan (@sgargan)"
extends_documentation_fragment:
@@ -549,7 +549,7 @@ class ConsulCheck(object):
def test_dependencies(module):
if not python_consul_installed:
module.fail_json(msg="python-consul required for this module. see https://python-consul.readthedocs.io/en/latest/#installation")
module.fail_json(msg="py-consul required for this module. see https://github.com/criteo/py-consul?tab=readme-ov-file#installation")
def main():

14
plugins/modules/consul_kv.py
View File

@@ -15,12 +15,12 @@ module: consul_kv
short_description: Manipulate entries in the key/value store of a Consul cluster
description:
- Allows the retrieval, addition, modification and deletion of key/value entries in a Consul cluster using the agent. The
entire contents of the record, including the indices, flags and session are returned as C(value).
entire contents of the record, including the indices, flags and session are returned as RV(ignore:value).
- If the O(key) represents a prefix then note that when a value is removed, the existing value if any is returned as part
of the results.
- See http://www.consul.io/docs/agent/http.html#kv for more details.
requirements:
- python-consul
- py-consul
- requests
author:
- Steve Gargan (@sgargan)
@@ -36,11 +36,11 @@ options:
state:
description:
- The action to take with the supplied key and value. If the state is V(present) and O(value) is set, the key contents
is set to the value supplied and C(changed) is set to V(true) only if the value was different to the current contents.
is set to the value supplied and RV(ignore:changed) is set to V(true) only if the value was different to the current contents.
If the state is V(present) and O(value) is not set, the existing value associated to the key is returned. The state
V(absent) is used to remove the key/value pair, again C(changed) is set to V(true) only if the key actually existed
V(absent) is used to remove the key/value pair, again RV(ignore:changed) is set to V(true) only if the key actually existed
prior to the removal. An attempt can be made to obtain or free the lock associated with a key/value pair with the
states V(acquire) or V(release) respectively. A valid session must be supplied to make the attempt C(changed) is V(true)
states V(acquire) or V(release) respectively. A valid session must be supplied to make the attempt RV(ignore:changed) is V(true)
if the attempt is successful, V(false) otherwise.
type: str
choices: [absent, acquire, present, release]
@@ -150,8 +150,8 @@ except ImportError:
from ansible.module_utils.basic import AnsibleModule
# Note: although the python-consul documentation implies that using a key with a value of `None` with `put` has a
# special meaning (https://python-consul.readthedocs.io/en/latest/#consul-kv), if not set in the subsequently API call,
# Note: although the py-consul implementation implies that using a key with a value of `None` with `put` has a special
# meaning (https://github.com/criteo/py-consul/blob/master/consul/api/kv.py), if not set in the subsequently API call,
# the value just defaults to an empty string (https://www.consul.io/api/kv.html#create-update-key)
NOT_SET = None

2
plugins/modules/decompress.py
View File

@@ -71,7 +71,7 @@ EXAMPLES = r"""
- name: Decompress file compressed with bzip2
community.general.decompress:
src: /path/to/file.txt.bz2
dest: /path/to/file.bz2
dest: /path/to/file.txt
format: bz2
- name: Decompress file and delete the compressed file afterwards

8
plugins/modules/discord.py
View File

@@ -80,7 +80,7 @@ EXAMPLES = r"""
webhook_token: "XXXYYY"
content: "This is a message from ansible"
username: Ansible
avatar_url: "https://docs.ansible.com/ansible/latest/_static/images/logo_invert.png"
avatar_url: "https://docs.ansible.com/favicon/favicon-32x32.png"
- name: Send a embedded message to the Discord channel
community.general.discord:
@@ -92,7 +92,7 @@ EXAMPLES = r"""
footer:
text: "Author: Ansible"
image:
url: "https://docs.ansible.com/ansible/latest/_static/images/logo_invert.png"
url: "https://docs.ansible.com/favicon/favicon-32x32.png"
- name: Send two embedded messages
community.general.discord:
@@ -104,12 +104,12 @@ EXAMPLES = r"""
footer:
text: "Author: Ansible"
image:
url: "https://docs.ansible.com/ansible/latest/_static/images/logo_invert.png"
url: "https://docs.ansible.com/favicon/favicon-32x32.png"
- title: "Second message"
description: "This is my first second message"
footer:
text: "Author: Ansible"
icon_url: "https://docs.ansible.com/ansible/latest/_static/images/logo_invert.png"
icon_url: "https://docs.ansible.com/favicon/favicon-32x32.png"
fields:
- name: "Field 1"
value: "Value of my first field"

22
plugins/modules/filesystem.py
View File

@@ -41,14 +41,14 @@ options:
choices: [bcachefs, btrfs, ext2, ext3, ext4, ext4dev, f2fs, lvm, ocfs2, reiserfs, xfs, vfat, swap, ufs]
description:
- Filesystem type to be created. This option is required with O(state=present) (or if O(state) is omitted).
- Ufs support has been added in community.general 3.4.0.
- Bcachefs support has been added in community.general 8.6.0.
- V(ufs) support has been added in community.general 3.4.0.
- V(bcachefs) support has been added in community.general 8.6.0.
type: str
aliases: [type]
dev:
description:
- Target path to block device (Linux) or character device (FreeBSD) or regular file (both).
- When setting Linux-specific filesystem types on FreeBSD, this module only works when applying to regular files, aka
- When setting Linux-specific filesystem types on FreeBSD, this module only works when applying to regular files, also known as
disk images.
- Currently V(lvm) (Linux-only) and V(ufs) (FreeBSD-only) do not support a regular file as their target O(dev).
- Support for character devices on FreeBSD has been added in community.general 3.4.0.
@@ -63,8 +63,9 @@ options:
resizefs:
description:
- If V(true), if the block device and filesystem size differ, grow the filesystem into the space.
- Supported for C(bcachefs), C(btrfs), C(ext2), C(ext3), C(ext4), C(ext4dev), C(f2fs), C(lvm), C(xfs), C(ufs) and C(vfat)
filesystems. Attempts to resize other filesystem types fail.
- >-
Supported when O(fstype) is one of: V(bcachefs), V(btrfs), V(ext2), V(ext3), V(ext4), V(ext4dev), V(f2fs), V(lvm), V(xfs), V(ufs) and V(vfat).
Attempts to resize other filesystem types fail.
- XFS only grows if mounted. Currently, the module is based on commands from C(util-linux) package to perform operations,
so resizing of XFS is not supported on FreeBSD systems.
- VFAT is likely to fail if C(fatresize < 1.04).
@@ -81,7 +82,7 @@ options:
- The UUID options specified in O(opts) take precedence over this value.
- See xfs_admin(8) (C(xfs)), tune2fs(8) (C(ext2), C(ext3), C(ext4), C(ext4dev)) for possible values.
- For O(fstype=lvm) the value is ignored, it resets the PV UUID if set.
- Supported for O(fstype) being one of C(bcachefs), C(ext2), C(ext3), C(ext4), C(ext4dev), C(lvm), or C(xfs).
- Supported for O(fstype) being one of V(bcachefs), V(ext2), V(ext3), V(ext4), V(ext4dev), V(lvm), or V(xfs).
- This is B(not idempotent). Specifying this option always results in a change.
- Mutually exclusive with O(resizefs).
type: str
@@ -93,7 +94,7 @@ requirements:
- On FreeBSD, either C(util-linux) or C(e2fsprogs) package is required.
notes:
- Potential filesystems on O(dev) are checked using C(blkid). In case C(blkid) is unable to detect a filesystem (and in
case C(fstyp) on FreeBSD is also unable to detect a filesystem), this filesystem is overwritten even if O(force) is V(false).
case C(fstyp) on FreeBSD is also unable to detect a filesystem), this filesystem is overwritten even if O(force=false).
- On FreeBSD systems, both C(e2fsprogs) and C(util-linux) packages provide a C(blkid) command that is compatible with this
module. However, these packages conflict with each other, and only the C(util-linux) package provides the command required
to not fail when O(state=absent).
@@ -209,6 +210,7 @@ class Filesystem(object):
MKFS_SET_UUID_EXTRA_OPTIONS = []
INFO = None
GROW = None
GROW_SLACK = 0
GROW_MAX_SPACE_FLAGS = []
GROW_MOUNTPOINT_ONLY = False
CHANGE_UUID = None
@@ -277,7 +279,7 @@ class Filesystem(object):
self.module.warn("unable to process %s output '%s'" % (self.INFO, to_native(err)))
self.module.fail_json(msg="unable to process %s output for %s" % (self.INFO, dev))
if not fssize_in_bytes < devsize_in_bytes:
if fssize_in_bytes + self.GROW_SLACK >= devsize_in_bytes:
self.module.exit_json(changed=False, msg="%s filesystem is using the whole device %s" % (self.fstype, dev))
elif self.module.check_mode:
self.module.exit_json(changed=True, msg="resizing filesystem %s on device %s" % (self.fstype, dev))
@@ -355,6 +357,10 @@ class XFS(Filesystem):
MKFS_FORCE_FLAGS = ['-f']
INFO = 'xfs_info'
GROW = 'xfs_growfs'
# XFS (defaults with 4KiB blocksize) requires at least 64 block of free
# space to add a new allocation group, avoid resizing (noop, but shown as
# diff) if the difference between the filesystem and the device is less
GROW_SLACK = 64 * 4096 - 1
GROW_MOUNTPOINT_ONLY = True
CHANGE_UUID = "xfs_admin"
CHANGE_UUID_OPTION = "-U"

2
plugins/modules/flatpak.py
View File

@@ -226,7 +226,7 @@ def update_flat(module, binary, names, method, no_dependencies):
command += installed_flat_names
stdout = _flatpak_command(module, module.check_mode, command)
result["changed"] = (
True if module.check_mode else stdout.find("Nothing to do.") == -1
True if module.check_mode else (stdout.find("Nothing to do.") == -1 and stdout.find("Nothing to update.") == -1)
)

20
plugins/modules/gem.py
View File

@@ -243,7 +243,7 @@ def uninstall(module):
if module.params['force']:
cmd.append('--force')
cmd.append(module.params['name'])
module.run_command(cmd, environ_update=environ, check_rc=True)
return module.run_command(cmd, environ_update=environ, check_rc=True)
def install(module):
@@ -334,9 +334,21 @@ def main():
changed = True
elif module.params['state'] == 'absent':
if exists(module):
uninstall(module)
changed = True
command_output = uninstall(module)
if command_output is not None and exists(module):
rc, out, err = command_output
module.fail_json(
msg=(
"Failed to uninstall gem '%s': it is still present after 'gem uninstall'. "
"This usually happens with default or system gems provided by the OS, "
"which cannot be removed with the gem command."
) % module.params['name'],
rc=rc,
stdout=out,
stderr=err
)
else:
changed = True
result = {}
result['name'] = module.params['name']
result['state'] = module.params['state']

2
plugins/modules/github_deploy_key.py
View File

@@ -284,6 +284,8 @@ class GithubDeployKey(object):
body = info.get('body')
if body:
err = self.module.from_json(body)['message']
else:
err = None
if status_code == 401:
self.module.fail_json(msg="Failed to connect to {0} due to invalid credentials".format(self.github_url), http_status_code=status_code, error=err)

23
plugins/modules/gitlab_group_variable.py
View File

@@ -87,6 +87,12 @@ options:
- The variable value.
- Required when O(state=present).
type: str
description:
description:
- A description for the variable.
- Support for descriptions requires GitLab >= 16.2.
type: str
version_added: '11.4.0'
masked:
description:
- Whether variable value is masked or not.
@@ -240,6 +246,7 @@ class GitlabGroupVariables(object):
var = {
"key": var_obj.get('key'),
"value": var_obj.get('value'),
"description": var_obj.get('description'),
"masked": var_obj.get('masked'),
"masked_and_hidden": var_obj.get('hidden'),
"protected": var_obj.get('protected'),
@@ -348,14 +355,13 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
return_value['removed'].append(item)
elif state == 'absent':
# value does not matter on removing variables.
# key and environment scope are sufficient
for item in existing_variables:
item.pop('value')
item.pop('variable_type')
for item in requested_variables:
item.pop('value')
item.pop('variable_type')
# value, type, and description do not matter on removing variables.
keys_ignored_on_deletion = ['value', 'variable_type', 'description']
for key in keys_ignored_on_deletion:
for item in existing_variables:
item.pop(key)
for item in requested_variables:
item.pop(key)
if not purge:
remove_requested = [x for x in requested_variables if x in existing_variables]
@@ -392,6 +398,7 @@ def main():
variables=dict(type='list', elements='dict', default=list(), options=dict(
name=dict(type='str', required=True),
value=dict(type='str', no_log=True),
description=dict(type='str'),
masked=dict(type='bool', default=False),
hidden=dict(type='bool', default=False),
protected=dict(type='bool', default=False),

23
plugins/modules/gitlab_instance_variable.py
View File

@@ -64,6 +64,12 @@ options:
- The variable value.
- Required when O(state=present).
type: str
description:
description:
- A description for the variable.
- Support for descriptions requires GitLab >= 16.8.
type: str
version_added: '11.4.0'
masked:
description:
- Whether variable value is masked or not.
@@ -165,6 +171,7 @@ class GitlabInstanceVariables(object):
var = {
"key": var_obj.get('key'),
"value": var_obj.get('value'),
"description": var_obj.get('description'),
"masked": var_obj.get('masked'),
"protected": var_obj.get('protected'),
"raw": var_obj.get('raw'),
@@ -265,14 +272,13 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
return_value['removed'].append(item)
elif state == 'absent':
# value does not matter on removing variables.
# key and environment scope are sufficient
for item in existing_variables:
item.pop('value')
item.pop('variable_type')
for item in requested_variables:
item.pop('value')
item.pop('variable_type')
# value, type, and description do not matter on removing variables.
keys_ignored_on_deletion = ['value', 'variable_type', 'description']
for key in keys_ignored_on_deletion:
for item in existing_variables:
item.pop(key)
for item in requested_variables:
item.pop(key)
if not purge:
remove_requested = [x for x in requested_variables if x in existing_variables]
@@ -305,6 +311,7 @@ def main():
variables=dict(type='list', elements='dict', default=list(), options=dict(
name=dict(type='str', required=True),
value=dict(type='str', no_log=True),
description=dict(type='str'),
masked=dict(type='bool', default=False),
protected=dict(type='bool', default=False),
raw=dict(type='bool', default=False),

23
plugins/modules/gitlab_project_variable.py
View File

@@ -86,6 +86,12 @@ options:
- The variable value.
- Required when O(state=present).
type: str
description:
description:
- A description for the variable.
- Support for descriptions requires GitLab >= 16.2.
type: str
version_added: '11.4.0'
masked:
description:
- Whether variable value is masked or not.
@@ -260,6 +266,7 @@ class GitlabProjectVariables(object):
var = {
"key": var_obj.get('key'),
"value": var_obj.get('value'),
"description": var_obj.get('description'),
"masked": var_obj.get('masked'),
"masked_and_hidden": var_obj.get('hidden'),
"protected": var_obj.get('protected'),
@@ -370,14 +377,13 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
return_value['removed'].append(item)
elif state == 'absent':
# value does not matter on removing variables.
# key and environment scope are sufficient
for item in existing_variables:
item.pop('value')
item.pop('variable_type')
for item in requested_variables:
item.pop('value')
item.pop('variable_type')
# value, type, and description do not matter on removing variables.
keys_ignored_on_deletion = ['value', 'variable_type', 'description']
for key in keys_ignored_on_deletion:
for item in existing_variables:
item.pop(key)
for item in requested_variables:
item.pop(key)
if not purge:
remove_requested = [x for x in requested_variables if x in existing_variables]
@@ -414,6 +420,7 @@ def main():
variables=dict(type='list', elements='dict', default=list(), options=dict(
name=dict(type='str', required=True),
value=dict(type='str', no_log=True),
description=dict(type='str'),
masked=dict(type='bool', default=False),
hidden=dict(type='bool', default=False),
protected=dict(type='bool', default=False),

5
plugins/modules/gitlab_runner.py
View File

@@ -345,7 +345,10 @@ class GitLabRunner(object):
'''
def create_runner(self, arguments):
if self._module.check_mode:
return True
class MockRunner:
def __init__(self):
self._attrs = {}
return MockRunner()
try:
if arguments.get('token') is not None:

32
plugins/modules/homebrew.py
View File

@@ -385,12 +385,13 @@ class Homebrew(object):
self.outdated_packages.add(package_name)
def _extract_package_name(self, package_detail, is_cask):
# "brew info" can lookup by name, full_name, token, full_token, or aliases
# In addition, any name can be prefixed by the tap.
# Any of these can be supplied by the user as the package name. In case
# of ambiguity, where a given name might match multiple packages,
# formulae are preferred over casks. For all other ambiguities, the
# results are an error. Note that in the homebrew/core and
# "brew info" can lookup by name, full_name, token, full_token,
# oldnames, old_tokens, or aliases. In addition, any of the
# above names can be prefixed by the tap. Any of these can be
# supplied by the user as the package name. In case of
# ambiguity, where a given name might match multiple packages,
# formulae are preferred over casks. For all other ambiguities,
# the results are an error. Note that in the homebrew/core and
# homebrew/cask taps, there are no "other" ambiguities.
if is_cask: # according to brew info
name = package_detail["token"]
@@ -405,15 +406,26 @@ class Homebrew(object):
#
# Issue https://github.com/ansible-collections/community.general/issues/10012:
# package_detail["tap"] is None if package is no longer available.
tapped_name = [package_detail["tap"] + "/" + name] if package_detail["tap"] else []
aliases = package_detail.get("aliases", [])
package_names = set([name, full_name] + tapped_name + aliases)
#
# Issue https://github.com/ansible-collections/community.general/issues/10804
# name can be an alias, oldnames or old_tokens optionally prefixed by tap
package_names = {name, full_name}
package_names.update(package_detail.get("aliases", []))
package_names.update(package_detail.get("oldnames", []))
package_names.update(package_detail.get("old_tokens", []))
if package_detail['tap']:
# names so far, with tap prefix added to each
tapped_names = {package_detail["tap"] + "/" + x for x in package_names}
package_names.update(tapped_names)
# Finally, identify which of all those package names was the one supplied by the user.
package_names = package_names & set(self.packages)
if len(package_names) != 1:
self.failed = True
self.message = "Package names are missing or ambiguous: " + ", ".join(str(p) for p in package_names)
self.message = "Package names for {name} are missing or ambiguous: {packages}".format(
name=name,
packages=", ".join(str(p) for p in package_names),
)
raise HomebrewException(self.message)
# Then make sure the user provided name resurface.

10
plugins/modules/homebrew_cask.py
View File

@@ -145,14 +145,16 @@ EXAMPLES = r"""
greedy: true
- name: Using sudo password for installing cask
# ansible_become_password must be set in inventory or group_vars; it is not populated by -K
community.general.homebrew_cask:
name: wireshark
state: present
sudo_password: "{{ ansible_become_pass }}"
sudo_password: "{{ ansible_become_password }}"
"""
import os
import re
import shlex
import tempfile
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
@@ -469,17 +471,15 @@ class HomebrewCask(object):
rc, out, err = '', '', ''
with tempfile.NamedTemporaryFile() as sudo_askpass_file:
sudo_askpass_file.write(b"#!/bin/sh\n\necho '%s'\n" % to_bytes(self.sudo_password))
sudo_askpass_file.write(b"#!/bin/sh\necho %s\n" % to_bytes(shlex.quote(self.sudo_password)))
sudo_askpass_file.flush()
os.chmod(sudo_askpass_file.name, 0o700)
sudo_askpass_file.file.close()
rc, out, err = self.module.run_command(
cmd,
environ_update={'SUDO_ASKPASS': sudo_askpass_file.name}
)
self.module.add_cleanup_file(sudo_askpass_file.name)
return (rc, out, err)
# /sudo_password fix --------------------- }}}

2
plugins/modules/htpasswd.py
View File

@@ -76,7 +76,7 @@ notes:
requirements: [passlib>=1.6]
author: "Ansible Core Team"
extends_documentation_fragment:
- files
- ansible.builtin.files
- community.general.attributes
"""

9
plugins/modules/ini_file.py
View File

@@ -16,7 +16,7 @@ DOCUMENTATION = r"""
module: ini_file
short_description: Tweak settings in INI files
extends_documentation_fragment:
- files
- ansible.builtin.files
- community.general.attributes
description:
- Manage (add, remove, change) individual settings in an INI-style file without having to manage the file as a whole with,
@@ -153,6 +153,13 @@ options:
notes:
- While it is possible to add an O(option) without specifying a O(value), this makes no sense.
- As of community.general 3.2.0, UTF-8 BOM markers are discarded when reading files.
seealso:
- plugin: ansible.builtin.ini
plugin_type: lookup
- plugin: community.general.from_ini
plugin_type: filter
- plugin: community.general.to_ini
plugin_type: filter
author:
- Jan-Piet Mens (@jpmens)
- Ales Nosek (@noseka1)

2
plugins/modules/jira.py
View File

@@ -145,7 +145,7 @@ options:
type: str
required: false
description:
- Sets the the assignee when O(operation) is V(create), V(transition), or V(edit).
- Sets the assignee when O(operation) is V(create), V(transition), or V(edit).
- Recent versions of JIRA no longer accept a user name as a user identifier. In that case, use O(account_id) instead.
- Note that JIRA may not allow changing field values on specific transitions or states.
account_id:

2
plugins/modules/kdeconfig.py
View File

@@ -60,7 +60,7 @@ options:
type: bool
default: false
extends_documentation_fragment:
- files
- ansible.builtin.files
- community.general.attributes
attributes:
check_mode:

2
plugins/modules/keycloak_authentication.py
View File

@@ -265,7 +265,7 @@ def create_or_update_executions(kc, config, realm='master'):
after = ""
before = ""
execution = None
if "authenticationExecutions" in config:
if config.get("authenticationExecutions") is not None:
# Get existing executions on the Keycloak server for this alias
existing_executions = kc.get_executions_representation(config, realm=realm)
for new_exec_index, new_exec in enumerate(config["authenticationExecutions"], start=0):

6
plugins/modules/keycloak_authentication_required_actions.py
View File

@@ -93,7 +93,7 @@ EXAMPLES = r"""
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
required_actions:
- alias: "TERMS_AND_CONDITIONS"
name: "Terms and conditions"
providerId: "TERMS_AND_CONDITIONS"
@@ -108,7 +108,7 @@ EXAMPLES = r"""
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
required_actions:
- alias: "TERMS_AND_CONDITIONS"
enabled: false
state: "present"
@@ -121,7 +121,7 @@ EXAMPLES = r"""
auth_realm: "master"
auth_username: "admin"
realm: "master"
required_action:
required_actions:
- alias: "TERMS_AND_CONDITIONS"
state: "absent"
"""

345
plugins/modules/keycloak_client.py
View File

@@ -359,9 +359,23 @@ options:
- authenticationFlowBindingOverrides
version_added: 3.4.0
client_scopes_behavior:
description:
- Determine how O(default_client_scopes) and O(optional_client_scopes) behave when updating an existing client.
- 'V(ignore): Do not change the client scopes of an existing client. This is the default for backward compatibility.'
- 'V(patch): Add missing scopes, do not remove any missing scopes.'
- 'V(idempotent): Make the client scopes exactly as specified, adding and removing scopes as needed.'
aliases:
- clientScopesBehavior
type: str
choices: ['ignore', 'patch', 'idempotent']
default: 'ignore'
version_added: 11.4.0
default_client_scopes:
description:
- List of default client scopes.
- See O(client_scopes_behavior) for how this behaves when updating an existing client.
aliases:
- defaultClientScopes
type: list
@@ -371,6 +385,7 @@ options:
optional_client_scopes:
description:
- List of optional client scopes.
- See O(client_scopes_behavior) for how this behaves when updating an existing client.
aliases:
- optionalClientScopes
type: list
@@ -743,6 +758,80 @@ PROTOCOL_DOCKER_V2 = 'docker-v2'
CLIENT_META_DATA = ['authorizationServicesEnabled']
def normalise_scopes_for_behavior(desired_client, before_client, clientScopesBehavior):
"""
Normalize the desired and existing client scopes according to the specified behavior.
This function adjusts the lists of default and optional client scopes in the desired client
configuration based on the selected behavior:
- 'ignore': The desired scopes are set to match the existing scopes.
- 'patch': Any scopes present in the existing configuration but missing from the desired configuration
are appended to the desired scopes.
- 'idempotent': No modification is made; the desired scopes are used as-is.
:param desired_client:
type: dict
description: The desired client configuration, including default and optional client scopes.
:param before_client:
type: dict
description: The current client configuration, including default and optional client scopes.
:param clientScopesBehavior:
type: str
description: The behavior mode for handling client scopes. Must be one of 'ignore', 'patch', or 'idempotent'.
:return:
type: tuple
description: Returns a tuple of (desired_client, before_client) after normalization.
"""
desired_client = copy.deepcopy(desired_client)
before_client = copy.deepcopy(before_client)
if clientScopesBehavior == 'ignore':
desired_client['defaultClientScopes'] = copy.deepcopy(before_client['defaultClientScopes'])
desired_client['optionalClientScopes'] = copy.deepcopy(before_client['optionalClientScopes'])
elif clientScopesBehavior == 'patch':
for scope in before_client['defaultClientScopes']:
if scope not in desired_client['defaultClientScopes']:
desired_client['defaultClientScopes'].append(scope)
for scope in before_client['optionalClientScopes']:
if scope not in desired_client['optionalClientScopes']:
desired_client['optionalClientScopes'].append(scope)
return desired_client, before_client
def check_optional_scopes_not_default(desired_client, clientScopesBehavior, module):
"""
Ensure that no client scope is assigned as both default and optional.
This function checks the desired client configuration to verify that no scope is present
in both the default and optional client scopes. If such a conflict is found, the module
execution fails with an appropriate error message.
:param desired_client:
type: dict
description: The desired client configuration, including default and optional client scopes.
:param clientScopesBehavior:
type: str
description: The behavior mode for handling client scopes. Must be one of 'ignore', 'patch', or 'idempotent'.
:param module:
type: AnsibleModule
description: The Ansible module instance, used to fail execution if a conflict is detected.
:return:
type: None
description: Returns None. Fails the module if a scope is both default and optional.
"""
if clientScopesBehavior == 'ignore':
return
for scope in desired_client['optionalClientScopes']:
if scope in desired_client['defaultClientScopes']:
module.fail_json(msg='Client scope %s cannot be both default and optional' % scope)
def normalise_cr(clientrep, remove_ids=False):
""" Re-sorts any properties where the order so that diff's is minimised, and adds default values where appropriate so that the
the change detection is more effective.
@@ -753,16 +842,25 @@ def normalise_cr(clientrep, remove_ids=False):
:return: normalised clientrep dict
"""
# Avoid the dict passed in to be modified
clientrep = clientrep.copy()
clientrep = copy.deepcopy(clientrep)
if remove_ids:
clientrep.pop('id', None)
if 'defaultClientScopes' in clientrep:
clientrep['defaultClientScopes'] = list(sorted(clientrep['defaultClientScopes']))
else:
clientrep['defaultClientScopes'] = []
if 'optionalClientScopes' in clientrep:
clientrep['optionalClientScopes'] = list(sorted(clientrep['optionalClientScopes']))
else:
clientrep['optionalClientScopes'] = []
if 'redirectUris' in clientrep:
clientrep['redirectUris'] = list(sorted(clientrep['redirectUris']))
else:
clientrep['redirectUris'] = []
if 'protocolMappers' in clientrep:
clientrep['protocolMappers'] = sorted(clientrep['protocolMappers'], key=lambda x: (x.get('name'), x.get('protocol'), x.get('protocolMapper')))
@@ -778,12 +876,27 @@ def normalise_cr(clientrep, remove_ids=False):
# Set to a default value.
mapper['consentRequired'] = mapper.get('consentRequired', False)
else:
clientrep['protocolMappers'] = []
if 'attributes' in clientrep:
for key, value in clientrep['attributes'].items():
if isinstance(value, bool):
clientrep['attributes'][key] = str(value).lower()
clientrep['attributes'].pop('client.secret.creation.time', None)
else:
clientrep['attributes'] = []
if 'webOrigins' in clientrep:
clientrep['webOrigins'] = sorted(clientrep['webOrigins'])
else:
clientrep['webOrigins'] = []
if 'redirectUris' in clientrep:
clientrep['redirectUris'] = sorted(clientrep['redirectUris'])
else:
clientrep['redirectUris'] = []
return clientrep
@@ -871,6 +984,197 @@ def flow_binding_from_dict_to_model(newClientFlowBinding, realm, kc):
return modelFlow
def find_match(iterable, attribute, name):
"""
Search for an element in a list of dictionaries based on a given attribute and value.
This function iterates over the elements of an iterable (typically a list of dictionaries)
and returns the first element whose value for the specified attribute matches `name`.
:param iterable:
type: iterable (commonly list[dict])
description: The collection of elements to search within (usually a list of dictionaries).
:param attribute:
type: str
description: The dictionary key/attribute used for comparison.
:param name:
type: Any
description: The value to search for within the given attribute.
:return:
type: dict | None
description: Returns the first dictionary where the attribute matches the given value case insensitive.
Returns `None` if no match is found.
"""
name_lower = str(name).lower()
return next(
(
value
for value in iterable
if attribute in value and str(value[attribute]).lower() == name_lower
),
None,
)
def add_default_client_scopes(desired_client, before_client, realm, kc):
"""
Adds missing default client scopes to a Keycloak client.
This function compares the desired default client scopes specified in `desired_client`
with the current default client scopes in `before_client`. For each scope that is present
in `desired_client["defaultClientScopes"]` but missing from `before_client['defaultClientScopes']`,
it retrieves the scope information from Keycloak and adds it to the client.
:param desired_client:
type: dict
description: The desired client configuration, including the list of default client scopes.
:param before_client:
type: dict
description: The current client configuration, including the list of default client scopes.
:param realm
type: str
description: The name of the Keycloak realm.
:param kc
type: KeycloakAPI
description: An instance of the Keycloak API client.
Returns:
None
"""
desired_default_scope = desired_client["defaultClientScopes"]
missing_scopes = [item for item in desired_default_scope if item not in before_client['defaultClientScopes']]
if not missing_scopes:
return
client_scopes = kc.get_clientscopes(realm)
for name in missing_scopes:
scope = find_match(client_scopes, "name", name)
if scope:
kc.add_default_clientscope(scope['id'], realm, desired_client['clientId'])
def add_optional_client_scopes(desired_client, before_client, realm, kc):
"""
Adds missing optional client scopes to a Keycloak client.
This function compares the desired optional client scopes specified in `desired_client`
with the current optional client scopes in `before_client`. For each scope that is present
in `desired_client["optionalClientScopes"]` but missing from `before_client['optionalClientScopes']`,
it retrieves the scope information from Keycloak and adds it to the client.
:param desired_client:
type: dict
description: The desired client configuration, including the list of optional client scopes.
:param before_client:
type: dict
description: The current client configuration, including the list of optional client scopes.
:param realm:
type: str
description: The name of the Keycloak realm.
:param kc:
type: KeycloakAPI
description: An instance of the Keycloak API client.
Returns:
None
"""
desired_optional_scope = desired_client["optionalClientScopes"]
missing_scopes = [item for item in desired_optional_scope if item not in before_client['optionalClientScopes']]
if not missing_scopes:
return
client_scopes = kc.get_clientscopes(realm)
for name in missing_scopes:
scope = find_match(client_scopes, "name", name)
if scope:
kc.add_optional_clientscope(scope['id'], realm, desired_client['clientId'])
def remove_default_client_scopes(desired_client, before_client, realm, kc):
"""
Removes default client scopes from a Keycloak client that are no longer desired.
This function compares the current default client scopes in `before_client`
with the desired default client scopes in `desired_client`. For each scope that is present
in `before_client["defaultClientScopes"]` but missing from `desired_client['defaultClientScopes']`,
it retrieves the scope information from Keycloak and removes it from the client.
:param desired_client:
type: dict
description: The desired client configuration, including the list of default client scopes.
:param before_client:
type: dict
description: The current client configuration, including the list of default client scopes.
:param realm:
type: str
description: The name of the Keycloak realm.
:param kc:
type: KeycloakAPI
description: An instance of the Keycloak API client.
Returns:
None
"""
before_default_scope = before_client["defaultClientScopes"]
missing_scopes = [item for item in before_default_scope if item not in desired_client['defaultClientScopes']]
if not missing_scopes:
return
client_scopes = kc.get_default_clientscopes(realm, desired_client['clientId'])
for name in missing_scopes:
scope = find_match(client_scopes, "name", name)
if scope:
kc.delete_default_clientscope(scope['id'], realm, desired_client['clientId'])
def remove_optional_client_scopes(desired_client, before_client, realm, kc):
"""
Removes optional client scopes from a Keycloak client that are no longer desired.
This function compares the current optional client scopes in `before_client`
with the desired optional client scopes in `desired_client`. For each scope that is present
in `before_client["optionalClientScopes"]` but missing from `desired_client['optionalClientScopes']`,
it retrieves the scope information from Keycloak and removes it from the client.
:param desired_client:
type: dict
description: The desired client configuration, including the list of optional client scopes.
:param before_client:
type: dict
description: The current client configuration, including the list of optional client scopes.
:param realm:
type: str
description: The name of the Keycloak realm.
:param kc:
type: KeycloakAPI
description: An instance of the Keycloak API client.
Returns:
None
"""
before_optional_scope = before_client["optionalClientScopes"]
missing_scopes = [item for item in before_optional_scope if item not in desired_client['optionalClientScopes']]
if not missing_scopes:
return
client_scopes = kc.get_optional_clientscopes(realm, desired_client['clientId'])
for name in missing_scopes:
scope = find_match(client_scopes, "name", name)
if scope:
kc.delete_optional_clientscope(scope['id'], realm, desired_client['clientId'])
def main():
"""
Module execution
@@ -944,6 +1248,7 @@ def main():
),
protocol_mappers=dict(type='list', elements='dict', options=protmapper_spec, aliases=['protocolMappers']),
authorization_settings=dict(type='dict', aliases=['authorizationSettings']),
client_scopes_behavior=dict(type='str', aliases=['clientScopesBehavior'], choices=['ignore', 'patch', 'idempotent'], default='ignore'),
default_client_scopes=dict(type='list', elements='str', aliases=['defaultClientScopes']),
optional_client_scopes=dict(type='list', elements='str', aliases=['optionalClientScopes']),
)
@@ -970,6 +1275,7 @@ def main():
realm = module.params.get('realm')
cid = module.params.get('id')
clientScopesBehavior = module.params.get('client_scopes_behavior')
state = module.params.get('state')
# Filter and map the parameters names that apply to the client
@@ -1002,11 +1308,17 @@ def main():
new_param_value = [{k: v for k, v in x.items() if v is not None} for x in new_param_value]
elif client_param == 'authentication_flow_binding_overrides':
new_param_value = flow_binding_from_dict_to_model(new_param_value, realm, kc)
elif client_param == 'attributes' and 'attributes' in before_client:
attributes_copy = copy.deepcopy(before_client['attributes'])
attributes_copy.update(new_param_value)
new_param_value = attributes_copy
elif client_param in ['clientScopesBehavior', 'client_scopes_behavior']:
continue
changeset[camel(client_param)] = new_param_value
# Prepare the desired values using the existing values (non-existence results in a dict that is save to use as a basis)
desired_client = before_client.copy()
desired_client = copy.deepcopy(before_client)
desired_client.update(changeset)
result['proposed'] = sanitize_cr(changeset)
@@ -1048,28 +1360,39 @@ def main():
else:
if state == 'present':
# We can only compare the current client with the proposed updates we have
desired_client_with_scopes, before_client_with_scopes = normalise_scopes_for_behavior(desired_client, before_client, clientScopesBehavior)
check_optional_scopes_not_default(desired_client, clientScopesBehavior, module)
before_norm = normalise_cr(before_client_with_scopes, remove_ids=True)
desired_norm = normalise_cr(desired_client_with_scopes, remove_ids=True)
# no changes
if before_norm == desired_norm:
result['changed'] = False
result['end_state'] = sanitize_cr(before_client)
result['msg'] = 'No changes required for Client %s.' % desired_client['clientId']
module.exit_json(**result)
# Process an update
result['changed'] = True
if module.check_mode:
# We can only compare the current client with the proposed updates we have
before_norm = normalise_cr(before_client, remove_ids=True)
desired_norm = normalise_cr(desired_client, remove_ids=True)
result['end_state'] = sanitize_cr(desired_client_with_scopes)
if module._diff:
result['diff'] = dict(before=sanitize_cr(before_norm),
after=sanitize_cr(desired_norm))
result['changed'] = desired_norm != before_norm
result['diff'] = dict(before=sanitize_cr(before_client),
after=sanitize_cr(desired_client))
module.exit_json(**result)
# do the update
kc.update_client(cid, desired_client, realm=realm)
remove_default_client_scopes(desired_client_with_scopes, before_client_with_scopes, realm, kc)
remove_optional_client_scopes(desired_client_with_scopes, before_client_with_scopes, realm, kc)
add_default_client_scopes(desired_client_with_scopes, before_client_with_scopes, realm, kc)
add_optional_client_scopes(desired_client_with_scopes, before_client_with_scopes, realm, kc)
after_client = kc.get_client_by_id(cid, realm=realm)
normalize_kc_resp(after_client)
if before_client == after_client:
result['changed'] = False
if module._diff:
result['diff'] = dict(before=sanitize_cr(before_client),
after=sanitize_cr(after_client))

10
plugins/modules/keycloak_clientsecret_info.py
View File

@@ -94,6 +94,16 @@ EXAMPLES = r"""
token: TOKEN
delegate_to: localhost
no_log: true
- name: Get a new Keycloak client secret, authentication with auth_client_id and auth_client_secret
community.general.keycloak_clientsecret_info:
id: '9d59aa76-2755-48c6-b1af-beb70a82c3cd'
realm: MyCustomRealm
auth_client_id: admin-cli
auth_client_secret: SECRET
auth_keycloak_url: https://auth.example.com/auth
delegate_to: localhost
no_log: true
"""
RETURN = r"""

10
plugins/modules/keycloak_clientsecret_regenerate.py
View File

@@ -97,6 +97,16 @@ EXAMPLES = r"""
token: TOKEN
delegate_to: localhost
no_log: true
- name: Regenerate a new Keycloak client secret, authentication with auth_client_id and auth_client_secret
community.general.keycloak_clientsecret_regenerate:
id: '9d59aa76-2755-48c6-b1af-beb70a82c3cd'
realm: MyCustomRealm
auth_client_id: admin-cli
auth_client_secret: SECRET
auth_keycloak_url: https://auth.example.com/auth
delegate_to: localhost
no_log: true
"""
RETURN = r"""

8
plugins/modules/keycloak_component_info.py
View File

@@ -57,7 +57,7 @@ EXAMPLES = r"""
- name: Retrive info of a UserStorageProvider named myldap
community.general.keycloak_component_info:
auth_keycloak_url: http://localhost:8080/auth
auth_sername: admin
auth_username: admin
auth_password: password
auth_realm: master
realm: myrealm
@@ -67,7 +67,7 @@ EXAMPLES = r"""
- name: Retrive key info component
community.general.keycloak_component_info:
auth_keycloak_url: http://localhost:8080/auth
auth_sername: admin
auth_username: admin
auth_password: password
auth_realm: master
realm: myrealm
@@ -77,7 +77,7 @@ EXAMPLES = r"""
- name: Retrive all component from realm master
community.general.keycloak_component_info:
auth_keycloak_url: http://localhost:8080/auth
auth_sername: admin
auth_username: admin
auth_password: password
auth_realm: master
realm: myrealm
@@ -85,7 +85,7 @@ EXAMPLES = r"""
- name: Retrive all sub components of parent component filter by type
community.general.keycloak_component_info:
auth_keycloak_url: http://localhost:8080/auth
auth_sername: admin
auth_username: admin
auth_password: password
auth_realm: master
realm: myrealm

3
plugins/modules/keycloak_realm.py
View File

@@ -829,6 +829,9 @@ def sanitize_cr(realmrep):
:param realmrep: the realmrep dict to be sanitized
:return: sanitized realmrep dict
"""
if not realmrep:
return realmrep
result = realmrep.copy()
if 'secret' in result:
result['secret'] = '********'

2
plugins/modules/keycloak_role.py
View File

@@ -361,7 +361,7 @@ def main():
else:
if state == 'present':
compare_exclude = []
compare_exclude = ['clientId']
if 'composites' in desired_role and isinstance(desired_role['composites'], list) and len(desired_role['composites']) > 0:
composites = kc.get_role_composites(rolerep=before_role, clientid=clientid, realm=realm)
before_role['composites'] = []

2
plugins/modules/keycloak_user.py
View File

@@ -357,7 +357,7 @@ def main():
argument_spec['auth_username']['aliases'] = []
credential_spec = dict(
type=dict(type='str', required=True),
value=dict(type='str', required=True),
value=dict(type='str', required=True, no_log=True),
temporary=dict(type='bool', default=False)
)
client_consents_spec = dict(

23
plugins/modules/keycloak_user_rolemapping.py
View File

@@ -72,15 +72,17 @@ options:
client_id:
type: str
description:
- Name of the client to be mapped (different than O(cid)).
- Name of the client (different than O(cid)) whose role is to be mapped.
- This parameter is required if O(cid) is not provided (can be replaced by O(cid) to reduce the number of API calls
that must be made).
- If neither O(cid) nor O(client_id) is specified, a B(realm) role is mapped instead.
cid:
type: str
description:
- ID of the client to be mapped.
- ID of the client whose role is to be mapped.
- This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API
calls required.
- If neither O(cid) nor O(client_id) is specified, a B(realm) role is mapped instead.
roles:
description:
- Roles to be mapped to the user.
@@ -108,6 +110,23 @@ author:
"""
EXAMPLES = r"""
- name: Map a realm role to a user, authentication with credentials
community.general.keycloak_user_rolemapping:
realm: MyCustomRealm
auth_client_id: admin-cli
auth_keycloak_url: https://auth.example.com/auth
auth_realm: master
auth_username: USERNAME
auth_password: PASSWORD
state: present
user_id: user1Id
roles:
- name: role_name1
id: role_id1
- name: role_name2
id: role_id2
delegate_to: localhost
- name: Map a client role to a user, authentication with credentials
community.general.keycloak_user_rolemapping:
realm: MyCustomRealm

2
plugins/modules/krb_ticket.py
View File

@@ -50,7 +50,7 @@ options:
- Use O(cache_name) as the ticket cache name and location.
- If this option is not used, the default cache name and location are used.
- The default credentials cache may vary between systems.
- If not set the the value of E(KRB5CCNAME) environment variable is used instead, its value is used to name the default
- If not set the value of E(KRB5CCNAME) environment variable is used instead, its value is used to name the default
ticket cache.
type: str
lifetime:

4
plugins/modules/listen_ports_facts.py
View File

@@ -302,10 +302,10 @@ def ss_parse(raw):
conns = regex_conns.search(local_addr_port)
pids = regex_pid.findall(process)
if conns is None and pids is None:
if conns is None and not pids:
continue
if pids is None:
if not pids:
# likely unprivileged user, so add empty name & pid
# as we do in netstat logic to be consistent with output
pids = [(str(), 0)]

Some files were not shown because too many files have changed in this diff Show More