Release 4.8.0.

Add 'state' parameter for alternatives (#4557 ) (#4576 )
* Add 'activate' parameter for alternatives Allow alternatives to be installed without being set as the current selection. * add changelog fragment * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> * rename 'activate' -> 'selected' * rework 'selected' parameter -> 'state' * handle unsetting of currently selected alternative * add integration tests for 'state' parameter * fix linting issues * fix for Python 2.7 compatibility * Remove alternatives file. Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit 29c49febd9) Co-authored-by: Tanner Prestegard <tprestegard@users.noreply.github.com>
2026-04-28 09:26:44 +00:00 · 2022-04-26 11:42:20 +02:00 · 2022-04-26 06:41:04 +00:00 · 2022-04-26 08:20:33 +02:00 · 2022-04-25 22:34:27 +02:00 · 2022-04-25 22:32:46 +02:00
539 changed files with 22426 additions and 4953 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@@ -24,14 +24,15 @@ schedules:
    always: true
    branches:
      include:
-        - stable-2
        - stable-3
+        - stable-4
  - cron: 0 11 * * 0
    displayName: Weekly (old stable branches)
    always: true
    branches:
      include:
        - stable-1
+        - stable-2

 variables:
  - name: checkoutPath
@@ -68,6 +69,19 @@ stages:
            - test: 3
            - test: 4
            - test: extra
+  - stage: Sanity_2_13
+    displayName: Sanity 2.13
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.13/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
  - stage: Sanity_2_12
    displayName: Sanity 2.12
    dependsOn: []
@@ -137,6 +151,19 @@ stages:
            - test: 3.8
            - test: 3.9
            - test: '3.10'
+  - stage: Units_2_13
+    displayName: Units 2.13
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.13/units/{0}/1
+          targets:
+            - test: 2.7
+            - test: 3.6
+            - test: 3.8
+            - test: 3.9
  - stage: Units_2_12
    displayName: Units 2.12
    dependsOn: []
@@ -147,12 +174,8 @@ stages:
          testFormat: 2.12/units/{0}/1
          targets:
            - test: 2.6
-            - test: 2.7
            - test: 3.5
-            - test: 3.6
-            - test: 3.7
            - test: 3.8
-            - test: '3.10'
  - stage: Units_2_11
    displayName: Units 2.11
    dependsOn: []
@@ -165,9 +188,6 @@ stages:
            - test: 2.6
            - test: 2.7
            - test: 3.5
-            - test: 3.6
-            - test: 3.7
-            - test: 3.8
            - test: 3.9
  - stage: Units_2_10
    displayName: Units 2.10
@@ -190,11 +210,7 @@ stages:
          testFormat: 2.9/units/{0}/1
          targets:
            - test: 2.6
-            - test: 2.7
            - test: 3.5
-            - test: 3.6
-            - test: 3.7
-            - test: 3.8

 ## Remote
  - stage: Remote_devel
@@ -205,20 +221,36 @@ stages:
        parameters:
          testFormat: devel/{0}
          targets:
-            - name: macOS 11.1
-              test: macos/11.1
+            - name: macOS 12.0
+              test: macos/12.0
            - name: RHEL 7.9
              test: rhel/7.9
            - name: RHEL 8.5
              test: rhel/8.5
-            - name: FreeBSD 12.2
-              test: freebsd/12.2
+            - name: FreeBSD 12.3
+              test: freebsd/12.3
            - name: FreeBSD 13.0
              test: freebsd/13.0
          groups:
            - 1
            - 2
            - 3
+  - stage: Remote_2_13
+    displayName: Remote 2.13
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.13/{0}
+          targets:
+            - name: macOS 12.0
+              test: macos/12.0
+            - name: RHEL 8.5
+              test: rhel/8.5
+          groups:
+            - 1
+            - 2
+            - 3
  - stage: Remote_2_12
    displayName: Remote 2.12
    dependsOn: []
@@ -248,8 +280,8 @@ stages:
              test: rhel/7.9
            - name: RHEL 8.3
              test: rhel/8.3
-            - name: FreeBSD 12.2
-              test: freebsd/12.2
+            #- name: FreeBSD 12.2
+            #  test: freebsd/12.2
          groups:
            - 1
            - 2
@@ -280,8 +312,8 @@ stages:
              test: rhel/8.2
            - name: RHEL 7.8
              test: rhel/7.8
-            - name: FreeBSD 12.0
-              test: freebsd/12.0
+            #- name: FreeBSD 12.0
+            #  test: freebsd/12.0
          groups:
            - 1
            - 2
@@ -301,14 +333,32 @@ stages:
              test: fedora34
            - name: Fedora 35
              test: fedora35
-            - name: openSUSE 15 py2
-              test: opensuse15py2
-            - name: openSUSE 15 py3
+            - name: openSUSE 15
              test: opensuse15
            - name: Ubuntu 18.04
              test: ubuntu1804
            - name: Ubuntu 20.04
              test: ubuntu2004
+            - name: Alpine 3
+              test: alpine3
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Docker_2_13
+    displayName: Docker 2.13
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.13/linux/{0}
+          targets:
+            - name: Fedora 35
+              test: fedora35
+            - name: openSUSE 15 py2
+              test: opensuse15py2
+            - name: Alpine 3
+              test: alpine3
          groups:
            - 1
            - 2
@@ -323,12 +373,8 @@ stages:
          targets:
            - name: CentOS 6
              test: centos6
-            - name: CentOS 8
-              test: centos8
            - name: Fedora 34
              test: fedora34
-            - name: openSUSE 15 py3
-              test: opensuse15
            - name: Ubuntu 20.04
              test: ubuntu2004
          groups:
@@ -343,12 +389,10 @@ stages:
        parameters:
          testFormat: 2.11/linux/{0}
          targets:
-            - name: CentOS 7
-              test: centos7
            - name: Fedora 33
              test: fedora33
-            - name: openSUSE 15 py2
-              test: opensuse15py2
+            - name: Alpine 3
+              test: alpine3
          groups:
            - 2
            - 3
@@ -377,12 +421,30 @@ stages:
          targets:
            - name: Fedora 31
              test: fedora31
-            - name: openSUSE 15 py3
-              test: opensuse15
          groups:
            - 2
            - 3

+### Community Docker
+  - stage: Docker_community_devel
+    displayName: Docker (community images) devel
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: devel/linux-community/{0}
+          targets:
+            - name: Debian Bullseye
+              test: debian-bullseye/3.9
+            - name: ArchLinux
+              test: archlinux/3.10
+            - name: CentOS Stream 8
+              test: centos-stream8/3.8
+          groups:
+            - 1
+            - 2
+            - 3
+
 ### Cloud
  - stage: Cloud_devel
    displayName: Cloud devel
@@ -394,6 +456,16 @@ stages:
          testFormat: devel/cloud/{0}/1
          targets:
            - test: 2.7
+            - test: '3.10'
+  - stage: Cloud_2_13
+    displayName: Cloud 2.13
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.13/cloud/{0}/1
+          targets:
            - test: 3.9
  - stage: Cloud_2_12
    displayName: Cloud 2.12
@@ -443,25 +515,31 @@ stages:
      - Sanity_2_10
      - Sanity_2_11
      - Sanity_2_12
+      - Sanity_2_13
      - Units_devel
      - Units_2_9
      - Units_2_10
      - Units_2_11
      - Units_2_12
+      - Units_2_13
      - Remote_devel
      - Remote_2_9
      - Remote_2_10
      - Remote_2_11
      - Remote_2_12
+      - Remote_2_13
      - Docker_devel
      - Docker_2_9
      - Docker_2_10
      - Docker_2_11
      - Docker_2_12
+      - Docker_2_13
+      - Docker_community_devel
      - Cloud_devel
      - Cloud_2_9
      - Cloud_2_10
      - Cloud_2_11
      - Cloud_2_12
+      - Cloud_2_13
    jobs:
      - template: templates/coverage.yml
--- a/.github/BOTMETA.yml
+++ b/.github/BOTMETA.yml
@@ -118,6 +118,8 @@ files:
  $doc_fragments/xenserver.py:
    maintainers: bvitnik
    labels: xenserver
+  $filters/counter.py:
+    maintainers: keilr
  $filters/dict.py:
    maintainers: felixfontein
  $filters/dict_kv.py:
@@ -156,7 +158,7 @@ files:
    maintainers: conloos
  $inventories/nmap.py: {}
  $inventories/online.py:
-    maintainers: sieben
+    maintainers: remyleone
  $inventories/opennebula.py:
    maintainers: feldsam
    labels: cloud opennebula
@@ -164,9 +166,9 @@ files:
  $inventories/proxmox.py:
    maintainers: $team_virt ilijamt
  $inventories/xen_orchestra.py:
-    maintainers: shinuza
+    maintainers: ddelnano shinuza
  $inventories/icinga2.py:
-    maintainers: bongoeadgc6
+    maintainers: BongoEADGC6
  $inventories/scaleway.py:
    maintainers: $team_scaleway
    labels: cloud scaleway
@@ -258,6 +260,8 @@ files:
  $module_utils/module_helper.py:
    maintainers: russoz
    labels: module_helper
+  $module_utils/net_tools/pritunl/:
+    maintainers: Lowess
  $module_utils/oracle/oci_utils.py:
    maintainers: $team_oracle
    labels: cloud
@@ -308,6 +312,8 @@ files:
    ignore: hnakamur
  $modules/cloud/lxd/lxd_profile.py:
    maintainers: conloos
+  $modules/cloud/lxd/lxd_project.py:
+    maintainers: we10710aa
  $modules/cloud/memset/:
    maintainers: glitchcrab
  $modules/cloud/misc/cloud_init_data_facts.py:
@@ -322,6 +328,10 @@ files:
  $modules/cloud/misc/proxmox_kvm.py:
    maintainers: helldorado
    ignore: skvidal
+  $modules/cloud/misc/proxmox_nic.py:
+    maintainers: Kogelvis
+  $modules/cloud/misc/proxmox_tasks_info:
+    maintainers: paginabianca
  $modules/cloud/misc/proxmox_template.py:
    maintainers: UnderGreen
    ignore: skvidal
@@ -341,7 +351,7 @@ files:
  $modules/cloud/oneandone/:
    maintainers: aajdinov edevenport
  $modules/cloud/online/:
-    maintainers: sieben
+    maintainers: remyleone
  $modules/cloud/opennebula/:
    maintainers: $team_opennebula
  $modules/cloud/opennebula/one_host.py:
@@ -411,11 +421,13 @@ files:
  $modules/cloud/scaleway/scaleway_ip_info.py:
    maintainers: Spredzy
  $modules/cloud/scaleway/scaleway_organization_info.py:
-    maintainers: sieben Spredzy
+    maintainers: Spredzy
+  $modules/cloud/scaleway/scaleway_private_network.py:
+    maintainers: pastral
  $modules/cloud/scaleway/scaleway_security_group.py:
    maintainers: DenBeke
  $modules/cloud/scaleway/scaleway_security_group_info.py:
-    maintainers: sieben Spredzy
+    maintainers: Spredzy
  $modules/cloud/scaleway/scaleway_security_group_rule.py:
    maintainers: DenBeke
  $modules/cloud/scaleway/scaleway_server_info.py:
@@ -534,6 +546,8 @@ files:
    maintainers: adamgoossens
  $modules/identity/keycloak/keycloak_identity_provider.py:
    maintainers: laurpaum
+  $modules/identity/keycloak/keycloak_realm_info.py:
+    maintainers: fynncfchen
  $modules/identity/keycloak/keycloak_realm.py:
    maintainers: kris2kris
  $modules/identity/keycloak/keycloak_role.py:
@@ -548,6 +562,8 @@ files:
    maintainers: phumpal
    labels: airbrake_deployment
    ignore: bpennypacker
+  $modules/monitoring/alerta_customer.py:
+    maintainers: cwollinger
  $modules/monitoring/bigpanda.py:
    maintainers: hkariti
  $modules/monitoring/circonus_annotation.py:
@@ -619,6 +635,8 @@ files:
    labels: cloudflare_dns
  $modules/net_tools/dnsimple.py:
    maintainers: drcapulet
+  $modules/net_tools/dnsimple_info.py:
+    maintainers: edhilgendorf
  $modules/net_tools/dnsmadeeasy.py:
    maintainers: briceburg
  $modules/net_tools/gandi_livedns.py:
@@ -720,6 +738,8 @@ files:
    maintainers: mwarkentin
  $modules/packaging/language/bundler.py:
    maintainers: thoiberg
+  $modules/packaging/language/cargo.py:
+    maintainers: radek-sprta
  $modules/packaging/language/composer.py:
    maintainers: dmtrs
    ignore: resmo
@@ -807,7 +827,7 @@ files:
  $modules/packaging/os/opkg.py:
    maintainers: skinp
  $modules/packaging/os/pacman.py:
-    maintainers: elasticdog indrajitr tchernomax
+    maintainers: elasticdog indrajitr tchernomax jraby
    labels: pacman
    ignore: elasticdog
  $modules/packaging/os/pacman_key.py:
@@ -901,6 +921,10 @@ files:
  $modules/remote_management/manageiq/:
    labels: manageiq
    maintainers: $team_manageiq
+  $modules/remote_management/manageiq/manageiq_alert_profiles.py:
+    maintainers: elad661
+  $modules/remote_management/manageiq/manageiq_alerts.py:
+    maintainers: elad661
  $modules/remote_management/manageiq/manageiq_group.py:
    maintainers: evertmulder
  $modules/remote_management/manageiq/manageiq_tenant.py:
@@ -951,6 +975,8 @@ files:
    maintainers: SamyCoenen
  $modules/source_control/gitlab/gitlab_user.py:
    maintainers: LennertMertens stgrace
+  $modules/source_control/gitlab/gitlab_branch.py:
+    maintainers: paytroff
  $modules/source_control/hg.py:
    maintainers: yeukhon
  $modules/storage/emc/emc_vnx_sg_member.py:
@@ -959,6 +985,8 @@ files:
    maintainers: farhan7500 gautamphegde
  $modules/storage/ibm/:
    maintainers: tzure
+  $modules/storage/pmem/pmem.py:
+    maintainers: mizumm
  $modules/storage/vexata/:
    maintainers: vexata
  $modules/storage/zfs/:
@@ -1004,6 +1032,8 @@ files:
  $modules/system/gconftool2.py:
    maintainers: Akasurde kevensen
    labels: gconftool2
+  $modules/system/homectl.py:
+    maintainers: jameslivulpi
  $modules/system/interfaces_file.py:
    maintainers: obourdon hryamzik
    labels: interfaces_file
@@ -1086,6 +1116,8 @@ files:
    keywords: beadm dladm illumos ipadm nexenta omnios openindiana pfexec smartos solaris sunos zfs zpool
  $modules/system/ssh_config.py:
    maintainers: gaqzi Akasurde
+  $modules/system/sudoers.py:
+    maintainers: JonEllis
  $modules/system/svc.py:
    maintainers: bcoca
  $modules/system/syspatch.py:
@@ -1142,7 +1174,8 @@ files:
  $modules/web_infrastructure/jenkins_script.py:
    maintainers: hogarthj
  $modules/web_infrastructure/jira.py:
-    maintainers: Slezhuk tarka pertoft DWSR
+    maintainers: Slezhuk tarka pertoft
+    ignore: DWSR
    labels: jira
  $modules/web_infrastructure/nginx_status_info.py:
    maintainers: resmo
@@ -1211,7 +1244,7 @@ macros:
  team_cyberark_conjur: jvanderhoof ryanprior
  team_e_spirit: MatrixCrawler getjack
  team_flatpak: JayKayy oolongbrothers
-  team_gitlab: Lunik Shaps dj-wasabi marwatk waheedi zanssa scodeman metanovii sh0shin
+  team_gitlab: Lunik Shaps dj-wasabi marwatk waheedi zanssa scodeman metanovii sh0shin nejch lgatellier suukit
  team_hpux: bcoca davx8342
  team_huawei: QijunPan TommyLike edisonxiang freesky-edward hwDCN niuzhenguo xuxiaowei0512 yanzhangi zengchen1024 zhongjun2
  team_ipa: Akasurde Nosmoht fxfitz justchris1
@@ -1224,9 +1257,9 @@ macros:
  team_opennebula: ilicmilan meerkampdvv rsmontero xorel nilsding
  team_oracle: manojmeda mross22 nalsaber
  team_purestorage: bannaych dnix101 genegr lionmax opslounge raekins sdodsley sile16
-  team_redfish: mraineri tomasg2012 xmadsen renxulei
+  team_redfish: mraineri tomasg2012 xmadsen renxulei rajeevkallur bhavya06
  team_rhn: FlossWare alikins barnabycourt vritant
-  team_scaleway: QuentinBrosse abarbare jerome-quere kindermoumoute remyleone sieben
+  team_scaleway: remyleone abarbare
  team_solaris: bcoca fishman jasperla jpdasma mator scathatheworm troy2914 xen0l
  team_suse: commel dcermak evrardjp lrupp toabctl AnderEnder alxgu andytom sealor
  team_virt: joshainglis karmab tleguern Thulium-Drake Ajpantuso
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,452 @@ Community General Release Notes

 This changelog describes changes after version 3.0.0.

+v4.8.0
+======
+
+Release Summary
+---------------
+
+Regular feature and bugfix release. Please note that this is the last minor 4.x.0 release. Further releases with major version 4 will be bugfix releases 4.8.y.
+
+Minor Changes
+-------------
+
+- alternatives - add ``state`` parameter, which provides control over whether the alternative should be set as the active selection for its alternatives group (https://github.com/ansible-collections/community.general/issues/4543, https://github.com/ansible-collections/community.general/pull/4557).
+- atomic_container - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- clc_alert_policy - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- clc_group - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- clc_loadbalancer - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- clc_server - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- cmd_runner module util - reusable command runner with consistent argument formatting and sensible defaults (https://github.com/ansible-collections/community.general/pull/4476).
+- datadog_monitor - support new datadog event monitor of type `event-v2 alert` (https://github.com/ansible-collections/community.general/pull/4457)
+- filesystem - add support for resizing btrfs (https://github.com/ansible-collections/community.general/issues/4465).
+- lxd_container - adds ``project`` option to allow selecting project for LXD instance (https://github.com/ansible-collections/community.general/pull/4479).
+- lxd_profile - adds ``project`` option to allow selecting project for LXD profile (https://github.com/ansible-collections/community.general/pull/4479).
+- nmap inventory plugin - add ``sudo`` option in plugin in order to execute ``sudo nmap`` so that ``nmap`` runs with elevated privileges (https://github.com/ansible-collections/community.general/pull/4506).
+- nomad_job - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- nomad_job_info - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- packet_device - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- packet_sshkey - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- packet_volume - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- profitbricks - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- proxmox - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- proxmox inventory plugin - add token authentication as an alternative to username/password (https://github.com/ansible-collections/community.general/pull/4540).
+- proxmox inventory plugin - parse LXC configs returned by the proxmox API (https://github.com/ansible-collections/community.general/pull/4472).
+- proxmox_snap - add restore snapshot option (https://github.com/ansible-collections/community.general/pull/4377).
+- proxmox_snap - fixed timeout value to correctly reflect time in seconds. The timeout was off by one second (https://github.com/ansible-collections/community.general/pull/4377).
+- redfish_command - add ``IndicatorLedOn``, ``IndicatorLedOff``, and ``IndicatorLedBlink`` commands to the Systems category for controling system LEDs (https://github.com/ansible-collections/community.general/issues/4084).
+- seport - minor refactoring (https://github.com/ansible-collections/community.general/pull/4471).
+- smartos_image_info - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- terraform - adds ``terraform_upgrade`` parameter which allows ``terraform init`` to satisfy new provider constraints in an existing Terraform project (https://github.com/ansible-collections/community.general/issues/4333).
+- udm_group - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- udm_share - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+- vmadm - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- webfaction_app - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- webfaction_db - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+- xfconf - added missing value types ``char``, ``uchar``, ``int64`` and ``uint64`` (https://github.com/ansible-collections/community.general/pull/4534).
+
+Deprecated Features
+-------------------
+
+- nmcli - deprecate default hairpin mode for a bridge. This so we can change it to ``false`` in community.general 7.0.0, as this is also the default in ``nmcli`` (https://github.com/ansible-collections/community.general/pull/4334).
+- proxmox inventory plugin - the current default ``true`` of the ``want_proxmox_nodes_ansible_host`` option has been deprecated. The default will change to ``false`` in community.general 6.0.0. To keep the current behavior, explicitly set ``want_proxmox_nodes_ansible_host`` to ``true`` in your inventory configuration. We suggest to already switch to the new behavior by explicitly setting it to ``false``, and by using ``compose:`` to set ``ansible_host`` to the correct value. See the examples in the plugin documentation for details (https://github.com/ansible-collections/community.general/pull/4466).
+
+Bugfixes
+--------
+
+- dnsmadeeasy - fix failure on deleting DNS entries when API response does not contain monitor value (https://github.com/ansible-collections/community.general/issues/3620).
+- git_branch - remove deprecated and unnecessary branch ``unprotect`` method (https://github.com/ansible-collections/community.general/pull/4496).
+- gitlab_group - improve searching for projects inside group on deletion (https://github.com/ansible-collections/community.general/pull/4491).
+- gitlab_group_members - handle more than 20 groups when finding a group (https://github.com/ansible-collections/community.general/pull/4491, https://github.com/ansible-collections/community.general/issues/4460, https://github.com/ansible-collections/community.general/issues/3729).
+- gitlab_hook - handle more than 20 hooks when finding a hook (https://github.com/ansible-collections/community.general/pull/4491).
+- gitlab_project - handle more than 20 namespaces when finding a namespace (https://github.com/ansible-collections/community.general/pull/4491).
+- gitlab_project_members - handle more than 20 projects and users when finding a project resp. user (https://github.com/ansible-collections/community.general/pull/4491).
+- gitlab_user - handle more than 20 users and SSH keys when finding a user resp. SSH key (https://github.com/ansible-collections/community.general/pull/4491).
+- keycloak - fix parameters types for ``defaultDefaultClientScopes`` and ``defaultOptionalClientScopes`` from list of dictionaries to list of strings (https://github.com/ansible-collections/community.general/pull/4526).
+- opennebula inventory plugin - complete the implementation of ``constructable`` for opennebula inventory plugin. Now ``keyed_groups``, ``compose``, ``groups`` actually work (https://github.com/ansible-collections/community.general/issues/4497).
+- pacman - fixed bug where ``absent`` state did not work for locally installed packages (https://github.com/ansible-collections/community.general/pull/4464).
+- pritunl - fixed bug where pritunl plugin api add unneeded data in ``auth_string`` parameter (https://github.com/ansible-collections/community.general/issues/4527).
+- proxmox inventory plugin - fix error when parsing container with LXC configs (https://github.com/ansible-collections/community.general/issues/4472, https://github.com/ansible-collections/community.general/pull/4472).
+- proxmox_kvm - fix a bug when getting a state of VM without name will fail (https://github.com/ansible-collections/community.general/pull/4508).
+- xbps - fix error message that is reported when installing packages fails (https://github.com/ansible-collections/community.general/pull/4438).
+
+New Modules
+-----------
+
+Cloud
+~~~~~
+
+lxd
+^^^
+
+- lxd_project - Manage LXD projects
+
+Monitoring
+~~~~~~~~~~
+
+- alerta_customer - Manage customers in Alerta
+
+v4.7.0
+======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Minor Changes
+-------------
+
+- ipa_service - add ``skip_host_check`` parameter. (https://github.com/ansible-collections/community.general/pull/4417).
+- keycloak_client - add ``always_display_in_console`` parameter (https://github.com/ansible-collections/community.general/issues/4390).
+- keycloak_client - add ``default_client_scopes`` and ``optional_client_scopes`` parameters. (https://github.com/ansible-collections/community.general/pull/4385).
+- proxmox inventory plugin - add support for templating the ``url``, ``user``, and ``password`` options (https://github.com/ansible-collections/community.general/pull/4418).
+- sudoers - add support for ``runas`` parameter (https://github.com/ansible-collections/community.general/issues/4379).
+
+Bugfixes
+--------
+
+- dsv lookup plugin - raise an Ansible error if the wrong ``python-dsv-sdk`` version is installed (https://github.com/ansible-collections/community.general/pull/4422).
+- keycloak_* - the documented ``validate_certs`` parameter was not taken into account when calling the ``open_url`` function in some cases, thus enforcing certificate validation even when ``validate_certs`` was set to ``false``. (https://github.com/ansible-collections/community.general/pull/4382)
+- nmcli - fix returning "changed" when routes parameters set, also suggest new routes4 and routes6 format (https://github.com/ansible-collections/community.general/issues/4131).
+- proxmox inventory plugin - fixed the ``tags_parsed`` field when Proxmox returns a single space for the ``tags`` entry (https://github.com/ansible-collections/community.general/pull/4378).
+- zypper - fixed bug that caused zypper to always report [ok] and do nothing on ``state=present`` when all packages in ``name`` had a version specification (https://github.com/ansible-collections/community.general/issues/4371, https://github.com/ansible-collections/community.general/pull/4421).
+
+v4.6.1
+======
+
+Release Summary
+---------------
+
+Extraordinary bugfix release to fix a breaking change in ``terraform``.
+
+Bugfixes
+--------
+
+- lxd inventory plugin - do not crash if OS and release metadata are not present
+  (https://github.com/ansible-collections/community.general/pull/4351).
+- terraform - revert bugfix https://github.com/ansible-collections/community.general/pull/4281 that tried to fix ``variable`` handling to allow complex values. It turned out that this was breaking several valid use-cases (https://github.com/ansible-collections/community.general/issues/4367, https://github.com/ansible-collections/community.general/pull/4370).
+
+v4.6.0
+======
+
+Release Summary
+---------------
+
+Regular feature and bugfix release.
+
+Minor Changes
+-------------
+
+- jira - when creating a comment, ``fields`` now is used for additional data (https://github.com/ansible-collections/community.general/pull/4304).
+- ldap_entry - add support for recursive deletion (https://github.com/ansible-collections/community.general/issues/3613).
+- mksysb - revamped the module using ``ModuleHelper`` (https://github.com/ansible-collections/community.general/pull/3295).
+- nmcli - add missing connection aliases ``802-3-ethernet`` and ``802-11-wireless`` (https://github.com/ansible-collections/community.general/pull/4108).
+- nmcli - remove nmcli modify dependency on ``type`` parameter (https://github.com/ansible-collections/community.general/issues/2858).
+- npm - add ability to use ``production`` flag when ``ci`` is set (https://github.com/ansible-collections/community.general/pull/4299).
+- pacman - add ``remove_nosave`` parameter to avoid saving modified configuration files as ``.pacsave`` files. (https://github.com/ansible-collections/community.general/pull/4316, https://github.com/ansible-collections/community.general/issues/4315).
+- pacman - now implements proper change detection for ``update_cache=true``. Adds ``cache_updated`` return value to when ``update_cache=true`` to report this result independently of the module's overall changed return value (https://github.com/ansible-collections/community.general/pull/4337).
+- pipx - added options ``editable`` and ``pip_args`` (https://github.com/ansible-collections/community.general/issues/4300).
+- proxmox inventory plugin - add support for client-side jinja filters (https://github.com/ansible-collections/community.general/issues/3553).
+- redis - add authentication parameters ``login_user``, ``tls``, ``validate_certs``, and ``ca_certs`` (https://github.com/ansible-collections/community.general/pull/4207).
+- syslog_json - add option to skip logging of ``gather_facts`` playbook tasks; use v2 callback API (https://github.com/ansible-collections/community.general/pull/4223).
+- zypper - add support for ``--clean-deps`` option to remove packages that depend on a package being removed (https://github.com/ansible-collections/community.general/pull/4195).
+
+Deprecated Features
+-------------------
+
+- pacman - from community.general 5.0.0 on, the ``changed`` status of ``update_cache`` will no longer be ignored if ``name`` or ``upgrade`` is specified. To keep the old behavior, add something like ``register: result`` and ``changed_when: result.packages | length > 0`` to your task (https://github.com/ansible-collections/community.general/pull/4329).
+
+Bugfixes
+--------
+
+- filesize - add support for busybox dd implementation, that is used by default on Alpine linux (https://github.com/ansible-collections/community.general/pull/4288, https://github.com/ansible-collections/community.general/issues/4259).
+- linode inventory plugin - fix configuration handling relating to inventory filtering (https://github.com/ansible-collections/community.general/pull/4336).
+- mksysb - fixed bug for parameter ``backup_dmapi_fs`` was passing the wrong CLI argument (https://github.com/ansible-collections/community.general/pull/3295).
+- pacman - Use ``--groups`` instead of ``--group`` (https://github.com/ansible-collections/community.general/pull/4312).
+- pacman - fix URL based package installation (https://github.com/ansible-collections/community.general/pull/4286, https://github.com/ansible-collections/community.general/issues/4285).
+- pacman - fix ``upgrade=yes`` (https://github.com/ansible-collections/community.general/pull/4275, https://github.com/ansible-collections/community.general/issues/4274).
+- pacman - make sure that ``packages`` is always returned when ``name`` or ``upgrade`` is specified, also if nothing is done (https://github.com/ansible-collections/community.general/pull/4329).
+- pacman - when the ``update_cache`` option is combined with another option such as ``upgrade``, report ``changed`` based on the actions performed by the latter option. This was the behavior in community.general 4.4.0 and before. In community.general 4.5.0, a task combining these options would always report ``changed`` (https://github.com/ansible-collections/community.general/pull/4318).
+- proxmox inventory plugin - always convert strings that follow the ``key=value[,key=value[...]]`` form into dictionaries (https://github.com/ansible-collections/community.general/pull/4349).
+- proxmox inventory plugin - fixed the ``description`` field being ignored if it contained a comma (https://github.com/ansible-collections/community.general/issues/4348).
+- proxmox_kvm - fix error in check when creating or cloning (https://github.com/ansible-collections/community.general/pull/4306).
+- proxmox_kvm - fix error when checking whether Proxmox VM exists (https://github.com/ansible-collections/community.general/pull/4287).
+- terraform - fix ``variable`` handling to allow complex values (https://github.com/ansible-collections/community.general/pull/4281).
+
+Known Issues
+------------
+
+- pacman - ``update_cache`` cannot differentiate between up to date and outdated package lists and will report ``changed`` in both situations (https://github.com/ansible-collections/community.general/pull/4318).
+- pacman - binaries specified in the ``executable`` parameter must support ``--print-format`` in order to be used by this module. In particular, AUR helper ``yay`` is known not to currently support it (https://github.com/ansible-collections/community.general/pull/4312).
+
+v4.5.0
+======
+
+Release Summary
+---------------
+
+Regular feature and bugfix release.
+
+Minor Changes
+-------------
+
+- Avoid internal ansible-core module_utils in favor of equivalent public API available since at least Ansible 2.9. This fixes some instances added since the last time this was fixed (https://github.com/ansible-collections/community.general/pull/4232).
+- ansible_galaxy_install - added option ``no_deps`` to the module (https://github.com/ansible-collections/community.general/issues/4174).
+- gitlab_group_variable - new ``variables`` parameter (https://github.com/ansible-collections/community.general/pull/4038 and https://github.com/ansible-collections/community.general/issues/4074).
+- keycloak_* modules - added connection timeout parameter when calling server (https://github.com/ansible-collections/community.general/pull/4168).
+- linode inventory plugin - add support for caching inventory results (https://github.com/ansible-collections/community.general/pull/4179).
+- opentelemetry_plugin - enrich service when using the ``jenkins``, ``hetzner`` or ``jira`` modules (https://github.com/ansible-collections/community.general/pull/4105).
+- pacman - the module has been rewritten and is now much faster when using ``state=latest``. Operations are now done all packages at once instead of package per package and the configured output format of ``pacman`` no longer affect the module's operation. (https://github.com/ansible-collections/community.general/pull/3907, https://github.com/ansible-collections/community.general/issues/3783, https://github.com/ansible-collections/community.general/issues/4079)
+- passwordstore lookup plugin - add configurable ``lock`` and ``locktimeout`` options to avoid race conditions in itself and in the ``pass`` utility it calls. By default, the plugin now locks on write operations (https://github.com/ansible-collections/community.general/pull/4194).
+- proxmox modules - move common code into ``module_utils`` (https://github.com/ansible-collections/community.general/pull/4029).
+- proxmox_kvm - added EFI disk support when creating VM with OVMF UEFI BIOS with new ``efidisk0`` option (https://github.com/ansible-collections/community.general/pull/4106, https://github.com/ansible-collections/community.general/issues/1638).
+- proxmox_kwm - add ``win11`` to ``ostype`` parameter for Windows 11 and Windows Server 2022 support (https://github.com/ansible-collections/community.general/issues/4023, https://github.com/ansible-collections/community.general/pull/4191).
+
+Bugfixes
+--------
+
+- dconf - skip processes that disappeared while we inspected them (https://github.com/ansible-collections/community.general/issues/4151).
+- gitlab_group_variable - add missing documentation about GitLab versions that support ``environment_scope`` and ``variable_type`` (https://github.com/ansible-collections/community.general/pull/4038).
+- gitlab_group_variable - allow to set same variable name under different environment scopes. Due this change, the return value ``group_variable`` differs from previous version in check mode. It was counting ``updated`` values, because it was accidentally overwriting environment scopes (https://github.com/ansible-collections/community.general/pull/4038).
+- gitlab_group_variable - fix idempotent change behaviour for float and integer variables (https://github.com/ansible-collections/community.general/pull/4038).
+- gitlab_project_variable - ``value`` is not necessary when deleting variables (https://github.com/ansible-collections/community.general/pull/4150).
+- gitlab_runner - make ``project`` and ``owned`` mutually exclusive (https://github.com/ansible-collections/community.general/pull/4136).
+- homebrew_cask - fix force install operation (https://github.com/ansible-collections/community.general/issues/3703).
+- imc_rest - fixes the module failure due to the usage of ``itertools.izip_longest`` which is not available in Python 3 (https://github.com/ansible-collections/community.general/issues/4206).
+- ini_file - when removing nothing do not report changed (https://github.com/ansible-collections/community.general/issues/4154).
+- keycloak_user_federation - creating a user federation while specifying an ID (that does not exist yet) no longer fail with a 404 Not Found (https://github.com/ansible-collections/community.general/pull/4212).
+- keycloak_user_federation - mappers auto-created by keycloak are matched and merged by their name and no longer create duplicated entries (https://github.com/ansible-collections/community.general/pull/4212).
+- mail callback plugin - fix encoding of the name of sender and recipient (https://github.com/ansible-collections/community.general/issues/4060, https://github.com/ansible-collections/community.general/pull/4061).
+- passwordstore lookup plugin - fix error detection for non-English locales (https://github.com/ansible-collections/community.general/pull/4219).
+- passwordstore lookup plugin - prevent returning path names as passwords by accident (https://github.com/ansible-collections/community.general/issues/4185, https://github.com/ansible-collections/community.general/pull/4192).
+- vdo - fix options error (https://github.com/ansible-collections/community.general/pull/4163).
+- yum_versionlock - fix matching of existing entries with names passed to the module. Match yum and dnf lock format (https://github.com/ansible-collections/community.general/pull/4183).
+
+New Modules
+-----------
+
+Cloud
+~~~~~
+
+scaleway
+^^^^^^^^
+
+- scaleway_private_network - Scaleway private network management
+
+Storage
+~~~~~~~
+
+pmem
+^^^^
+
+- pmem - Configure Intel Optane Persistent Memory modules
+
+v4.4.0
+======
+
+Release Summary
+---------------
+
+Regular features and bugfixes release.
+
+Minor Changes
+-------------
+
+- cobbler inventory plugin - add ``include_profiles`` option (https://github.com/ansible-collections/community.general/pull/4068).
+- gitlab_project_variable - new ``variables`` parameter (https://github.com/ansible-collections/community.general/issues/4038).
+- icinga2 inventory plugin - implemented constructed interface (https://github.com/ansible-collections/community.general/pull/4088).
+- linode inventory plugin - allow templating of ``access_token`` variable in Linode inventory plugin (https://github.com/ansible-collections/community.general/pull/4040).
+- lists_mergeby filter plugin - add parameters ``list_merge`` and ``recursive``. These are only supported when used with ansible-base 2.10 or ansible-core, but not with Ansible 2.9 (https://github.com/ansible-collections/community.general/pull/4058).
+- lxc_container - added ``wait_for_container`` parameter. If ``true`` the module will wait until the running task reports success as the status (https://github.com/ansible-collections/community.general/pull/4039).
+- mail callback plugin - add ``Message-ID`` and ``Date`` headers (https://github.com/ansible-collections/community.general/issues/4055, https://github.com/ansible-collections/community.general/pull/4056).
+- mail callback plugin - properly use Ansible's option handling to split lists (https://github.com/ansible-collections/community.general/pull/4140).
+- nmcli - adds ``routes6`` and ``route_metric6`` parameters for supporting IPv6 routes (https://github.com/ansible-collections/community.general/issues/4059).
+- opennebula - add the release action for VMs in the ``HOLD`` state (https://github.com/ansible-collections/community.general/pull/4036).
+- opentelemetry_plugin - enrich service when using the ``docker_login`` (https://github.com/ansible-collections/community.general/pull/4104).
+- proxmox modules - move ``HAS_PROXMOXER`` check into ``module_utils`` (https://github.com/ansible-collections/community.general/pull/4030).
+- scaleway inventory plugin - add profile parameter ``scw_profile`` (https://github.com/ansible-collections/community.general/pull/4049).
+- snap - add option ``options`` permitting to set options using the ``snap set`` command (https://github.com/ansible-collections/community.general/pull/3943).
+
+Deprecated Features
+-------------------
+
+- mail callback plugin - not specifying ``sender`` is deprecated and will be disallowed in community.general 6.0.0 (https://github.com/ansible-collections/community.general/pull/4140).
+
+Bugfixes
+--------
+
+- cargo - fix detection of outdated packages when ``state=latest`` (https://github.com/ansible-collections/community.general/pull/4052).
+- cargo - fix incorrectly reported changed status for packages with a name containing a hyphen (https://github.com/ansible-collections/community.general/issues/4044, https://github.com/ansible-collections/community.general/pull/4052).
+- gitlab_project_variable - add missing documentation about GitLab versions that support ``environment_scope`` and ``variable_type`` (https://github.com/ansible-collections/community.general/issues/4038).
+- gitlab_project_variable - allow to set same variable name under different environment scopes. Due this change, the return value ``project_variable`` differs from previous version in check mode. It was counting ``updated`` values, because it was accidentally overwriting environment scopes (https://github.com/ansible-collections/community.general/issues/4038).
+- gitlab_project_variable - fix idempotent change behaviour for float and integer variables (https://github.com/ansible-collections/community.general/issues/4038).
+- gitlab_runner - use correct API endpoint to create and retrieve project level runners when using ``project`` (https://github.com/ansible-collections/community.general/pull/3965).
+- listen_ports_facts - local port regex was not handling well IPv6 only binding. Fixes the regex for ``ss`` (https://github.com/ansible-collections/community.general/pull/4092).
+- mail callback plugin - fix crash on Python 3 (https://github.com/ansible-collections/community.general/issues/4025, https://github.com/ansible-collections/community.general/pull/4026).
+- opentelemetry - fix generating a trace with a task containing ``no_log: true`` (https://github.com/ansible-collections/community.general/pull/4043).
+- python_requirements_info - store ``mismatched`` return values per package as documented in the module (https://github.com/ansible-collections/community.general/pull/4078).
+- yarn - fix incorrect handling of ``yarn list`` and ``yarn global list`` output that could result in fatal error (https://github.com/ansible-collections/community.general/pull/4050).
+- yarn - fix incorrectly reported status when installing a package globally (https://github.com/ansible-collections/community.general/issues/4045, https://github.com/ansible-collections/community.general/pull/4050).
+- yarn - fix missing ``~`` expansion in yarn global install folder which resulted in incorrect task status (https://github.com/ansible-collections/community.general/issues/4045, https://github.com/ansible-collections/community.general/pull/4048).
+
+New Modules
+-----------
+
+System
+~~~~~~
+
+- homectl - Manage user accounts with systemd-homed
+
+v4.3.0
+======
+
+Release Summary
+---------------
+
+Regular feature and bugfix release.
+
+Minor Changes
+-------------
+
+- ipa_dnszone - ``dynamicupdate`` is now a boolean parameter, instead of a string parameter accepting ``"true"`` and ``"false"``. Also the module is now idempotent with respect to ``dynamicupdate`` (https://github.com/ansible-collections/community.general/pull/3374).
+- ipa_dnszone - add DNS zone synchronization support (https://github.com/ansible-collections/community.general/pull/3374).
+- ipmi_power - add ``machine`` option to ensure the power state via the remote target address (https://github.com/ansible-collections/community.general/pull/3968).
+- mattermost - add the possibility to send attachments instead of text messages (https://github.com/ansible-collections/community.general/pull/3946).
+- nmcli - add ``wireguard`` connection type (https://github.com/ansible-collections/community.general/pull/3985).
+- proxmox - add ``clone`` parameter (https://github.com/ansible-collections/community.general/pull/3930).
+- puppet - remove deprecation for ``show_diff`` parameter. Its alias ``show-diff`` is still deprecated and will be removed in community.general 7.0.0 (https://github.com/ansible-collections/community.general/pull/3980).
+- scaleway_compute - add possibility to use project identifier (new ``project`` option) instead of deprecated organization identifier (https://github.com/ansible-collections/community.general/pull/3951).
+- scaleway_volume - all volumes are systematically created on par1 (https://github.com/ansible-collections/community.general/pull/3964).
+
+Bugfixes
+--------
+
+- Various modules and plugins - use vendored version of ``distutils.version`` instead of the deprecated Python standard library ``distutils`` (https://github.com/ansible-collections/community.general/pull/3936).
+- alternatives - fix output parsing for alternatives groups (https://github.com/ansible-collections/community.general/pull/3976).
+- jail connection plugin - replace deprecated ``distutils.spawn.find_executable`` with Ansible's ``get_bin_path`` to find the executable (https://github.com/ansible-collections/community.general/pull/3934).
+- lxd connection plugin - replace deprecated ``distutils.spawn.find_executable`` with Ansible's ``get_bin_path`` to find the ``lxc`` executable (https://github.com/ansible-collections/community.general/pull/3934).
+- passwordstore lookup plugin - replace deprecated ``distutils.util.strtobool`` with Ansible's ``convert_bool.boolean`` to interpret values for the ``create``, ``returnall``, ``overwrite``, 'backup``, and ``nosymbols`` options (https://github.com/ansible-collections/community.general/pull/3934).
+- say callback plugin - replace deprecated ``distutils.spawn.find_executable`` with Ansible's ``get_bin_path`` to find the ``say`` resp. ``espeak`` executables (https://github.com/ansible-collections/community.general/pull/3934).
+- scaleway_user_data - fix double-quote added where no double-quote is needed to user data in scaleway's server (``Content-type`` -> ``Content-Type``) (https://github.com/ansible-collections/community.general/pull/3940).
+- slack - add ``charset`` to HTTP headers to avoid Slack API warning (https://github.com/ansible-collections/community.general/issues/3932).
+- zone connection plugin - replace deprecated ``distutils.spawn.find_executable`` with Ansible's ``get_bin_path`` to find the executable (https://github.com/ansible-collections/community.general/pull/3934).
+
+New Plugins
+-----------
+
+Filter
+~~~~~~
+
+- counter - Counts hashable elements in a sequence
+
+New Modules
+-----------
+
+Identity
+~~~~~~~~
+
+keycloak
+^^^^^^^^
+
+- keycloak_realm_info - Allows obtaining Keycloak realm public information via Keycloak API
+
+Packaging
+~~~~~~~~~
+
+language
+^^^^^^^^
+
+- cargo - Manage Rust packages with cargo
+
+System
+~~~~~~
+
+- sudoers - Manage sudoers files
+
+v4.2.0
+======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Minor Changes
+-------------
+
+- aix_filesystem - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3833).
+- aix_lvg - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3834).
+- gitlab - add more token authentication support with the new options ``api_oauth_token`` and ``api_job_token`` (https://github.com/ansible-collections/community.general/issues/705).
+- gitlab_group, gitlab_project - add new option ``avatar_path`` (https://github.com/ansible-collections/community.general/pull/3792).
+- gitlab_project - add new option ``default_branch`` to gitlab_project (if ``readme = true``) (https://github.com/ansible-collections/community.general/pull/3792).
+- hponcfg - revamped module using ModuleHelper (https://github.com/ansible-collections/community.general/pull/3840).
+- icinga2 inventory plugin - added the ``display_name`` field to variables (https://github.com/ansible-collections/community.general/issues/3875, https://github.com/ansible-collections/community.general/pull/3906).
+- icinga2 inventory plugin - inventory object names are changable using ``inventory_attr`` in your config file to the host object name, address, or display_name fields (https://github.com/ansible-collections/community.general/issues/3875, https://github.com/ansible-collections/community.general/pull/3906).
+- ip_netns - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3822).
+- iso_extract - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3805).
+- java_cert - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3835).
+- jira - add support for Bearer token auth (https://github.com/ansible-collections/community.general/pull/3838).
+- keycloak_user_federation - add sssd user federation support (https://github.com/ansible-collections/community.general/issues/3767).
+- logentries - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3807).
+- logstash_plugin - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3808).
+- lxc_container - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3851).
+- lxd connection plugin - make sure that ``ansible_lxd_host``, ``ansible_executable``, and ``ansible_lxd_executable`` work (https://github.com/ansible-collections/community.general/pull/3798).
+- lxd inventory plugin - support virtual machines (https://github.com/ansible-collections/community.general/pull/3519).
+- module_helper module utils - added decorators ``check_mode_skip`` and ``check_mode_skip_returns`` for skipping methods when ``check_mode=True`` (https://github.com/ansible-collections/community.general/pull/3849).
+- monit - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3821).
+- nmcli - add multiple addresses support for ``ip6`` parameter (https://github.com/ansible-collections/community.general/issues/1088).
+- nmcli - add support for ``eui64`` and ``ipv6privacy`` parameters (https://github.com/ansible-collections/community.general/issues/3357).
+- python_requirements_info - returns python version broken down into its components, and some minor refactoring (https://github.com/ansible-collections/community.general/pull/3797).
+- svc - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3829).
+- xattr - calling ``run_command`` with arguments as ``list`` instead of ``str`` (https://github.com/ansible-collections/community.general/pull/3806).
+- xfconf - minor refactor on the base class for the module (https://github.com/ansible-collections/community.general/pull/3919).
+
+Deprecated Features
+-------------------
+
+- module_helper module utils - deprecated the attribute ``ModuleHelper.VarDict`` (https://github.com/ansible-collections/community.general/pull/3801).
+
+Bugfixes
+--------
+
+- icinga2 inventory plugin - handle 404 error when filter produces no results (https://github.com/ansible-collections/community.general/issues/3875, https://github.com/ansible-collections/community.general/pull/3906).
+- interfaces_file - fixed the check for existing option in interface (https://github.com/ansible-collections/community.general/issues/3841).
+- jira - fixed bug where module returns error related to dictionary key ``body`` (https://github.com/ansible-collections/community.general/issues/3419).
+- nmcli - fix returning "changed" when no mask set for IPv4 or IPv6 addresses on task rerun (https://github.com/ansible-collections/community.general/issues/3768).
+- nmcli - pass ``flags``, ``ingress``, ``egress`` params to ``nmcli`` (https://github.com/ansible-collections/community.general/issues/1086).
+- nrdp callback plugin - fix error ``string arguments without an encoding`` (https://github.com/ansible-collections/community.general/issues/3903).
+- opentelemetry_plugin - honour ``ignore_errors`` when a task has failed instead of reporting an error (https://github.com/ansible-collections/community.general/pull/3837).
+- pipx - passes the correct command line option ``--include-apps`` (https://github.com/ansible-collections/community.general/issues/3791).
+- proxmox - fixed ``onboot`` parameter causing module failures when undefined (https://github.com/ansible-collections/community.general/issues/3844).
+- python_requirements_info - fails if version operator used without version (https://github.com/ansible-collections/community.general/pull/3785).
+
+New Modules
+-----------
+
+Net Tools
+~~~~~~~~~
+
+- dnsimple_info - Pull basic info from DNSimple API
+
+Remote Management
+~~~~~~~~~~~~~~~~~
+
+redfish
+^^^^^^^
+
+- ilo_redfish_config - Sets or updates configuration attributes on HPE iLO with Redfish OEM extensions
+- ilo_redfish_info - Gathers server information through iLO using Redfish APIs
+
+Source Control
+~~~~~~~~~~~~~~
+
+gitlab
+^^^^^^
+
+- gitlab_branch - Create or delete a branch
+
 v4.1.0
 ======

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -24,7 +24,7 @@ Also, consider taking up a valuable, reviewed, but abandoned pull request which

 * Try committing your changes with an informative but short commit message.
 * Do not squash your commits and force-push to your branch if not needed. Reviews of your pull request are much easier with individual commits to comprehend the pull request history. All commits of your pull request branch will be squashed into one commit by GitHub upon merge.
-* Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the respository checkout.
+* Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the repository checkout.
 * Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/development_process.html#changelogs-how-to). (You must not include a fragment for new modules or new plugins, except for test and filter plugins. Also you shouldn't include one for docs-only changes. If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
 * Avoid reformatting unrelated parts of the codebase in your PR. These types of changes will likely be requested for reversion, create additional work for reviewers, and may cause approval to be delayed.

@@ -36,6 +36,54 @@ If you want to test a PR locally, refer to [our testing guide](https://github.co

 If you find any inconsistencies or places in this document which can be improved, feel free to raise an issue or pull request to fix it.

+## Run sanity, unit or integration tests locally
+
+You have to check out the repository into a specific path structure to be able to run `ansible-test`. The path to the git checkout must end with `.../ansible_collections/community/general`. Please see [our testing guide](https://github.com/ansible/community-docs/blob/main/test_pr_locally_guide.rst) for instructions on how to check out the repository into a correct path structure. The short version of these instructions is:
+
+```.bash
+mkdir -p ~/dev/ansible_collections/community
+git clone https://github.com/ansible-collections/community.general.git ~/dev/ansible_collections/community/general
+cd ~/dev/ansible_collections/community/general
+```
+
+Then you can run `ansible-test` (which is a part of [ansible-core](https://pypi.org/project/ansible-core/)) inside the checkout. The following example commands expect that you have installed Docker or Podman. Note that Podman has only been supported by more recent ansible-core releases. If you are using Docker, the following will work with Ansible 2.9+.
+
+The following commands show how to run sanity tests:
+
+```.bash
+# Run sanity tests for all files in the collection:
+ansible-test sanity --docker -v
+
+# Run sanity tests for the given files and directories:
+ansible-test sanity --docker -v plugins/modules/system/pids.py tests/integration/targets/pids/
+```
+
+The following commands show how to run unit tests:
+
+```.bash
+# Run all unit tests:
+ansible-test units --docker -v
+
+# Run all unit tests for one Python version (a lot faster):
+ansible-test units --docker -v --python 3.8
+
+# Run a specific unit test (for the nmcli module) for one Python version:
+ansible-test units --docker -v --python 3.8 tests/unit/plugins/modules/net_tools/test_nmcli.py
+```
+
+The following commands show how to run integration tests:
+
+```.bash
+# Run integration tests for the interfaces_files module in a Docker container using the
+# fedora35 operating system image (the supported images depend on your ansible-core version):
+ansible-test integration --docker fedora35 -v interfaces_file
+
+# Run integration tests for the flattened lookup **without any isolation**:
+ansible-test integration -v lookup_flattened
+```
+
+If you are unsure about the integration test target name for a module or plugin, you can take a look in `tests/integration/targets/`. Tests for plugins have the plugin type prepended.
+
 ## Creating new modules or plugins

 Creating new modules and plugins requires a bit more work than other Pull Requests.
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ If you encounter abusive behavior violating the [Ansible Code of Conduct](https:

 ## Tested with Ansible

-Tested with the current Ansible 2.9, ansible-base 2.10, ansible-core 2.11, ansible-core 2.12 releases and the current development version of ansible-core. Ansible versions before 2.9.10 are not supported.
+Tested with the current Ansible 2.9, ansible-base 2.10, ansible-core 2.11, ansible-core 2.12, ansible-core 2.13 releases and the current development version of ansible-core. Ansible versions before 2.9.10 are not supported.

 ## External requirements

--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@@ -1117,3 +1117,668 @@ releases:
        name: revbitspss
        namespace: null
    release_date: '2021-11-23'
+  4.2.0:
+    changes:
+      bugfixes:
+      - icinga2 inventory plugin - handle 404 error when filter produces no results
+        (https://github.com/ansible-collections/community.general/issues/3875, https://github.com/ansible-collections/community.general/pull/3906).
+      - interfaces_file - fixed the check for existing option in interface (https://github.com/ansible-collections/community.general/issues/3841).
+      - jira - fixed bug where module returns error related to dictionary key ``body``
+        (https://github.com/ansible-collections/community.general/issues/3419).
+      - nmcli - fix returning "changed" when no mask set for IPv4 or IPv6 addresses
+        on task rerun (https://github.com/ansible-collections/community.general/issues/3768).
+      - nmcli - pass ``flags``, ``ingress``, ``egress`` params to ``nmcli`` (https://github.com/ansible-collections/community.general/issues/1086).
+      - nrdp callback plugin - fix error ``string arguments without an encoding``
+        (https://github.com/ansible-collections/community.general/issues/3903).
+      - opentelemetry_plugin - honour ``ignore_errors`` when a task has failed instead
+        of reporting an error (https://github.com/ansible-collections/community.general/pull/3837).
+      - pipx - passes the correct command line option ``--include-apps`` (https://github.com/ansible-collections/community.general/issues/3791).
+      - proxmox - fixed ``onboot`` parameter causing module failures when undefined
+        (https://github.com/ansible-collections/community.general/issues/3844).
+      - python_requirements_info - fails if version operator used without version
+        (https://github.com/ansible-collections/community.general/pull/3785).
+      deprecated_features:
+      - module_helper module utils - deprecated the attribute ``ModuleHelper.VarDict``
+        (https://github.com/ansible-collections/community.general/pull/3801).
+      minor_changes:
+      - aix_filesystem - calling ``run_command`` with arguments as ``list`` instead
+        of ``str`` (https://github.com/ansible-collections/community.general/pull/3833).
+      - aix_lvg - calling ``run_command`` with arguments as ``list`` instead of ``str``
+        (https://github.com/ansible-collections/community.general/pull/3834).
+      - gitlab - add more token authentication support with the new options ``api_oauth_token``
+        and ``api_job_token`` (https://github.com/ansible-collections/community.general/issues/705).
+      - gitlab_group, gitlab_project - add new option ``avatar_path`` (https://github.com/ansible-collections/community.general/pull/3792).
+      - gitlab_project - add new option ``default_branch`` to gitlab_project (if ``readme
+        = true``) (https://github.com/ansible-collections/community.general/pull/3792).
+      - hponcfg - revamped module using ModuleHelper (https://github.com/ansible-collections/community.general/pull/3840).
+      - icinga2 inventory plugin - added the ``display_name`` field to variables (https://github.com/ansible-collections/community.general/issues/3875,
+        https://github.com/ansible-collections/community.general/pull/3906).
+      - icinga2 inventory plugin - inventory object names are changable using ``inventory_attr``
+        in your config file to the host object name, address, or display_name fields
+        (https://github.com/ansible-collections/community.general/issues/3875, https://github.com/ansible-collections/community.general/pull/3906).
+      - ip_netns - calling ``run_command`` with arguments as ``list`` instead of ``str``
+        (https://github.com/ansible-collections/community.general/pull/3822).
+      - iso_extract - calling ``run_command`` with arguments as ``list`` instead of
+        ``str`` (https://github.com/ansible-collections/community.general/pull/3805).
+      - java_cert - calling ``run_command`` with arguments as ``list`` instead of
+        ``str`` (https://github.com/ansible-collections/community.general/pull/3835).
+      - jira - add support for Bearer token auth (https://github.com/ansible-collections/community.general/pull/3838).
+      - keycloak_user_federation - add sssd user federation support (https://github.com/ansible-collections/community.general/issues/3767).
+      - logentries - calling ``run_command`` with arguments as ``list`` instead of
+        ``str`` (https://github.com/ansible-collections/community.general/pull/3807).
+      - logstash_plugin - calling ``run_command`` with arguments as ``list`` instead
+        of ``str`` (https://github.com/ansible-collections/community.general/pull/3808).
+      - lxc_container - calling ``run_command`` with arguments as ``list`` instead
+        of ``str`` (https://github.com/ansible-collections/community.general/pull/3851).
+      - lxd connection plugin - make sure that ``ansible_lxd_host``, ``ansible_executable``,
+        and ``ansible_lxd_executable`` work (https://github.com/ansible-collections/community.general/pull/3798).
+      - lxd inventory plugin - support virtual machines (https://github.com/ansible-collections/community.general/pull/3519).
+      - module_helper module utils - added decorators ``check_mode_skip`` and ``check_mode_skip_returns``
+        for skipping methods when ``check_mode=True`` (https://github.com/ansible-collections/community.general/pull/3849).
+      - monit - calling ``run_command`` with arguments as ``list`` instead of ``str``
+        (https://github.com/ansible-collections/community.general/pull/3821).
+      - nmcli - add multiple addresses support for ``ip6`` parameter (https://github.com/ansible-collections/community.general/issues/1088).
+      - nmcli - add support for ``eui64`` and ``ipv6privacy`` parameters (https://github.com/ansible-collections/community.general/issues/3357).
+      - python_requirements_info - returns python version broken down into its components,
+        and some minor refactoring (https://github.com/ansible-collections/community.general/pull/3797).
+      - svc - calling ``run_command`` with arguments as ``list`` instead of ``str``
+        (https://github.com/ansible-collections/community.general/pull/3829).
+      - xattr - calling ``run_command`` with arguments as ``list`` instead of ``str``
+        (https://github.com/ansible-collections/community.general/pull/3806).
+      - xfconf - minor refactor on the base class for the module (https://github.com/ansible-collections/community.general/pull/3919).
+      release_summary: Regular bugfix and feature release.
+    fragments:
+    - 1088-add_multiple_ipv6_address_support.yml
+    - 3357-nmcli-eui64-and-ipv6privacy.yml
+    - 3519-inventory-support-lxd-4.yml
+    - 3768-nmcli_fix_changed_when_no_mask_set.yml
+    - 3780-add-keycloak-sssd-user-federation.yml
+    - 3785-python_requirements_info-versionless-op.yaml
+    - 3792-improve_gitlab_group_and_project.yml
+    - 3797-python_requirements_info-improvements.yaml
+    - 3798-fix-lxd-connection-option-vars-support.yml
+    - 3800-pipx-include-apps.yaml
+    - 3801-mh-deprecate-vardict-attr.yaml
+    - 3805-iso_extract-run_command-list.yaml
+    - 3806-xattr-run_command-list.yaml
+    - 3807-logentries-run_command-list.yaml
+    - 3808-logstash_plugin-run_command-list.yaml
+    - 3821-monit-run-list.yaml
+    - 3822-ip_netns-run-list.yaml
+    - 3829-svc-run-list.yaml
+    - 3833-aix_filesystem-run-list.yaml
+    - 3834-aix-lvg-run-list.yaml
+    - 3835-java-cert-run-list.yaml
+    - 3837-opentelemetry_plugin-honour_ignore_errors.yaml
+    - 3838-jira-token.yaml
+    - 3840-hponcfg-mh-revamp.yaml
+    - 3849-mh-check-mode-decos.yaml
+    - 3851-lxc-container-run-list.yaml
+    - 3862-interfaces-file-fix-dup-option.yaml
+    - 3867-jira-fix-body.yaml
+    - 3874-proxmox-fix-onboot-param.yml
+    - 3875-icinga2-inv-fix.yml
+    - 3896-nmcli_vlan_missing_options.yaml
+    - 3909-nrdp_fix_string_args_without_encoding.yaml
+    - 3919-xfconf-baseclass.yaml
+    - 4.2.0.yml
+    - 705-gitlab-auth-support.yml
+    modules:
+    - description: Pull basic info from DNSimple API
+      name: dnsimple_info
+      namespace: net_tools
+    - description: Create or delete a branch
+      name: gitlab_branch
+      namespace: source_control.gitlab
+    - description: Sets or updates configuration attributes on HPE iLO with Redfish
+        OEM extensions
+      name: ilo_redfish_config
+      namespace: remote_management.redfish
+    - description: Gathers server information through iLO using Redfish APIs
+      name: ilo_redfish_info
+      namespace: remote_management.redfish
+    release_date: '2021-12-21'
+  4.3.0:
+    changes:
+      bugfixes:
+      - Various modules and plugins - use vendored version of ``distutils.version``
+        instead of the deprecated Python standard library ``distutils`` (https://github.com/ansible-collections/community.general/pull/3936).
+      - alternatives - fix output parsing for alternatives groups (https://github.com/ansible-collections/community.general/pull/3976).
+      - jail connection plugin - replace deprecated ``distutils.spawn.find_executable``
+        with Ansible's ``get_bin_path`` to find the executable (https://github.com/ansible-collections/community.general/pull/3934).
+      - lxd connection plugin - replace deprecated ``distutils.spawn.find_executable``
+        with Ansible's ``get_bin_path`` to find the ``lxc`` executable (https://github.com/ansible-collections/community.general/pull/3934).
+      - passwordstore lookup plugin - replace deprecated ``distutils.util.strtobool``
+        with Ansible's ``convert_bool.boolean`` to interpret values for the ``create``,
+        ``returnall``, ``overwrite``, 'backup``, and ``nosymbols`` options (https://github.com/ansible-collections/community.general/pull/3934).
+      - say callback plugin - replace deprecated ``distutils.spawn.find_executable``
+        with Ansible's ``get_bin_path`` to find the ``say`` resp. ``espeak`` executables
+        (https://github.com/ansible-collections/community.general/pull/3934).
+      - scaleway_user_data - fix double-quote added where no double-quote is needed
+        to user data in scaleway's server (``Content-type`` -> ``Content-Type``) (https://github.com/ansible-collections/community.general/pull/3940).
+      - slack - add ``charset`` to HTTP headers to avoid Slack API warning (https://github.com/ansible-collections/community.general/issues/3932).
+      - zone connection plugin - replace deprecated ``distutils.spawn.find_executable``
+        with Ansible's ``get_bin_path`` to find the executable (https://github.com/ansible-collections/community.general/pull/3934).
+      minor_changes:
+      - ipa_dnszone - ``dynamicupdate`` is now a boolean parameter, instead of a string
+        parameter accepting ``"true"`` and ``"false"``. Also the module is now idempotent
+        with respect to ``dynamicupdate`` (https://github.com/ansible-collections/community.general/pull/3374).
+      - ipa_dnszone - add DNS zone synchronization support (https://github.com/ansible-collections/community.general/pull/3374).
+      - ipmi_power - add ``machine`` option to ensure the power state via the remote
+        target address (https://github.com/ansible-collections/community.general/pull/3968).
+      - mattermost - add the possibility to send attachments instead of text messages
+        (https://github.com/ansible-collections/community.general/pull/3946).
+      - nmcli - add ``wireguard`` connection type (https://github.com/ansible-collections/community.general/pull/3985).
+      - proxmox - add ``clone`` parameter (https://github.com/ansible-collections/community.general/pull/3930).
+      - puppet - remove deprecation for ``show_diff`` parameter. Its alias ``show-diff``
+        is still deprecated and will be removed in community.general 7.0.0 (https://github.com/ansible-collections/community.general/pull/3980).
+      - scaleway_compute - add possibility to use project identifier (new ``project``
+        option) instead of deprecated organization identifier (https://github.com/ansible-collections/community.general/pull/3951).
+      - scaleway_volume - all volumes are systematically created on par1 (https://github.com/ansible-collections/community.general/pull/3964).
+      release_summary: Regular feature and bugfix release.
+    fragments:
+    - 3374-add-ipa-ptr-sync-support.yml
+    - 3921-add-counter-filter-plugin.yml
+    - 3930-proxmox-add-clone.yaml
+    - 3933-slack-charset-header.yaml
+    - 3934-distutils.yml
+    - 3936-distutils.version.yml
+    - 3940_fix_contenttype_scaleway_user_data.yml
+    - 3946-mattermost_attachments.yml
+    - 3951-scaleway_compute_add_project_id.yml
+    - 3964-scaleway_volume_add_region.yml
+    - 3968-ipmi_power-add-machine-option.yaml
+    - 3976-fix-alternatives-parsing.yml
+    - 3980-puppet-show_diff.yml
+    - 3985-nmcli-add-wireguard-connection-type.yml
+    - 4.3.0.yml
+    modules:
+    - description: Manage Rust packages with cargo
+      name: cargo
+      namespace: packaging.language
+    - description: Allows obtaining Keycloak realm public information via Keycloak
+        API
+      name: keycloak_realm_info
+      namespace: identity.keycloak
+    - description: Manage sudoers files
+      name: sudoers
+      namespace: system
+    plugins:
+      filter:
+      - description: Counts hashable elements in a sequence
+        name: counter
+        namespace: null
+    release_date: '2022-01-11'
+  4.4.0:
+    changes:
+      bugfixes:
+      - cargo - fix detection of outdated packages when ``state=latest`` (https://github.com/ansible-collections/community.general/pull/4052).
+      - cargo - fix incorrectly reported changed status for packages with a name containing
+        a hyphen (https://github.com/ansible-collections/community.general/issues/4044,
+        https://github.com/ansible-collections/community.general/pull/4052).
+      - gitlab_project_variable - add missing documentation about GitLab versions
+        that support ``environment_scope`` and ``variable_type`` (https://github.com/ansible-collections/community.general/issues/4038).
+      - 'gitlab_project_variable - allow to set same variable name under different
+        environment scopes. Due this change, the return value ``project_variable``
+        differs from previous version in check mode. It was counting ``updated`` values,
+        because it was accidentally overwriting environment scopes (https://github.com/ansible-collections/community.general/issues/4038).
+
+        '
+      - gitlab_project_variable - fix idempotent change behaviour for float and integer
+        variables (https://github.com/ansible-collections/community.general/issues/4038).
+      - gitlab_runner - use correct API endpoint to create and retrieve project level
+        runners when using ``project`` (https://github.com/ansible-collections/community.general/pull/3965).
+      - listen_ports_facts - local port regex was not handling well IPv6 only binding.
+        Fixes the regex for ``ss`` (https://github.com/ansible-collections/community.general/pull/4092).
+      - mail callback plugin - fix crash on Python 3 (https://github.com/ansible-collections/community.general/issues/4025,
+        https://github.com/ansible-collections/community.general/pull/4026).
+      - 'opentelemetry - fix generating a trace with a task containing ``no_log: true``
+        (https://github.com/ansible-collections/community.general/pull/4043).'
+      - python_requirements_info - store ``mismatched`` return values per package
+        as documented in the module (https://github.com/ansible-collections/community.general/pull/4078).
+      - yarn - fix incorrect handling of ``yarn list`` and ``yarn global list`` output
+        that could result in fatal error (https://github.com/ansible-collections/community.general/pull/4050).
+      - yarn - fix incorrectly reported status when installing a package globally
+        (https://github.com/ansible-collections/community.general/issues/4045, https://github.com/ansible-collections/community.general/pull/4050).
+      - yarn - fix missing ``~`` expansion in yarn global install folder which resulted
+        in incorrect task status (https://github.com/ansible-collections/community.general/issues/4045,
+        https://github.com/ansible-collections/community.general/pull/4048).
+      deprecated_features:
+      - mail callback plugin - not specifying ``sender`` is deprecated and will be
+        disallowed in community.general 6.0.0 (https://github.com/ansible-collections/community.general/pull/4140).
+      minor_changes:
+      - cobbler inventory plugin - add ``include_profiles`` option (https://github.com/ansible-collections/community.general/pull/4068).
+      - gitlab_project_variable - new ``variables`` parameter (https://github.com/ansible-collections/community.general/issues/4038).
+      - icinga2 inventory plugin - implemented constructed interface (https://github.com/ansible-collections/community.general/pull/4088).
+      - linode inventory plugin - allow templating of ``access_token`` variable in
+        Linode inventory plugin (https://github.com/ansible-collections/community.general/pull/4040).
+      - lists_mergeby filter plugin - add parameters ``list_merge`` and ``recursive``.
+        These are only supported when used with ansible-base 2.10 or ansible-core,
+        but not with Ansible 2.9 (https://github.com/ansible-collections/community.general/pull/4058).
+      - lxc_container - added ``wait_for_container`` parameter. If ``true`` the module
+        will wait until the running task reports success as the status (https://github.com/ansible-collections/community.general/pull/4039).
+      - mail callback plugin - add ``Message-ID`` and ``Date`` headers (https://github.com/ansible-collections/community.general/issues/4055,
+        https://github.com/ansible-collections/community.general/pull/4056).
+      - mail callback plugin - properly use Ansible's option handling to split lists
+        (https://github.com/ansible-collections/community.general/pull/4140).
+      - nmcli - adds ``routes6`` and ``route_metric6`` parameters for supporting IPv6
+        routes (https://github.com/ansible-collections/community.general/issues/4059).
+      - opennebula - add the release action for VMs in the ``HOLD`` state (https://github.com/ansible-collections/community.general/pull/4036).
+      - opentelemetry_plugin - enrich service when using the ``docker_login`` (https://github.com/ansible-collections/community.general/pull/4104).
+      - proxmox modules - move ``HAS_PROXMOXER`` check into ``module_utils`` (https://github.com/ansible-collections/community.general/pull/4030).
+      - scaleway inventory plugin - add profile parameter ``scw_profile`` (https://github.com/ansible-collections/community.general/pull/4049).
+      - snap - add option ``options`` permitting to set options using the ``snap set``
+        command (https://github.com/ansible-collections/community.general/pull/3943).
+      release_summary: Regular features and bugfixes release.
+    fragments:
+    - 3935-use-gitlab-instance-runner-to-create-runner.yml
+    - 3943-add-option-options-to-snap-module.yml
+    - 4.4.0.yml
+    - 4026-fix-mail-callback.yml
+    - 4030-proxmox-has-proxmoxer.yml
+    - 4036-onevm-add-release-action.yaml
+    - 4038-fix-and-rework-gitlb-project-variable.yml
+    - 4039-cluster-container-wait.yml
+    - 4040-linode-token-templating.yaml
+    - 4043-fix-no-log-opentelemetry.yml
+    - 4048-expand-tilde-in-yarn-global-install-folder.yaml
+    - 4049-profile-for-scaleway-inventory.yml
+    - 4050-properly-parse-json-lines-output-from-yarn.yaml
+    - 4052-fix-detection-of-installed-cargo-packages-with-hyphens.yaml
+    - 4056-add-missing-mail-headers.yml
+    - 4058-lists_mergeby-add-parameters.yml
+    - 4062-nmcli-ipv6-routes-support.yml
+    - 4068-add-include_file-option.yml
+    - 4078-python_requirements_info.yaml
+    - 4088-add-constructed-interface-for-icinga2-inventory.yml
+    - 4092-fix_local_ports_regex_listen_ports_facts.yaml
+    - 4104-opentelemetry_plugin-enrich_docker_login.yaml
+    - 4140-mail-callback-options.yml
+    modules:
+    - description: Manage user accounts with systemd-homed
+      name: homectl
+      namespace: system
+    release_date: '2022-02-01'
+  4.5.0:
+    changes:
+      bugfixes:
+      - dconf - skip processes that disappeared while we inspected them (https://github.com/ansible-collections/community.general/issues/4151).
+      - gitlab_group_variable - add missing documentation about GitLab versions that
+        support ``environment_scope`` and ``variable_type`` (https://github.com/ansible-collections/community.general/pull/4038).
+      - 'gitlab_group_variable - allow to set same variable name under different environment
+        scopes. Due this change, the return value ``group_variable`` differs from
+        previous version in check mode. It was counting ``updated`` values, because
+        it was accidentally overwriting environment scopes (https://github.com/ansible-collections/community.general/pull/4038).
+
+        '
+      - gitlab_group_variable - fix idempotent change behaviour for float and integer
+        variables (https://github.com/ansible-collections/community.general/pull/4038).
+      - gitlab_project_variable - ``value`` is not necessary when deleting variables
+        (https://github.com/ansible-collections/community.general/pull/4150).
+      - gitlab_runner - make ``project`` and ``owned`` mutually exclusive (https://github.com/ansible-collections/community.general/pull/4136).
+      - homebrew_cask - fix force install operation (https://github.com/ansible-collections/community.general/issues/3703).
+      - imc_rest - fixes the module failure due to the usage of ``itertools.izip_longest``
+        which is not available in Python 3 (https://github.com/ansible-collections/community.general/issues/4206).
+      - ini_file - when removing nothing do not report changed (https://github.com/ansible-collections/community.general/issues/4154).
+      - keycloak_user_federation - creating a user federation while specifying an
+        ID (that does not exist yet) no longer fail with a 404 Not Found (https://github.com/ansible-collections/community.general/pull/4212).
+      - keycloak_user_federation - mappers auto-created by keycloak are matched and
+        merged by their name and no longer create duplicated entries (https://github.com/ansible-collections/community.general/pull/4212).
+      - mail callback plugin - fix encoding of the name of sender and recipient (https://github.com/ansible-collections/community.general/issues/4060,
+        https://github.com/ansible-collections/community.general/pull/4061).
+      - passwordstore lookup plugin - fix error detection for non-English locales
+        (https://github.com/ansible-collections/community.general/pull/4219).
+      - passwordstore lookup plugin - prevent returning path names as passwords by
+        accident (https://github.com/ansible-collections/community.general/issues/4185,
+        https://github.com/ansible-collections/community.general/pull/4192).
+      - vdo - fix options error (https://github.com/ansible-collections/community.general/pull/4163).
+      - yum_versionlock - fix matching of existing entries with names passed to the
+        module. Match yum and dnf lock format (https://github.com/ansible-collections/community.general/pull/4183).
+      minor_changes:
+      - Avoid internal ansible-core module_utils in favor of equivalent public API
+        available since at least Ansible 2.9. This fixes some instances added since
+        the last time this was fixed (https://github.com/ansible-collections/community.general/pull/4232).
+      - ansible_galaxy_install - added option ``no_deps`` to the module (https://github.com/ansible-collections/community.general/issues/4174).
+      - gitlab_group_variable - new ``variables`` parameter (https://github.com/ansible-collections/community.general/pull/4038
+        and https://github.com/ansible-collections/community.general/issues/4074).
+      - keycloak_* modules - added connection timeout parameter when calling server
+        (https://github.com/ansible-collections/community.general/pull/4168).
+      - linode inventory plugin - add support for caching inventory results (https://github.com/ansible-collections/community.general/pull/4179).
+      - opentelemetry_plugin - enrich service when using the ``jenkins``, ``hetzner``
+        or ``jira`` modules (https://github.com/ansible-collections/community.general/pull/4105).
+      - pacman - the module has been rewritten and is now much faster when using ``state=latest``.
+        Operations are now done all packages at once instead of package per package
+        and the configured output format of ``pacman`` no longer affect the module's
+        operation. (https://github.com/ansible-collections/community.general/pull/3907,
+        https://github.com/ansible-collections/community.general/issues/3783, https://github.com/ansible-collections/community.general/issues/4079)
+      - passwordstore lookup plugin - add configurable ``lock`` and ``locktimeout``
+        options to avoid race conditions in itself and in the ``pass`` utility it
+        calls. By default, the plugin now locks on write operations (https://github.com/ansible-collections/community.general/pull/4194).
+      - proxmox modules - move common code into ``module_utils`` (https://github.com/ansible-collections/community.general/pull/4029).
+      - proxmox_kvm - added EFI disk support when creating VM with OVMF UEFI BIOS
+        with new ``efidisk0`` option (https://github.com/ansible-collections/community.general/pull/4106,
+        https://github.com/ansible-collections/community.general/issues/1638).
+      - proxmox_kwm - add ``win11`` to ``ostype`` parameter for Windows 11 and Windows
+        Server 2022 support (https://github.com/ansible-collections/community.general/issues/4023,
+        https://github.com/ansible-collections/community.general/pull/4191).
+      release_summary: Regular feature and bugfix release.
+    fragments:
+    - 3703-force-install-homebrew-cask.yml
+    - 3907-pacman-speedup.yml
+    - 3916-fix-vdo-options-type.yml
+    - 4.5.0.yml
+    - 4029-proxmox-refactor.yml
+    - 4061-fix-mail-recipient-encoding.yml
+    - 4086-rework_of_gitlab_proyect_variable_over_gitlab_group_variable.yml
+    - 4105-opentelemetry_plugin-enrich_jira_hetzner_jenkins_services.yaml
+    - 4106-proxmox-efidisk0-support.yaml
+    - 4136-gitlab_runner-make-project-owned-mutually-exclusive.yml
+    - 4150-gitlab-project-variable-absent-fix.yml
+    - 4151-dconf-catch-psutil-nosuchprocess.yaml
+    - 4154-ini_file_changed.yml
+    - 4168-add-keycloak-url-timeout.yml
+    - 4179-linode-inventory-cache.yaml
+    - 4183-fix-yum_versionlock.yaml
+    - 4191-proxmox-add-win11.yml
+    - 4192-improve-passwordstore-consistency.yml
+    - 4194-configurable-passwordstore-locking.yml
+    - 4206-imc-rest-module.yaml
+    - 4212-fixes-for-keycloak-user-federation.yml
+    - 4219-passwordstore-locale-fix.yml
+    - 4232-text-converter-import.yml
+    - 4240-ansible_galaxy_install-no_deps.yml
+    modules:
+    - description: Configure Intel Optane Persistent Memory modules
+      name: pmem
+      namespace: storage.pmem
+    - description: Scaleway private network management
+      name: scaleway_private_network
+      namespace: cloud.scaleway
+    release_date: '2022-02-22'
+  4.6.0:
+    changes:
+      bugfixes:
+      - filesize - add support for busybox dd implementation, that is used by default
+        on Alpine linux (https://github.com/ansible-collections/community.general/pull/4288,
+        https://github.com/ansible-collections/community.general/issues/4259).
+      - linode inventory plugin - fix configuration handling relating to inventory
+        filtering (https://github.com/ansible-collections/community.general/pull/4336).
+      - mksysb - fixed bug for parameter ``backup_dmapi_fs`` was passing the wrong
+        CLI argument (https://github.com/ansible-collections/community.general/pull/3295).
+      - pacman - Use ``--groups`` instead of ``--group`` (https://github.com/ansible-collections/community.general/pull/4312).
+      - pacman - fix URL based package installation (https://github.com/ansible-collections/community.general/pull/4286,
+        https://github.com/ansible-collections/community.general/issues/4285).
+      - pacman - fix ``upgrade=yes`` (https://github.com/ansible-collections/community.general/pull/4275,
+        https://github.com/ansible-collections/community.general/issues/4274).
+      - pacman - make sure that ``packages`` is always returned when ``name`` or ``upgrade``
+        is specified, also if nothing is done (https://github.com/ansible-collections/community.general/pull/4329).
+      - pacman - when the ``update_cache`` option is combined with another option
+        such as ``upgrade``, report ``changed`` based on the actions performed by
+        the latter option. This was the behavior in community.general 4.4.0 and before.
+        In community.general 4.5.0, a task combining these options would always report
+        ``changed`` (https://github.com/ansible-collections/community.general/pull/4318).
+      - proxmox inventory plugin - always convert strings that follow the ``key=value[,key=value[...]]``
+        form into dictionaries (https://github.com/ansible-collections/community.general/pull/4349).
+      - proxmox inventory plugin - fixed the ``description`` field being ignored if
+        it contained a comma (https://github.com/ansible-collections/community.general/issues/4348).
+      - proxmox_kvm - fix error in check when creating or cloning (https://github.com/ansible-collections/community.general/pull/4306).
+      - proxmox_kvm - fix error when checking whether Proxmox VM exists (https://github.com/ansible-collections/community.general/pull/4287).
+      - terraform - fix ``variable`` handling to allow complex values (https://github.com/ansible-collections/community.general/pull/4281).
+      deprecated_features:
+      - 'pacman - from community.general 5.0.0 on, the ``changed`` status of ``update_cache``
+        will no longer be ignored if ``name`` or ``upgrade`` is specified. To keep
+        the old behavior, add something like ``register: result`` and ``changed_when:
+        result.packages | length > 0`` to your task (https://github.com/ansible-collections/community.general/pull/4329).'
+      known_issues:
+      - pacman - ``update_cache`` cannot differentiate between up to date and outdated
+        package lists and will report ``changed`` in both situations (https://github.com/ansible-collections/community.general/pull/4318).
+      - pacman - binaries specified in the ``executable`` parameter must support ``--print-format``
+        in order to be used by this module. In particular, AUR helper ``yay`` is known
+        not to currently support it (https://github.com/ansible-collections/community.general/pull/4312).
+      minor_changes:
+      - jira - when creating a comment, ``fields`` now is used for additional data
+        (https://github.com/ansible-collections/community.general/pull/4304).
+      - ldap_entry - add support for recursive deletion (https://github.com/ansible-collections/community.general/issues/3613).
+      - mksysb - revamped the module using ``ModuleHelper`` (https://github.com/ansible-collections/community.general/pull/3295).
+      - nmcli - add missing connection aliases ``802-3-ethernet`` and ``802-11-wireless``
+        (https://github.com/ansible-collections/community.general/pull/4108).
+      - nmcli - remove nmcli modify dependency on ``type`` parameter (https://github.com/ansible-collections/community.general/issues/2858).
+      - npm - add ability to use ``production`` flag when ``ci`` is set (https://github.com/ansible-collections/community.general/pull/4299).
+      - pacman - add ``remove_nosave`` parameter to avoid saving modified configuration
+        files as ``.pacsave`` files. (https://github.com/ansible-collections/community.general/pull/4316,
+        https://github.com/ansible-collections/community.general/issues/4315).
+      - pacman - now implements proper change detection for ``update_cache=true``.
+        Adds ``cache_updated`` return value to when ``update_cache=true`` to report
+        this result independently of the module's overall changed return value (https://github.com/ansible-collections/community.general/pull/4337).
+      - pipx - added options ``editable`` and ``pip_args`` (https://github.com/ansible-collections/community.general/issues/4300).
+      - proxmox inventory plugin - add support for client-side jinja filters (https://github.com/ansible-collections/community.general/issues/3553).
+      - redis - add authentication parameters ``login_user``, ``tls``, ``validate_certs``,
+        and ``ca_certs`` (https://github.com/ansible-collections/community.general/pull/4207).
+      - syslog_json - add option to skip logging of ``gather_facts`` playbook tasks;
+        use v2 callback API (https://github.com/ansible-collections/community.general/pull/4223).
+      - zypper - add support for ``--clean-deps`` option to remove packages that depend
+        on a package being removed (https://github.com/ansible-collections/community.general/pull/4195).
+      release_summary: Regular feature and bugfix release.
+    fragments:
+    - 3295-mksysb-revamp.yaml
+    - 4.6.0.yml
+    - 4108-nmcli-support-modifcation-without-type-param.yml
+    - 4192-zypper-add-clean-deps.yml
+    - 4207-add-redis-tls-support.yml
+    - 4223-syslog-json-skip-syslog-option.yml
+    - 4275-pacman-sysupgrade.yml
+    - 4281-terraform-complex-variables.yml
+    - 4286-pacman-url-pkgs.yml
+    - 4287-fix-proxmox-vm-chek.yml
+    - 4288-fix-4259-support-busybox-dd.yml
+    - 4299-npm-add-production-with-ci-flag.yml
+    - 4303-pipx-editable.yml
+    - 4304-jira-fields-in-comment.yml
+    - 4306-proxmox-fix-error-on-vm-clone.yml
+    - 4312-pacman-groups.yml
+    - 4316-pacman-remove-nosave.yml
+    - 4318-pacman-restore-old-changed-behavior.yml
+    - 4330-pacman-packages-update_cache.yml
+    - 4336-linode-inventory-filtering.yaml
+    - 4337-pacman-update_cache.yml
+    - 4349-proxmox-inventory-dict-facts.yml
+    - 4352-proxmox-inventory-filters.yml
+    - 4355-ldap-recursive-delete.yml
+    release_date: '2022-03-15'
+  4.6.1:
+    changes:
+      bugfixes:
+      - 'lxd inventory plugin - do not crash if OS and release metadata are not present
+
+        (https://github.com/ansible-collections/community.general/pull/4351).
+
+        '
+      - terraform - revert bugfix https://github.com/ansible-collections/community.general/pull/4281
+        that tried to fix ``variable`` handling to allow complex values. It turned
+        out that this was breaking several valid use-cases (https://github.com/ansible-collections/community.general/issues/4367,
+        https://github.com/ansible-collections/community.general/pull/4370).
+      release_summary: Extraordinary bugfix release to fix a breaking change in ``terraform``.
+    fragments:
+    - 4.6.1.yml
+    - 4351-inventory-lxd-handling_metadata_wo_os_and_release.yml
+    - 4368-reverts-4281.yml
+    release_date: '2022-03-16'
+  4.7.0:
+    changes:
+      bugfixes:
+      - dsv lookup plugin - raise an Ansible error if the wrong ``python-dsv-sdk``
+        version is installed (https://github.com/ansible-collections/community.general/pull/4422).
+      - keycloak_* - the documented ``validate_certs`` parameter was not taken into
+        account when calling the ``open_url`` function in some cases, thus enforcing
+        certificate validation even when ``validate_certs`` was set to ``false``.
+        (https://github.com/ansible-collections/community.general/pull/4382)
+      - nmcli - fix returning "changed" when routes parameters set, also suggest new
+        routes4 and routes6 format (https://github.com/ansible-collections/community.general/issues/4131).
+      - proxmox inventory plugin - fixed the ``tags_parsed`` field when Proxmox returns
+        a single space for the ``tags`` entry (https://github.com/ansible-collections/community.general/pull/4378).
+      - zypper - fixed bug that caused zypper to always report [ok] and do nothing
+        on ``state=present`` when all packages in ``name`` had a version specification
+        (https://github.com/ansible-collections/community.general/issues/4371, https://github.com/ansible-collections/community.general/pull/4421).
+      minor_changes:
+      - ipa_service - add ``skip_host_check`` parameter. (https://github.com/ansible-collections/community.general/pull/4417).
+      - keycloak_client - add ``always_display_in_console`` parameter (https://github.com/ansible-collections/community.general/issues/4390).
+      - keycloak_client - add ``default_client_scopes`` and ``optional_client_scopes``
+        parameters. (https://github.com/ansible-collections/community.general/pull/4385).
+      - proxmox inventory plugin - add support for templating the ``url``, ``user``,
+        and ``password`` options (https://github.com/ansible-collections/community.general/pull/4418).
+      - sudoers - add support for ``runas`` parameter (https://github.com/ansible-collections/community.general/issues/4379).
+      release_summary: Regular bugfix and feature release.
+    fragments:
+    - 4.7.0.yml
+    - 4131-nmcli_fix_reports_changed_for_routes4_parameter.yml
+    - 4378-proxmox-inventory-tags.yml
+    - 4380-sudoers-runas-parameter.yml
+    - 4382-keycloak-add-missing-validate_certs-parameters.yml
+    - 4385-keycloak-client-default-optional-scopes.yml
+    - 4386-proxmox-support-templating-in-inventory-file.yml
+    - 4417-ipa_service-add-skip_host_check.yml
+    - 4421-zypper_package_version_handling_fix.yml
+    - 4422-warn-user-if-incorrect-SDK-version-is-installed.yaml
+    - 4429-keycloak-client-add-always-display-in-console.yml
+    release_date: '2022-04-05'
+  4.8.0:
+    changes:
+      bugfixes:
+      - dnsmadeeasy - fix failure on deleting DNS entries when API response does not
+        contain monitor value (https://github.com/ansible-collections/community.general/issues/3620).
+      - git_branch - remove deprecated and unnecessary branch ``unprotect`` method
+        (https://github.com/ansible-collections/community.general/pull/4496).
+      - 'gitlab_group - improve searching for projects inside group on deletion (https://github.com/ansible-collections/community.general/pull/4491).
+
+        '
+      - 'gitlab_group_members - handle more than 20 groups when finding a group (https://github.com/ansible-collections/community.general/pull/4491,
+        https://github.com/ansible-collections/community.general/issues/4460, https://github.com/ansible-collections/community.general/issues/3729).
+
+        '
+      - 'gitlab_hook - handle more than 20 hooks when finding a hook (https://github.com/ansible-collections/community.general/pull/4491).
+
+        '
+      - 'gitlab_project - handle more than 20 namespaces when finding a namespace
+        (https://github.com/ansible-collections/community.general/pull/4491).
+
+        '
+      - 'gitlab_project_members - handle more than 20 projects and users when finding
+        a project resp. user (https://github.com/ansible-collections/community.general/pull/4491).
+
+        '
+      - 'gitlab_user - handle more than 20 users and SSH keys when finding a user
+        resp. SSH key (https://github.com/ansible-collections/community.general/pull/4491).
+
+        '
+      - keycloak - fix parameters types for ``defaultDefaultClientScopes`` and ``defaultOptionalClientScopes``
+        from list of dictionaries to list of strings (https://github.com/ansible-collections/community.general/pull/4526).
+      - opennebula inventory plugin - complete the implementation of ``constructable``
+        for opennebula inventory plugin. Now ``keyed_groups``, ``compose``, ``groups``
+        actually work (https://github.com/ansible-collections/community.general/issues/4497).
+      - pacman - fixed bug where ``absent`` state did not work for locally installed
+        packages (https://github.com/ansible-collections/community.general/pull/4464).
+      - pritunl - fixed bug where pritunl plugin api add unneeded data in ``auth_string``
+        parameter (https://github.com/ansible-collections/community.general/issues/4527).
+      - proxmox inventory plugin - fix error when parsing container with LXC configs
+        (https://github.com/ansible-collections/community.general/issues/4472, https://github.com/ansible-collections/community.general/pull/4472).
+      - proxmox_kvm - fix a bug when getting a state of VM without name will fail
+        (https://github.com/ansible-collections/community.general/pull/4508).
+      - xbps - fix error message that is reported when installing packages fails (https://github.com/ansible-collections/community.general/pull/4438).
+      deprecated_features:
+      - nmcli - deprecate default hairpin mode for a bridge. This so we can change
+        it to ``false`` in community.general 7.0.0, as this is also the default in
+        ``nmcli`` (https://github.com/ansible-collections/community.general/pull/4334).
+      - proxmox inventory plugin - the current default ``true`` of the ``want_proxmox_nodes_ansible_host``
+        option has been deprecated. The default will change to ``false`` in community.general
+        6.0.0. To keep the current behavior, explicitly set ``want_proxmox_nodes_ansible_host``
+        to ``true`` in your inventory configuration. We suggest to already switch
+        to the new behavior by explicitly setting it to ``false``, and by using ``compose:``
+        to set ``ansible_host`` to the correct value. See the examples in the plugin
+        documentation for details (https://github.com/ansible-collections/community.general/pull/4466).
+      minor_changes:
+      - alternatives - add ``state`` parameter, which provides control over whether
+        the alternative should be set as the active selection for its alternatives
+        group (https://github.com/ansible-collections/community.general/issues/4543,
+        https://github.com/ansible-collections/community.general/pull/4557).
+      - atomic_container - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - clc_alert_policy - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - clc_group - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - clc_loadbalancer - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - clc_server - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - cmd_runner module util - reusable command runner with consistent argument
+        formatting and sensible defaults (https://github.com/ansible-collections/community.general/pull/4476).
+      - datadog_monitor - support new datadog event monitor of type `event-v2 alert`
+        (https://github.com/ansible-collections/community.general/pull/4457)
+      - filesystem - add support for resizing btrfs (https://github.com/ansible-collections/community.general/issues/4465).
+      - lxd_container - adds ``project`` option to allow selecting project for LXD
+        instance (https://github.com/ansible-collections/community.general/pull/4479).
+      - lxd_profile - adds ``project`` option to allow selecting project for LXD profile
+        (https://github.com/ansible-collections/community.general/pull/4479).
+      - nmap inventory plugin - add ``sudo`` option in plugin in order to execute
+        ``sudo nmap`` so that ``nmap`` runs with elevated privileges (https://github.com/ansible-collections/community.general/pull/4506).
+      - nomad_job - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - nomad_job_info - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - packet_device - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - packet_sshkey - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - packet_volume - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - profitbricks - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - proxmox - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - proxmox inventory plugin - add token authentication as an alternative to username/password
+        (https://github.com/ansible-collections/community.general/pull/4540).
+      - proxmox inventory plugin - parse LXC configs returned by the proxmox API (https://github.com/ansible-collections/community.general/pull/4472).
+      - proxmox_snap - add restore snapshot option (https://github.com/ansible-collections/community.general/pull/4377).
+      - proxmox_snap - fixed timeout value to correctly reflect time in seconds. The
+        timeout was off by one second (https://github.com/ansible-collections/community.general/pull/4377).
+      - redfish_command - add ``IndicatorLedOn``, ``IndicatorLedOff``, and ``IndicatorLedBlink``
+        commands to the Systems category for controling system LEDs (https://github.com/ansible-collections/community.general/issues/4084).
+      - seport - minor refactoring (https://github.com/ansible-collections/community.general/pull/4471).
+      - smartos_image_info - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - terraform - adds ``terraform_upgrade`` parameter which allows ``terraform
+        init`` to satisfy new provider constraints in an existing Terraform project
+        (https://github.com/ansible-collections/community.general/issues/4333).
+      - udm_group - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - udm_share - minor refactoring (https://github.com/ansible-collections/community.general/pull/4556).
+      - vmadm - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - webfaction_app - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - webfaction_db - minor refactoring (https://github.com/ansible-collections/community.general/pull/4567).
+      - xfconf - added missing value types ``char``, ``uchar``, ``int64`` and ``uint64``
+        (https://github.com/ansible-collections/community.general/pull/4534).
+      release_summary: Regular feature and bugfix release. Please note that this is
+        the last minor 4.x.0 release. Further releases with major version 4 will be
+        bugfix releases 4.8.y.
+    fragments:
+    - 4.8.0.yml
+    - 4084-add-redfish-system-indicator-led.yml
+    - 4320-nmcli-hairpin.yml
+    - 4377-allow-proxmox-snapshot-restoring.yml
+    - 4438-fix-error-message.yaml
+    - 4455-terraform-provider-upgrade.yml
+    - 4457-support-datadog-monitors-type-event-v2.yaml
+    - 4459-only-get-monitor-if-it-is-not-null-api-response.yaml
+    - 4464-pacman-fix-local-remove.yaml
+    - 4465-btrfs-resize.yml
+    - 4466-proxmox-ansible_host-deprecation.yml
+    - 4471-seport-refactor.yaml
+    - 4476-cmd_runner.yml
+    - 4479-add-project-support-for-lxd_container-and-lxd_profile.yml
+    - 4491-specify_all_in_list_calls.yaml
+    - 4492-proxmox_kvm_fix_vm_without_name.yaml
+    - 4496-remove-deprecated-method-in-gitlab-branch-module.yml
+    - 4506-sudo-in-nmap-inv-plugin.yaml
+    - 4524-update-opennebula-inventory-plugin-to-match-documentation.yaml
+    - 4526-keycloak-realm-types.yaml
+    - 4530-fix-unauthorized-pritunl-request.yaml
+    - 4534-xfconf-added-value-types.yaml
+    - 4540-proxmox-inventory-token-auth.yml
+    - 4555-proxmox-lxc-key.yml
+    - 4556-remove-default-none-1.yml
+    - 4557-alternatives-add-state-parameter.yml
+    - 4567-remove-default-none-2.yml
+    modules:
+    - description: Manage customers in Alerta
+      name: alerta_customer
+      namespace: monitoring
+    - description: Manage LXD projects
+      name: lxd_project
+      namespace: cloud.lxd
+    release_date: '2022-04-26'
--- a/docs/docsite/helper/lists_mergeby/default-common.yml
+++ b/docs/docsite/helper/lists_mergeby/default-common.yml
@@ -0,0 +1,13 @@
+list1:
+  - name: foo
+    extra: true
+  - name: bar
+    extra: false
+  - name: meh
+    extra: true
+
+list2:
+  - name: foo
+    path: /foo
+  - name: baz
+    path: /baz
--- a/docs/docsite/helper/lists_mergeby/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/default-recursive-true.yml
@@ -0,0 +1,19 @@
+list1:
+  - name: myname01
+    param01:
+      x: default_value
+      y: default_value
+      list:
+        - default_value
+  - name: myname02
+    param01: [1, 1, 2, 3]
+
+list2:
+  - name: myname01
+    param01:
+      y: patch_value
+      z: patch_value
+      list:
+        - patch_value
+  - name: myname02
+    param01: [3, 4, 4, {key: value}]
--- a/docs/docsite/helper/lists_mergeby/example-001.yml
+++ b/docs/docsite/helper/lists_mergeby/example-001.yml
@@ -0,0 +1,10 @@
+---
+- name: 1. Merge two lists by common attribute 'name'
+  include_vars:
+    dir: example-001_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-001.out
--- a/docs/docsite/helper/lists_mergeby/example-001_vars/default-common.yml
+++ b/docs/docsite/helper/lists_mergeby/example-001_vars/default-common.yml
@@ -0,0 +1 @@
+../default-common.yml
--- a/docs/docsite/helper/lists_mergeby/example-001_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-001_vars/list3.yml
@@ -0,0 +1,2 @@
+list3: "{{ list1|
+           community.general.lists_mergeby(list2, 'name') }}"
--- a/docs/docsite/helper/lists_mergeby/example-002.yml
+++ b/docs/docsite/helper/lists_mergeby/example-002.yml
@@ -0,0 +1,10 @@
+---
+- name: 2. Merge two lists by common attribute 'name'
+  include_vars:
+    dir: example-002_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-002.out
--- a/docs/docsite/helper/lists_mergeby/example-002_vars/default-common.yml
+++ b/docs/docsite/helper/lists_mergeby/example-002_vars/default-common.yml
@@ -0,0 +1 @@
+../default-common.yml
--- a/docs/docsite/helper/lists_mergeby/example-002_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-002_vars/list3.yml
@@ -0,0 +1,2 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name') }}"
--- a/docs/docsite/helper/lists_mergeby/example-003.yml
+++ b/docs/docsite/helper/lists_mergeby/example-003.yml
@@ -0,0 +1,10 @@
+---
+- name: 3. Merge recursive by 'name', replace lists (default)
+  include_vars:
+    dir: example-003_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-003.out
--- a/docs/docsite/helper/lists_mergeby/example-003_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-003_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-003_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-003_vars/list3.yml
@@ -0,0 +1,3 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true) }}"
--- a/docs/docsite/helper/lists_mergeby/example-004.yml
+++ b/docs/docsite/helper/lists_mergeby/example-004.yml
@@ -0,0 +1,10 @@
+---
+- name: 4. Merge recursive by 'name', keep lists
+  include_vars:
+    dir: example-004_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-004.out
--- a/docs/docsite/helper/lists_mergeby/example-004_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-004_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-004_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-004_vars/list3.yml
@@ -0,0 +1,4 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true,
+                                           list_merge='keep') }}"
--- a/docs/docsite/helper/lists_mergeby/example-005.yml
+++ b/docs/docsite/helper/lists_mergeby/example-005.yml
@@ -0,0 +1,10 @@
+---
+- name: 5. Merge recursive by 'name', append lists
+  include_vars:
+    dir: example-005_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-005.out
--- a/docs/docsite/helper/lists_mergeby/example-005_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-005_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-005_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-005_vars/list3.yml
@@ -0,0 +1,4 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true,
+                                           list_merge='append') }}"
--- a/docs/docsite/helper/lists_mergeby/example-006.yml
+++ b/docs/docsite/helper/lists_mergeby/example-006.yml
@@ -0,0 +1,10 @@
+---
+- name: 6. Merge recursive by 'name', prepend lists
+  include_vars:
+    dir: example-006_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-006.out
--- a/docs/docsite/helper/lists_mergeby/example-006_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-006_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-006_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-006_vars/list3.yml
@@ -0,0 +1,4 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true,
+                                           list_merge='prepend') }}"
--- a/docs/docsite/helper/lists_mergeby/example-007.yml
+++ b/docs/docsite/helper/lists_mergeby/example-007.yml
@@ -0,0 +1,10 @@
+---
+- name: 7. Merge recursive by 'name', append lists 'remove present'
+  include_vars:
+    dir: example-007_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-007.out
--- a/docs/docsite/helper/lists_mergeby/example-007_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-007_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-007_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-007_vars/list3.yml
@@ -0,0 +1,4 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true,
+                                           list_merge='append_rp') }}"
--- a/docs/docsite/helper/lists_mergeby/example-008.yml
+++ b/docs/docsite/helper/lists_mergeby/example-008.yml
@@ -0,0 +1,10 @@
+---
+- name: 8. Merge recursive by 'name', prepend lists 'remove present'
+  include_vars:
+    dir: example-008_vars
+- debug:
+    var: list3
+  when: debug|d(false)|bool
+- template:
+    src: list3.out.j2
+    dest: example-008.out
--- a/docs/docsite/helper/lists_mergeby/example-008_vars/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/example-008_vars/default-recursive-true.yml
@@ -0,0 +1 @@
+../default-recursive-true.yml
--- a/docs/docsite/helper/lists_mergeby/example-008_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-008_vars/list3.yml
@@ -0,0 +1,4 @@
+list3: "{{ [list1, list2]|
+           community.general.lists_mergeby('name',
+                                           recursive=true,
+                                           list_merge='prepend_rp') }}"
--- a/docs/docsite/helper/lists_mergeby/examples.yml
+++ b/docs/docsite/helper/lists_mergeby/examples.yml
@@ -0,0 +1,50 @@
+---
+examples:
+  - label: 'In the example below the lists are merged by the attribute ``name``:'
+    file: example-001_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-001.out
+    lang: 'yaml'
+  - label: 'It is possible to use a list of lists as an input of the filter:'
+    file: example-002_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces the same result as in the previous example:'
+    file: example-002.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=replace`` (default):'
+    file: example-003_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-003.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=keep``:'
+    file: example-004_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-004.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=append``:'
+    file: example-005_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-005.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=prepend``:'
+    file: example-006_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-006.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=append_rp``:'
+    file: example-007_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-007.out
+    lang: 'yaml'
+  - label: 'Example ``list_merge=prepend_rp``:'
+    file: example-008_vars/list3.yml
+    lang: 'yaml+jinja'
+  - label: 'This produces:'
+    file: example-008.out
+    lang: 'yaml'
--- a/docs/docsite/helper/lists_mergeby/examples_all.rst.j2
+++ b/docs/docsite/helper/lists_mergeby/examples_all.rst.j2
@@ -0,0 +1,8 @@
+{% for i in examples %}
+{{ i.label }}
+
+.. code-block:: {{ i.lang }}
+
+  {{ lookup('file', i.file)|indent(2) }}
+
+{% endfor %}
--- a/docs/docsite/helper/lists_mergeby/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
+++ b/docs/docsite/helper/lists_mergeby/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
@@ -0,0 +1,57 @@
+Merging lists of dictionaries
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the ``lists_mergeby`` filter.
+
+.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See :ref:`the documentation for the community.general.yaml callback plugin <ansible_collections.community.general.yaml_callback>`.
+
+Let us use the lists below in the following examples:
+
+.. code-block:: yaml
+
+  {{ lookup('file', 'default-common.yml')|indent(2) }}
+
+{% for i in examples[0:2] %}
+{{ i.label }}
+
+.. code-block:: {{ i.lang }}
+
+  {{ lookup('file', i.file)|indent(2) }}
+
+{% endfor %}
+
+.. versionadded:: 2.0.0
+
+{% for i in examples[2:4] %}
+{{ i.label }}
+
+.. code-block:: {{ i.lang }}
+
+  {{ lookup('file', i.file)|indent(2) }}
+
+{% endfor %}
+
+The filter also accepts two optional parameters: ``recursive`` and ``list_merge``. These parameters are only supported when used with ansible-base 2.10 or ansible-core, but not with Ansible 2.9. This is available since community.general 4.4.0.
+
+**recursive**
+    Is a boolean, default to ``False``. Should the ``community.general.lists_mergeby`` recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.
+
+**list_merge**
+    Is a string, its possible values are ``replace`` (default), ``keep``, ``append``, ``prepend``, ``append_rp`` or ``prepend_rp``. It modifies the behaviour of ``community.general.lists_mergeby`` when the hashes to merge contain arrays/lists.
+
+The examples below set ``recursive=true`` and display the differences among all six options of ``list_merge``. Functionality of the parameters is exactly the same as in the filter ``combine``. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.
+
+Let us use the lists below in the following examples
+
+.. code-block:: yaml
+
+  {{ lookup('file', 'default-recursive-true.yml')|indent(2) }}
+
+{% for i in examples[4:16] %}
+{{ i.label }}
+
+.. code-block:: {{ i.lang }}
+
+  {{ lookup('file', i.file)|indent(2) }}
+
+{% endfor %}
--- a/docs/docsite/helper/lists_mergeby/list3.out.j2
+++ b/docs/docsite/helper/lists_mergeby/list3.out.j2
@@ -0,0 +1,2 @@
+list3:
+{{ list3|to_nice_yaml(indent=0) }}
--- a/docs/docsite/helper/lists_mergeby/playbook.yml
+++ b/docs/docsite/helper/lists_mergeby/playbook.yml
@@ -0,0 +1,59 @@
+---
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# 1) Run all examples and create example-XXX.out
+# shell> ansible-playbook playbook.yml -e examples=true
+#
+# 2) Optionally, for testing, create examples_all.rst
+# shell> ansible-playbook playbook.yml -e examples_all=true
+#
+# 3) Create docs REST files
+# shell> ansible-playbook playbook.yml -e merging_lists_of_dictionaries=true
+#
+# Notes:
+# * Use YAML callback, e.g. set ANSIBLE_STDOUT_CALLBACK=community.general.yaml
+# * Use sphinx-view to render and review the REST files
+#   shell> sphinx-view <path_to_helper>/examples_all.rst
+# * Proofread and copy completed docs *.rst files into the directory rst.
+# * Then delete the *.rst and *.out files from this directory. Do not
+#   add *.rst and *.out in this directory to the version control.
+#
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# community.general/docs/docsite/helper/lists_mergeby/playbook.yml
+
+- hosts: localhost
+  gather_facts: false
+  tasks:
+
+    - block:
+        - import_tasks: example-001.yml
+          tags: t001
+        - import_tasks: example-002.yml
+          tags: t002
+        - import_tasks: example-003.yml
+          tags: t003
+        - import_tasks: example-004.yml
+          tags: t004
+        - import_tasks: example-005.yml
+          tags: t005
+        - import_tasks: example-006.yml
+          tags: t006
+        - import_tasks: example-007.yml
+          tags: t007
+        - import_tasks: example-008.yml
+          tags: t008
+      when: examples|d(false)|bool
+
+    - block:
+        - include_vars: examples.yml
+        - template:
+            src: examples_all.rst.j2
+            dest: examples_all.rst
+      when: examples_all|d(false)|bool
+
+    - block:
+        - include_vars: examples.yml
+        - template:
+            src: filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
+            dest: filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
+      when: merging_lists_of_dictionaries|d(false)|bool
--- a/docs/docsite/links.yml
+++ b/docs/docsite/links.yml
@@ -0,0 +1,23 @@
+---
+edit_on_github:
+  repository: ansible-collections/community.general
+  branch: main
+  path_prefix: ''
+
+extra_links:
+  - description: Submit a bug report
+    url: https://github.com/ansible-collections/community.general/issues/new?assignees=&labels=&template=bug_report.yml
+  - description: Request a feature
+    url: https://github.com/ansible-collections/community.general/issues/new?assignees=&labels=&template=feature_request.yml
+
+communication:
+  matrix_rooms:
+    - topic: General usage and support questions
+      room: '#users:ansible.im'
+  irc_channels:
+    - topic: General usage and support questions
+      network: Libera
+      channel: '#ansible'
+  mailing_lists:
+    - topic: Ansible Project List
+      url: https://groups.google.com/g/ansible-project
--- a/docs/docsite/rst/filter_guide.rst
+++ b/docs/docsite/rst/filter_guide.rst
@@ -1,3 +1,4 @@
+
 .. _ansible_collections.community.general.docsite.filter_guide:

 community.general Filter Guide
@@ -5,780 +6,14 @@ community.general Filter Guide

 The :ref:`community.general collection <plugins_in_community.general>` offers several useful filter plugins.

-.. contents:: Topics
-
-Paths
-----
-
-The ``path_join`` filter has been added in ansible-base 2.10. If you want to use this filter, but also need to support Ansible 2.9, you can use ``community.general``'s ``path_join`` shim, ``community.general.path_join``. This filter redirects to ``path_join`` for ansible-base 2.10 and ansible-core 2.11 or newer, and re-implements the filter for Ansible 2.9.
-
-.. code-block:: yaml+jinja
-
-    # ansible-base 2.10 or newer:
-    path: {{ ('/etc', path, 'subdir', file) | path_join }}
-
-    # Also works with Ansible 2.9:
-    path: {{ ('/etc', path, 'subdir', file) | community.general.path_join }}
-
-.. versionadded:: 3.0.0
-
-Abstract transformations
------------------------
-
-Dictionaries
-^^^^^^^^^^^^
-
-You can use the ``dict_kv`` filter to create a single-entry dictionary with ``value | community.general.dict_kv(key)``:
-
-.. code-block:: yaml+jinja
-
-    - name: Create a single-entry dictionary
-      debug:
-        msg: "{{ myvar | community.general.dict_kv('thatsmyvar') }}"
-      vars:
-        myvar: myvalue
-
-    - name: Create a list of dictionaries where the 'server' field is taken from a list
-      debug:
-        msg: >-
-          {{ myservers | map('community.general.dict_kv', 'server')
-                       | map('combine', common_config) }}
-      vars:
-        common_config:
-          type: host
-          database: all
-        myservers:
-        - server1
-        - server2
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Create a single-entry dictionary]  **************************************************
-    ok: [localhost] => {
-        "msg": {
-            "thatsmyvar": "myvalue"
-        }
-    }
-
-    TASK [Create a list of dictionaries where the 'server' field is taken from a list]  *******
-    ok: [localhost] => {
-        "msg": [
-            {
-                "database": "all",
-                "server": "server1",
-                "type": "host"
-            },
-            {
-                "database": "all",
-                "server": "server2",
-                "type": "host"
-            }
-        ]
-    }
-
-.. versionadded:: 2.0.0
-
-If you need to convert a list of key-value pairs to a dictionary, you can use the ``dict`` function. Unfortunately, this function cannot be used with ``map``. For this, the ``community.general.dict`` filter can be used:
-
-.. code-block:: yaml+jinja
-
-    - name: Create a dictionary with the dict function
-      debug:
-        msg: "{{ dict([[1, 2], ['a', 'b']]) }}"
-
-    - name: Create a dictionary with the community.general.dict filter
-      debug:
-        msg: "{{ [[1, 2], ['a', 'b']] | community.general.dict }}"
-
-    - name: Create a list of dictionaries with map and the community.general.dict filter
-      debug:
-        msg: >-
-          {{ values | map('zip', ['k1', 'k2', 'k3'])
-                    | map('map', 'reverse')
-                    | map('community.general.dict') }}
-      vars:
-        values:
-          - - foo
-            - 23
-            - a
-          - - bar
-            - 42
-            - b
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Create a dictionary with the dict function]  ****************************************
-    ok: [localhost] => {
-        "msg": {
-            "1": 2,
-            "a": "b"
-        }
-    }
-
-    TASK [Create a dictionary with the community.general.dict filter]  ************************
-    ok: [localhost] => {
-        "msg": {
-            "1": 2,
-            "a": "b"
-        }
-    }
-
-    TASK [Create a list of dictionaries with map and the community.general.dict filter]  ******
-    ok: [localhost] => {
-        "msg": [
-            {
-                "k1": "foo",
-                "k2": 23,
-                "k3": "a"
-            },
-            {
-                "k1": "bar",
-                "k2": 42,
-                "k3": "b"
-            }
-        ]
-    }
-
-.. versionadded:: 3.0.0
-
-Grouping
-^^^^^^^^
-
-If you have a list of dictionaries, the Jinja2 ``groupby`` filter allows to group the list by an attribute. This results in a list of ``(grouper, list)`` namedtuples, where ``list`` contains all dictionaries where the selected attribute equals ``grouper``. If you know that for every ``grouper``, there will be a most one entry in that list, you can use the ``community.general.groupby_as_dict`` filter to convert the original list into a dictionary which maps ``grouper`` to the corresponding dictionary.
-
-One example is ``ansible_facts.mounts``, which is a list of dictionaries where each has one ``device`` element to indicate the device which is mounted. Therefore, ``ansible_facts.mounts | community.general.groupby_as_dict('device')`` is a dictionary mapping a device to the mount information:
-
-.. code-block:: yaml+jinja
-
-    - name: Output mount facts grouped by device name
-      debug:
-        var: ansible_facts.mounts | community.general.groupby_as_dict('device')
-
-    - name: Output mount facts grouped by mount point
-      debug:
-        var: ansible_facts.mounts | community.general.groupby_as_dict('mount')
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Output mount facts grouped by device name] ******************************************
-    ok: [localhost] => {
-        "ansible_facts.mounts | community.general.groupby_as_dict('device')": {
-            "/dev/sda1": {
-                "block_available": 2000,
-                "block_size": 4096,
-                "block_total": 2345,
-                "block_used": 345,
-                "device": "/dev/sda1",
-                "fstype": "ext4",
-                "inode_available": 500,
-                "inode_total": 512,
-                "inode_used": 12,
-                "mount": "/boot",
-                "options": "rw,relatime,data=ordered",
-                "size_available": 56821,
-                "size_total": 543210,
-                "uuid": "ab31cade-d9c1-484d-8482-8a4cbee5241a"
-            },
-            "/dev/sda2": {
-                "block_available": 1234,
-                "block_size": 4096,
-                "block_total": 12345,
-                "block_used": 11111,
-                "device": "/dev/sda2",
-                "fstype": "ext4",
-                "inode_available": 1111,
-                "inode_total": 1234,
-                "inode_used": 123,
-                "mount": "/",
-                "options": "rw,relatime",
-                "size_available": 42143,
-                "size_total": 543210,
-                "uuid": "abcdef01-2345-6789-0abc-def012345678"
-            }
-        }
-    }
-
-    TASK [Output mount facts grouped by mount point] ******************************************
-    ok: [localhost] => {
-        "ansible_facts.mounts | community.general.groupby_as_dict('mount')": {
-            "/": {
-                "block_available": 1234,
-                "block_size": 4096,
-                "block_total": 12345,
-                "block_used": 11111,
-                "device": "/dev/sda2",
-                "fstype": "ext4",
-                "inode_available": 1111,
-                "inode_total": 1234,
-                "inode_used": 123,
-                "mount": "/",
-                "options": "rw,relatime",
-                "size_available": 42143,
-                "size_total": 543210,
-                "uuid": "bdf50b7d-4859-40af-8665-c637ee7a7808"
-            },
-            "/boot": {
-                "block_available": 2000,
-                "block_size": 4096,
-                "block_total": 2345,
-                "block_used": 345,
-                "device": "/dev/sda1",
-                "fstype": "ext4",
-                "inode_available": 500,
-                "inode_total": 512,
-                "inode_used": 12,
-                "mount": "/boot",
-                "options": "rw,relatime,data=ordered",
-                "size_available": 56821,
-                "size_total": 543210,
-                "uuid": "ab31cade-d9c1-484d-8482-8a4cbee5241a"
-            }
-        }
-    }
-
-.. versionadded: 3.0.0
-
-Merging lists of dictionaries
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-If you have two lists of dictionaries and want to combine them into a list of merged dictionaries, where two dictionaries are merged if they coincide in one attribute, you can use the ``lists_mergeby`` filter.
-
-.. code-block:: yaml+jinja
-
-    - name: Merge two lists by common attribute 'name'
-      debug:
-        var: list1 | community.general.lists_mergeby(list2, 'name')
-      vars:
-        list1:
-          - name: foo
-            extra: true
-          - name: bar
-            extra: false
-          - name: meh
-            extra: true
-        list2:
-          - name: foo
-            path: /foo
-          - name: baz
-            path: /bazzz
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Merge two lists by common attribute 'name']  ****************************************
-    ok: [localhost] => {
-        "list1 | community.general.lists_mergeby(list2, 'name')": [
-            {
-                "extra": false,
-                "name": "bar"
-            },
-            {
-                "name": "baz",
-                "path": "/bazzz"
-            },
-            {
-                "extra": true,
-                "name": "foo",
-                "path": "/foo"
-            },
-            {
-                "extra": true,
-                "name": "meh"
-            }
-        ]
-    }
-
-.. versionadded: 2.0.0
-
-Working with times
------------------
-
-The ``to_time_unit`` filter allows to convert times from a human-readable string to a unit. For example, ``'4h 30min 12second' | community.general.to_time_unit('hour')`` gives the number of hours that correspond to 4 hours, 30 minutes and 12 seconds.
-
-There are shorthands to directly convert to various units, like ``to_hours``, ``to_minutes``, ``to_seconds``, and so on. The following table lists all units that can be used:
-
-.. list-table:: Units
-   :widths: 25 25 25 25
-   :header-rows: 1
-
-   * - Unit name
-     - Unit value in seconds
-     - Unit strings for filter
-     - Shorthand filter
-   * - Millisecond
-     - 1/1000 second
-     - ``ms``, ``millisecond``, ``milliseconds``, ``msec``, ``msecs``, ``msecond``, ``mseconds``
-     - ``to_milliseconds``
-   * - Second
-     - 1 second
-     - ``s``, ``sec``, ``secs``, ``second``, ``seconds``
-     - ``to_seconds``
-   * - Minute
-     - 60 seconds
-     - ``m``, ``min``, ``mins``, ``minute``, ``minutes``
-     - ``to_minutes``
-   * - Hour
-     - 60*60 seconds
-     - ``h``, ``hour``, ``hours``
-     - ``to_hours``
-   * - Day
-     - 24*60*60 seconds
-     - ``d``, ``day``, ``days``
-     - ``to_days``
-   * - Week
-     - 7*24*60*60 seconds
-     - ``w``, ``week``, ``weeks``
-     - ``to_weeks``
-   * - Month
-     - 30*24*60*60 seconds
-     - ``mo``, ``month``, ``months``
-     - ``to_months``
-   * - Year
-     - 365*24*60*60 seconds
-     - ``y``, ``year``, ``years``
-     - ``to_years``
-
-Note that months and years are using a simplified representation: a month is 30 days, and a year is 365 days. If you need different definitions of months or years, you can pass them as keyword arguments. For example, if you want a year to be 365.25 days, and a month to be 30.5 days, you can write ``'11months 4' | community.general.to_years(year=365.25, month=30.5)``. These keyword arguments can be specified to ``to_time_unit`` and to all shorthand filters.
-
-.. code-block:: yaml+jinja
-
-    - name: Convert string to seconds
-      debug:
-        msg: "{{ '30h 20m 10s 123ms' | community.general.to_time_unit('seconds') }}"
-
-    - name: Convert string to hours
-      debug:
-        msg: "{{ '30h 20m 10s 123ms' | community.general.to_hours }}"
-
-    - name: Convert string to years (using 365.25 days == 1 year)
-      debug:
-        msg: "{{ '400d 15h' | community.general.to_years(year=365.25) }}"
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Convert string to seconds] **********************************************************
-    ok: [localhost] => {
-        "msg": "109210.123"
-    }
-
-    TASK [Convert string to hours] ************************************************************
-    ok: [localhost] => {
-        "msg": "30.336145277778"
-    }
-
-    TASK [Convert string to years (using 365.25 days == 1 year)] ******************************
-    ok: [localhost] => {
-        "msg": "1.096851471595"
-    }
-
-.. versionadded: 0.2.0
-
-Working with versions
---------------------
-
-If you need to sort a list of version numbers, the Jinja ``sort`` filter is problematic. Since it sorts lexicographically, ``2.10`` will come before ``2.9``. To treat version numbers correctly, you can use the ``version_sort`` filter:
-
-.. code-block:: yaml+jinja
-
-    - name: Sort list by version number
-      debug:
-        var: ansible_versions | community.general.version_sort
-      vars:
-        ansible_versions:
-          - '2.8.0'
-          - '2.11.0'
-          - '2.7.0'
-          - '2.10.0'
-          - '2.9.0'
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Sort list by version number] ********************************************************
-    ok: [localhost] => {
-        "ansible_versions | community.general.version_sort": [
-            "2.7.0",
-            "2.8.0",
-            "2.9.0",
-            "2.10.0",
-            "2.11.0"
-        ]
-    }
-
-.. versionadded: 2.2.0
-
-Creating identifiers
--------------------
-
-The following filters allow to create identifiers.
-
-Hashids
-^^^^^^^
-
-`Hashids <https://hashids.org/>`_ allow to convert sequences of integers to short unique string identifiers. This filter needs the `hashids Python library <https://pypi.org/project/hashids/>`_ installed on the controller.
-
-.. code-block:: yaml+jinja
-
-    - name: "Create hashid"
-      debug:
-        msg: "{{ [1234, 5, 6] | community.general.hashids_encode }}"
-
-    - name: "Decode hashid"
-      debug:
-        msg: "{{ 'jm2Cytn' | community.general.hashids_decode }}"
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Create hashid] **********************************************************************
-    ok: [localhost] => {
-        "msg": "jm2Cytn"
-    }
-
-    TASK [Decode hashid] **********************************************************************
-    ok: [localhost] => {
-        "msg": [
-            1234,
-            5,
-            6
-        ]
-    }
-
-The hashids filters accept keyword arguments to allow fine-tuning the hashids generated:
-
-:salt: String to use as salt when hashing.
-:alphabet: String of 16 or more unique characters to produce a hash.
-:min_length: Minimum length of hash produced.
-
-.. versionadded: 3.0.0
-
-Random MACs
-^^^^^^^^^^^
-
-You can use the ``random_mac`` filter to complete a partial `MAC address <https://en.wikipedia.org/wiki/MAC_address>`_ to a random 6-byte MAC address.
-
-.. code-block:: yaml+jinja
-
-    - name: "Create a random MAC starting with ff:"
-      debug:
-        msg: "{{ 'FF' | community.general.random_mac }}"
-
-    - name: "Create a random MAC starting with 00:11:22:"
-      debug:
-        msg: "{{ '00:11:22' | community.general.random_mac }}"
-  
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Create a random MAC starting with ff:] **********************************************
-    ok: [localhost] => {
-        "msg": "ff:69:d3:78:7f:b4"
-    }
-
-    TASK [Create a random MAC starting with 00:11:22:] ****************************************
-    ok: [localhost] => {
-        "msg": "00:11:22:71:5d:3b"
-    }
-
-You can also initialize the random number generator from a seed to create random-but-idempotent MAC addresses:
-
-.. code-block:: yaml+jinja
-
-    "{{ '52:54:00' | community.general.random_mac(seed=inventory_hostname) }}"
-
-Conversions
-----------
-
-Parsing CSV files
-^^^^^^^^^^^^^^^^^
-
-Ansible offers the :ref:`community.general.read_csv module <ansible_collections.community.general.read_csv_module>` to read CSV files. Sometimes you need to convert strings to CSV files instead. For this, the ``from_csv`` filter exists.
-
-.. code-block:: yaml+jinja
-
-    - name: "Parse CSV from string"
-      debug:
-        msg: "{{ csv_string | community.general.from_csv }}"
-      vars:
-        csv_string: |
-          foo,bar,baz
-          1,2,3
-          you,this,then
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Parse CSV from string] **************************************************************
-    ok: [localhost] => {
-        "msg": [
-            {
-                "bar": "2",
-                "baz": "3",
-                "foo": "1"
-            },
-            {
-                "bar": "this",
-                "baz": "then",
-                "foo": "you"
-            }
-        ]
-    }
-
-The ``from_csv`` filter has several keyword arguments to control its behavior:
-
-:dialect: Dialect of the CSV file. Default is ``excel``. Other possible choices are ``excel-tab`` and ``unix``. If one of ``delimiter``, ``skipinitialspace`` or ``strict`` is specified, ``dialect`` is ignored.
-:fieldnames: A set of column names to use. If not provided, the first line of the CSV is assumed to contain the column names.
-:delimiter: Sets the delimiter to use. Default depends on the dialect used.
-:skipinitialspace: Set to ``true`` to ignore space directly after the delimiter. Default depends on the dialect used (usually ``false``).
-:strict: Set to ``true`` to error out on invalid CSV input.
-
-.. versionadded: 3.0.0
-
-Converting to JSON
-^^^^^^^^^^^^^^^^^^
-
-`JC <https://pypi.org/project/jc/>`_ is a CLI tool and Python library which allows to interpret output of various CLI programs as JSON. It is also available as a filter in community.general. This filter needs the `jc Python library <https://pypi.org/project/jc/>`_ installed on the controller.
-
-.. code-block:: yaml+jinja
-
-    - name: Run 'ls' to list files in /
-      command: ls /
-      register: result
-
-    - name: Parse the ls output
-      debug:
-        msg: "{{ result.stdout | community.general.jc('ls') }}"
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Run 'ls' to list files in /] ********************************************************
-    changed: [localhost]
-
-    TASK [Parse the ls output] ****************************************************************
-    ok: [localhost] => {
-        "msg": [
-            {
-                "filename": "bin"
-            },
-            {
-                "filename": "boot"
-            },
-            {
-                "filename": "dev"
-            },
-            {
-                "filename": "etc"
-            },
-            {
-                "filename": "home"
-            },
-            {
-                "filename": "lib"
-            },
-            {
-                "filename": "proc"
-            },
-            {
-                "filename": "root"
-            },
-            {
-                "filename": "run"
-            },
-            {
-                "filename": "tmp"
-            }
-        ]
-    }
-
-.. versionadded: 2.0.0
-
-.. _ansible_collections.community.general.docsite.json_query_filter:
-
-Selecting JSON data: JSON queries
---------------------------------
-
-To select a single element or a data subset from a complex data structure in JSON format (for example, Ansible facts), use the ``json_query`` filter.  The ``json_query`` filter lets you query a complex JSON structure and iterate over it using a loop structure.
-
-.. note:: You must manually install the **jmespath** dependency on the Ansible controller before using this filter. This filter is built upon **jmespath**, and you can use the same syntax. For examples, see `jmespath examples <http://jmespath.org/examples.html>`_.
-
-Consider this data structure:
-
-.. code-block:: yaml+jinja
-
-    {
-        "domain_definition": {
-            "domain": {
-                "cluster": [
-                    {
-                        "name": "cluster1"
-                    },
-                    {
-                        "name": "cluster2"
-                    }
-                ],
-                "server": [
-                    {
-                        "name": "server11",
-                        "cluster": "cluster1",
-                        "port": "8080"
-                    },
-                    {
-                        "name": "server12",
-                        "cluster": "cluster1",
-                        "port": "8090"
-                    },
-                    {
-                        "name": "server21",
-                        "cluster": "cluster2",
-                        "port": "9080"
-                    },
-                    {
-                        "name": "server22",
-                        "cluster": "cluster2",
-                        "port": "9090"
-                    }
-                ],
-                "library": [
-                    {
-                        "name": "lib1",
-                        "target": "cluster1"
-                    },
-                    {
-                        "name": "lib2",
-                        "target": "cluster2"
-                    }
-                ]
-            }
-        }
-    }
-
-To extract all clusters from this structure, you can use the following query:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all cluster names
-      ansible.builtin.debug:
-        var: item
-      loop: "{{ domain_definition | community.general.json_query('domain.cluster[*].name') }}"
-
-To extract all server names:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all server names
-      ansible.builtin.debug:
-        var: item
-      loop: "{{ domain_definition | community.general.json_query('domain.server[*].name') }}"
-
-To extract ports from cluster1:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all ports from cluster1
-      ansible.builtin.debug:
-        var: item
-      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
-      vars:
-        server_name_cluster1_query: "domain.server[?cluster=='cluster1'].port"
-
-.. note:: You can use a variable to make the query more readable.
-
-To print out the ports from cluster1 in a comma separated string:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all ports from cluster1 as a string
-      ansible.builtin.debug:
-        msg: "{{ domain_definition | community.general.json_query('domain.server[?cluster==`cluster1`].port') | join(', ') }}"
-
-.. note:: In the example above, quoting literals using backticks avoids escaping quotes and maintains readability.
-
-You can use YAML `single quote escaping <https://yaml.org/spec/current.html#id2534365>`_:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all ports from cluster1
-      ansible.builtin.debug:
-        var: item
-      loop: "{{ domain_definition | community.general.json_query('domain.server[?cluster==''cluster1''].port') }}"
-
-.. note:: Escaping single quotes within single quotes in YAML is done by doubling the single quote.
-
-To get a hash map with all ports and names of a cluster:
-
-.. code-block:: yaml+jinja
-
-    - name: Display all server ports and names from cluster1
-      ansible.builtin.debug:
-        var: item
-      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
-      vars:
-        server_name_cluster1_query: "domain.server[?cluster=='cluster2'].{name: name, port: port}"
-
-To extract ports from all clusters with name starting with 'server1':
-
-.. code-block:: yaml+jinja
-
-    - name: Display all ports from cluster1
-      ansible.builtin.debug:
-        msg: "{{ domain_definition | to_json | from_json | community.general.json_query(server_name_query) }}"
-      vars:
-        server_name_query: "domain.server[?starts_with(name,'server1')].port"
-
-To extract ports from all clusters with name containing 'server1':
-
-.. code-block:: yaml+jinja
-
-    - name: Display all ports from cluster1
-      ansible.builtin.debug:
-        msg: "{{ domain_definition | to_json | from_json | community.general.json_query(server_name_query) }}"
-      vars:
-        server_name_query: "domain.server[?contains(name,'server1')].port"
-
-.. note:: while using ``starts_with`` and ``contains``, you have to use `` to_json | from_json `` filter for correct parsing of data structure.
-
-Working with Unicode
---------------------
-
-`Unicode <https://unicode.org/main.html>`_ makes it possible to produce two strings which may be visually equivalent, but are comprised of distinctly different characters/character sequences. To address this ``Unicode`` defines `normalization forms <https://unicode.org/reports/tr15/>`_ which avoid these distinctions by choosing a unique character sequence for a given visual representation.
-
-You can use the ``community.general.unicode_normalize`` filter to normalize ``Unicode`` strings within your playbooks.
-
-.. code-block:: yaml+jinja
-
-    - name: Compare Unicode representations
-      debug:
-        msg: "{{ with_combining_character | community.general.unicode_normalize == without_combining_character }}"
-      vars:
-        with_combining_character: "{{ 'Mayagu\u0308ez' }}"
-        without_combining_character: Mayagüez
-
-This produces:
-
-.. code-block:: ansible-output
-
-    TASK [Compare Unicode representations] ********************************************************
-    ok: [localhost] => {
-        "msg": true
-    }
-
-The ``community.general.unicode_normalize`` filter accepts a keyword argument to select the ``Unicode`` form used to normalize the input string.
-
-:form: One of ``'NFC'`` (default), ``'NFD'``, ``'NFKC'``, or ``'NFKD'``. See the `Unicode reference <https://unicode.org/reports/tr15/>`_ for more information.
-
-.. versionadded:: 3.7.0
+.. toctree::
+   :maxdepth: 2
+
+   filter_guide_paths
+   filter_guide_abstract_informations
+   filter_guide_working_with_times
+   filter_guide_working_with_versions
+   filter_guide_creating_identifiers
+   filter_guide_conversions
+   filter_guide_selecting_json_data
+   filter_guide_working_with_unicode
--- a/docs/docsite/rst/filter_guide_abstract_informations.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations.rst
@@ -0,0 +1,10 @@
+Abstract transformations
+------------------------
+
+.. toctree::
+   :maxdepth: 1
+
+   filter_guide_abstract_informations_dictionaries
+   filter_guide_abstract_informations_grouping
+   filter_guide_abstract_informations_merging_lists_of_dictionaries
+   filter_guide_abstract_informations_counting_elements_in_sequence
--- a/docs/docsite/rst/filter_guide_abstract_informations_counting_elements_in_sequence.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_counting_elements_in_sequence.rst
@@ -0,0 +1,77 @@
+Counting elements in a sequence
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The ``community.general.counter`` filter plugin allows you to count (hashable) elements in a sequence. Elements are returned as dictionary keys and their counts are stored as dictionary values.
+
+.. code-block:: yaml+jinja
+
+    - name: Count character occurrences in a string
+      debug:
+        msg: "{{ 'abccbaabca' | community.general.counter }}"
+
+    - name: Count items in a list
+      debug:
+        msg: "{{ ['car', 'car', 'bike', 'plane', 'bike'] | community.general.counter }}"
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Count character occurrences in a string] ********************************************
+    ok: [localhost] => {
+        "msg": {
+            "a": 4,
+            "b": 3,
+            "c": 3
+        }
+    }
+
+    TASK [Count items in a list] **************************************************************
+    ok: [localhost] => {
+        "msg": {
+            "bike": 2,
+            "car": 2,
+            "plane": 1
+        }
+    }
+
+This plugin is useful for selecting resources based on current allocation:
+
+.. code-block:: yaml+jinja
+
+    - name: Get ID of SCSI controller(s) with less than 4 disks attached and choose the one with the least disks
+      debug:
+        msg: >-
+          {{
+             ( disks | dict2items | map(attribute='value.adapter') | list
+               | community.general.counter | dict2items
+               | rejectattr('value', '>=', 4) | sort(attribute='value') | first
+             ).key
+          }}
+      vars:
+        disks:
+          sda:
+            adapter: scsi_1
+          sdb:
+            adapter: scsi_1
+          sdc:
+            adapter: scsi_1
+          sdd:
+            adapter: scsi_1
+          sde:
+            adapter: scsi_2
+          sdf:
+            adapter: scsi_3
+          sdg:
+            adapter: scsi_3
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Get ID of SCSI controller(s) with less than 4 disks attached and choose the one with the least disks]
+    ok: [localhost] => {
+        "msg": "scsi_2"
+    }
+
+.. versionadded:: 4.3.0
--- a/docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst
@@ -0,0 +1,119 @@
+Dictionaries
+^^^^^^^^^^^^
+
+You can use the ``dict_kv`` filter to create a single-entry dictionary with ``value | community.general.dict_kv(key)``:
+
+.. code-block:: yaml+jinja
+
+    - name: Create a single-entry dictionary
+      debug:
+        msg: "{{ myvar | community.general.dict_kv('thatsmyvar') }}"
+      vars:
+        myvar: myvalue
+
+    - name: Create a list of dictionaries where the 'server' field is taken from a list
+      debug:
+        msg: >-
+          {{ myservers | map('community.general.dict_kv', 'server')
+                       | map('combine', common_config) }}
+      vars:
+        common_config:
+          type: host
+          database: all
+        myservers:
+        - server1
+        - server2
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Create a single-entry dictionary]  **************************************************
+    ok: [localhost] => {
+        "msg": {
+            "thatsmyvar": "myvalue"
+        }
+    }
+
+    TASK [Create a list of dictionaries where the 'server' field is taken from a list]  *******
+    ok: [localhost] => {
+        "msg": [
+            {
+                "database": "all",
+                "server": "server1",
+                "type": "host"
+            },
+            {
+                "database": "all",
+                "server": "server2",
+                "type": "host"
+            }
+        ]
+    }
+
+.. versionadded:: 2.0.0
+
+If you need to convert a list of key-value pairs to a dictionary, you can use the ``dict`` function. Unfortunately, this function cannot be used with ``map``. For this, the ``community.general.dict`` filter can be used:
+
+.. code-block:: yaml+jinja
+
+    - name: Create a dictionary with the dict function
+      debug:
+        msg: "{{ dict([[1, 2], ['a', 'b']]) }}"
+
+    - name: Create a dictionary with the community.general.dict filter
+      debug:
+        msg: "{{ [[1, 2], ['a', 'b']] | community.general.dict }}"
+
+    - name: Create a list of dictionaries with map and the community.general.dict filter
+      debug:
+        msg: >-
+          {{ values | map('zip', ['k1', 'k2', 'k3'])
+                    | map('map', 'reverse')
+                    | map('community.general.dict') }}
+      vars:
+        values:
+          - - foo
+            - 23
+            - a
+          - - bar
+            - 42
+            - b
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Create a dictionary with the dict function]  ****************************************
+    ok: [localhost] => {
+        "msg": {
+            "1": 2,
+            "a": "b"
+        }
+    }
+
+    TASK [Create a dictionary with the community.general.dict filter]  ************************
+    ok: [localhost] => {
+        "msg": {
+            "1": 2,
+            "a": "b"
+        }
+    }
+
+    TASK [Create a list of dictionaries with map and the community.general.dict filter]  ******
+    ok: [localhost] => {
+        "msg": [
+            {
+                "k1": "foo",
+                "k2": 23,
+                "k3": "a"
+            },
+            {
+                "k1": "bar",
+                "k2": 42,
+                "k3": "b"
+            }
+        ]
+    }
+
+.. versionadded:: 3.0.0
--- a/docs/docsite/rst/filter_guide_abstract_informations_grouping.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_grouping.rst
@@ -0,0 +1,98 @@
+Grouping
+^^^^^^^^
+
+If you have a list of dictionaries, the Jinja2 ``groupby`` filter allows to group the list by an attribute. This results in a list of ``(grouper, list)`` namedtuples, where ``list`` contains all dictionaries where the selected attribute equals ``grouper``. If you know that for every ``grouper``, there will be a most one entry in that list, you can use the ``community.general.groupby_as_dict`` filter to convert the original list into a dictionary which maps ``grouper`` to the corresponding dictionary.
+
+One example is ``ansible_facts.mounts``, which is a list of dictionaries where each has one ``device`` element to indicate the device which is mounted. Therefore, ``ansible_facts.mounts | community.general.groupby_as_dict('device')`` is a dictionary mapping a device to the mount information:
+
+.. code-block:: yaml+jinja
+
+    - name: Output mount facts grouped by device name
+      debug:
+        var: ansible_facts.mounts | community.general.groupby_as_dict('device')
+
+    - name: Output mount facts grouped by mount point
+      debug:
+        var: ansible_facts.mounts | community.general.groupby_as_dict('mount')
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Output mount facts grouped by device name] ******************************************
+    ok: [localhost] => {
+        "ansible_facts.mounts | community.general.groupby_as_dict('device')": {
+            "/dev/sda1": {
+                "block_available": 2000,
+                "block_size": 4096,
+                "block_total": 2345,
+                "block_used": 345,
+                "device": "/dev/sda1",
+                "fstype": "ext4",
+                "inode_available": 500,
+                "inode_total": 512,
+                "inode_used": 12,
+                "mount": "/boot",
+                "options": "rw,relatime,data=ordered",
+                "size_available": 56821,
+                "size_total": 543210,
+                "uuid": "ab31cade-d9c1-484d-8482-8a4cbee5241a"
+            },
+            "/dev/sda2": {
+                "block_available": 1234,
+                "block_size": 4096,
+                "block_total": 12345,
+                "block_used": 11111,
+                "device": "/dev/sda2",
+                "fstype": "ext4",
+                "inode_available": 1111,
+                "inode_total": 1234,
+                "inode_used": 123,
+                "mount": "/",
+                "options": "rw,relatime",
+                "size_available": 42143,
+                "size_total": 543210,
+                "uuid": "abcdef01-2345-6789-0abc-def012345678"
+            }
+        }
+    }
+
+    TASK [Output mount facts grouped by mount point] ******************************************
+    ok: [localhost] => {
+        "ansible_facts.mounts | community.general.groupby_as_dict('mount')": {
+            "/": {
+                "block_available": 1234,
+                "block_size": 4096,
+                "block_total": 12345,
+                "block_used": 11111,
+                "device": "/dev/sda2",
+                "fstype": "ext4",
+                "inode_available": 1111,
+                "inode_total": 1234,
+                "inode_used": 123,
+                "mount": "/",
+                "options": "rw,relatime",
+                "size_available": 42143,
+                "size_total": 543210,
+                "uuid": "bdf50b7d-4859-40af-8665-c637ee7a7808"
+            },
+            "/boot": {
+                "block_available": 2000,
+                "block_size": 4096,
+                "block_total": 2345,
+                "block_used": 345,
+                "device": "/dev/sda1",
+                "fstype": "ext4",
+                "inode_available": 500,
+                "inode_total": 512,
+                "inode_used": 12,
+                "mount": "/boot",
+                "options": "rw,relatime,data=ordered",
+                "size_available": 56821,
+                "size_total": 543210,
+                "uuid": "ab31cade-d9c1-484d-8482-8a4cbee5241a"
+            }
+        }
+    }
+
+.. versionadded: 3.0.0
--- a/docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
@@ -0,0 +1,292 @@
+Merging lists of dictionaries
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the ``lists_mergeby`` filter.
+
+.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See :ref:`the documentation for the community.general.yaml callback plugin <ansible_collections.community.general.yaml_callback>`.
+
+Let us use the lists below in the following examples:
+
+.. code-block:: yaml
+
+  list1:
+    - name: foo
+      extra: true
+    - name: bar
+      extra: false
+    - name: meh
+      extra: true
+
+  list2:
+    - name: foo
+      path: /foo
+    - name: baz
+      path: /baz
+
+In the example below the lists are merged by the attribute ``name``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ list1|
+             community.general.lists_mergeby(list2, 'name') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - extra: false
+    name: bar
+  - name: baz
+    path: /baz
+  - extra: true
+    name: foo
+    path: /foo
+  - extra: true
+    name: meh
+
+
+.. versionadded:: 2.0.0
+
+It is possible to use a list of lists as an input of the filter:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name') }}"
+
+This produces the same result as in the previous example:
+
+.. code-block:: yaml
+
+  list3:
+  - extra: false
+    name: bar
+  - name: baz
+    path: /baz
+  - extra: true
+    name: foo
+    path: /foo
+  - extra: true
+    name: meh
+
+
+The filter also accepts two optional parameters: ``recursive`` and ``list_merge``. These parameters are only supported when used with ansible-base 2.10 or ansible-core, but not with Ansible 2.9. This is available since community.general 4.4.0.
+
+**recursive**
+    Is a boolean, default to ``False``. Should the ``community.general.lists_mergeby`` recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.
+
+**list_merge**
+    Is a string, its possible values are ``replace`` (default), ``keep``, ``append``, ``prepend``, ``append_rp`` or ``prepend_rp``. It modifies the behaviour of ``community.general.lists_mergeby`` when the hashes to merge contain arrays/lists.
+
+The examples below set ``recursive=true`` and display the differences among all six options of ``list_merge``. Functionality of the parameters is exactly the same as in the filter ``combine``. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.
+
+Let us use the lists below in the following examples
+
+.. code-block:: yaml
+
+  list1:
+    - name: myname01
+      param01:
+        x: default_value
+        y: default_value
+        list:
+          - default_value
+    - name: myname02
+      param01: [1, 1, 2, 3]
+
+  list2:
+    - name: myname01
+      param01:
+        y: patch_value
+        z: patch_value
+        list:
+          - patch_value
+    - name: myname02
+      param01: [3, 4, 4, {key: value}]
+
+Example ``list_merge=replace`` (default):
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true) }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - patch_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 3
+    - 4
+    - 4
+    - key: value
+
+Example ``list_merge=keep``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true,
+                                             list_merge='keep') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - default_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 1
+    - 1
+    - 2
+    - 3
+
+Example ``list_merge=append``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true,
+                                             list_merge='append') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - default_value
+      - patch_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 1
+    - 1
+    - 2
+    - 3
+    - 3
+    - 4
+    - 4
+    - key: value
+
+Example ``list_merge=prepend``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true,
+                                             list_merge='prepend') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - patch_value
+      - default_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 3
+    - 4
+    - 4
+    - key: value
+    - 1
+    - 1
+    - 2
+    - 3
+
+Example ``list_merge=append_rp``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true,
+                                             list_merge='append_rp') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - default_value
+      - patch_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 1
+    - 1
+    - 2
+    - 3
+    - 4
+    - 4
+    - key: value
+
+Example ``list_merge=prepend_rp``:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1, list2]|
+             community.general.lists_mergeby('name',
+                                             recursive=true,
+                                             list_merge='prepend_rp') }}"
+
+This produces:
+
+.. code-block:: yaml
+
+  list3:
+  - name: myname01
+    param01:
+      list:
+      - patch_value
+      - default_value
+      x: default_value
+      y: patch_value
+      z: patch_value
+  - name: myname02
+    param01:
+    - 3
+    - 4
+    - 4
+    - key: value
+    - 1
+    - 1
+    - 2
+
--- a/docs/docsite/rst/filter_guide_conversions.rst
+++ b/docs/docsite/rst/filter_guide_conversions.rst
@@ -0,0 +1,108 @@
+Conversions
+-----------
+
+Parsing CSV files
+^^^^^^^^^^^^^^^^^
+
+Ansible offers the :ref:`community.general.read_csv module <ansible_collections.community.general.read_csv_module>` to read CSV files. Sometimes you need to convert strings to CSV files instead. For this, the ``from_csv`` filter exists.
+
+.. code-block:: yaml+jinja
+
+    - name: "Parse CSV from string"
+      debug:
+        msg: "{{ csv_string | community.general.from_csv }}"
+      vars:
+        csv_string: |
+          foo,bar,baz
+          1,2,3
+          you,this,then
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Parse CSV from string] **************************************************************
+    ok: [localhost] => {
+        "msg": [
+            {
+                "bar": "2",
+                "baz": "3",
+                "foo": "1"
+            },
+            {
+                "bar": "this",
+                "baz": "then",
+                "foo": "you"
+            }
+        ]
+    }
+
+The ``from_csv`` filter has several keyword arguments to control its behavior:
+
+:dialect: Dialect of the CSV file. Default is ``excel``. Other possible choices are ``excel-tab`` and ``unix``. If one of ``delimiter``, ``skipinitialspace`` or ``strict`` is specified, ``dialect`` is ignored.
+:fieldnames: A set of column names to use. If not provided, the first line of the CSV is assumed to contain the column names.
+:delimiter: Sets the delimiter to use. Default depends on the dialect used.
+:skipinitialspace: Set to ``true`` to ignore space directly after the delimiter. Default depends on the dialect used (usually ``false``).
+:strict: Set to ``true`` to error out on invalid CSV input.
+
+.. versionadded: 3.0.0
+
+Converting to JSON
+^^^^^^^^^^^^^^^^^^
+
+`JC <https://pypi.org/project/jc/>`_ is a CLI tool and Python library which allows to interpret output of various CLI programs as JSON. It is also available as a filter in community.general. This filter needs the `jc Python library <https://pypi.org/project/jc/>`_ installed on the controller.
+
+.. code-block:: yaml+jinja
+
+    - name: Run 'ls' to list files in /
+      command: ls /
+      register: result
+
+    - name: Parse the ls output
+      debug:
+        msg: "{{ result.stdout | community.general.jc('ls') }}"
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Run 'ls' to list files in /] ********************************************************
+    changed: [localhost]
+
+    TASK [Parse the ls output] ****************************************************************
+    ok: [localhost] => {
+        "msg": [
+            {
+                "filename": "bin"
+            },
+            {
+                "filename": "boot"
+            },
+            {
+                "filename": "dev"
+            },
+            {
+                "filename": "etc"
+            },
+            {
+                "filename": "home"
+            },
+            {
+                "filename": "lib"
+            },
+            {
+                "filename": "proc"
+            },
+            {
+                "filename": "root"
+            },
+            {
+                "filename": "run"
+            },
+            {
+                "filename": "tmp"
+            }
+        ]
+    }
+
+.. versionadded: 2.0.0
--- a/docs/docsite/rst/filter_guide_creating_identifiers.rst
+++ b/docs/docsite/rst/filter_guide_creating_identifiers.rst
@@ -0,0 +1,80 @@
+Creating identifiers
+--------------------
+
+The following filters allow to create identifiers.
+
+Hashids
+^^^^^^^
+
+`Hashids <https://hashids.org/>`_ allow to convert sequences of integers to short unique string identifiers. This filter needs the `hashids Python library <https://pypi.org/project/hashids/>`_ installed on the controller.
+
+.. code-block:: yaml+jinja
+
+    - name: "Create hashid"
+      debug:
+        msg: "{{ [1234, 5, 6] | community.general.hashids_encode }}"
+
+    - name: "Decode hashid"
+      debug:
+        msg: "{{ 'jm2Cytn' | community.general.hashids_decode }}"
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Create hashid] **********************************************************************
+    ok: [localhost] => {
+        "msg": "jm2Cytn"
+    }
+
+    TASK [Decode hashid] **********************************************************************
+    ok: [localhost] => {
+        "msg": [
+            1234,
+            5,
+            6
+        ]
+    }
+
+The hashids filters accept keyword arguments to allow fine-tuning the hashids generated:
+
+:salt: String to use as salt when hashing.
+:alphabet: String of 16 or more unique characters to produce a hash.
+:min_length: Minimum length of hash produced.
+
+.. versionadded: 3.0.0
+
+Random MACs
+^^^^^^^^^^^
+
+You can use the ``random_mac`` filter to complete a partial `MAC address <https://en.wikipedia.org/wiki/MAC_address>`_ to a random 6-byte MAC address.
+
+.. code-block:: yaml+jinja
+
+    - name: "Create a random MAC starting with ff:"
+      debug:
+        msg: "{{ 'FF' | community.general.random_mac }}"
+
+    - name: "Create a random MAC starting with 00:11:22:"
+      debug:
+        msg: "{{ '00:11:22' | community.general.random_mac }}"
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Create a random MAC starting with ff:] **********************************************
+    ok: [localhost] => {
+        "msg": "ff:69:d3:78:7f:b4"
+    }
+
+    TASK [Create a random MAC starting with 00:11:22:] ****************************************
+    ok: [localhost] => {
+        "msg": "00:11:22:71:5d:3b"
+    }
+
+You can also initialize the random number generator from a seed to create random-but-idempotent MAC addresses:
+
+.. code-block:: yaml+jinja
+
+    "{{ '52:54:00' | community.general.random_mac(seed=inventory_hostname) }}"
--- a/docs/docsite/rst/filter_guide_paths.rst
+++ b/docs/docsite/rst/filter_guide_paths.rst
@@ -0,0 +1,14 @@
+Paths
+-----
+
+The ``path_join`` filter has been added in ansible-base 2.10. If you want to use this filter, but also need to support Ansible 2.9, you can use ``community.general``'s ``path_join`` shim, ``community.general.path_join``. This filter redirects to ``path_join`` for ansible-base 2.10 and ansible-core 2.11 or newer, and re-implements the filter for Ansible 2.9.
+
+.. code-block:: yaml+jinja
+
+    # ansible-base 2.10 or newer:
+    path: {{ ('/etc', path, 'subdir', file) | path_join }}
+
+    # Also works with Ansible 2.9:
+    path: {{ ('/etc', path, 'subdir', file) | community.general.path_join }}
+
+.. versionadded:: 3.0.0
--- a/docs/docsite/rst/filter_guide_selecting_json_data.rst
+++ b/docs/docsite/rst/filter_guide_selecting_json_data.rst
@@ -0,0 +1,144 @@
+.. _ansible_collections.community.general.docsite.json_query_filter:
+
+Selecting JSON data: JSON queries
+---------------------------------
+
+To select a single element or a data subset from a complex data structure in JSON format (for example, Ansible facts), use the ``json_query`` filter.  The ``json_query`` filter lets you query a complex JSON structure and iterate over it using a loop structure.
+
+.. note:: You must manually install the **jmespath** dependency on the Ansible controller before using this filter. This filter is built upon **jmespath**, and you can use the same syntax. For examples, see `jmespath examples <http://jmespath.org/examples.html>`_.
+
+Consider this data structure:
+
+.. code-block:: yaml+jinja
+
+    {
+        "domain_definition": {
+            "domain": {
+                "cluster": [
+                    {
+                        "name": "cluster1"
+                    },
+                    {
+                        "name": "cluster2"
+                    }
+                ],
+                "server": [
+                    {
+                        "name": "server11",
+                        "cluster": "cluster1",
+                        "port": "8080"
+                    },
+                    {
+                        "name": "server12",
+                        "cluster": "cluster1",
+                        "port": "8090"
+                    },
+                    {
+                        "name": "server21",
+                        "cluster": "cluster2",
+                        "port": "9080"
+                    },
+                    {
+                        "name": "server22",
+                        "cluster": "cluster2",
+                        "port": "9090"
+                    }
+                ],
+                "library": [
+                    {
+                        "name": "lib1",
+                        "target": "cluster1"
+                    },
+                    {
+                        "name": "lib2",
+                        "target": "cluster2"
+                    }
+                ]
+            }
+        }
+    }
+
+To extract all clusters from this structure, you can use the following query:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all cluster names
+      ansible.builtin.debug:
+        var: item
+      loop: "{{ domain_definition | community.general.json_query('domain.cluster[*].name') }}"
+
+To extract all server names:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all server names
+      ansible.builtin.debug:
+        var: item
+      loop: "{{ domain_definition | community.general.json_query('domain.server[*].name') }}"
+
+To extract ports from cluster1:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all ports from cluster1
+      ansible.builtin.debug:
+        var: item
+      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
+      vars:
+        server_name_cluster1_query: "domain.server[?cluster=='cluster1'].port"
+
+.. note:: You can use a variable to make the query more readable.
+
+To print out the ports from cluster1 in a comma separated string:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all ports from cluster1 as a string
+      ansible.builtin.debug:
+        msg: "{{ domain_definition | community.general.json_query('domain.server[?cluster==`cluster1`].port') | join(', ') }}"
+
+.. note:: In the example above, quoting literals using backticks avoids escaping quotes and maintains readability.
+
+You can use YAML `single quote escaping <https://yaml.org/spec/current.html#id2534365>`_:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all ports from cluster1
+      ansible.builtin.debug:
+        var: item
+      loop: "{{ domain_definition | community.general.json_query('domain.server[?cluster==''cluster1''].port') }}"
+
+.. note:: Escaping single quotes within single quotes in YAML is done by doubling the single quote.
+
+To get a hash map with all ports and names of a cluster:
+
+.. code-block:: yaml+jinja
+
+    - name: Display all server ports and names from cluster1
+      ansible.builtin.debug:
+        var: item
+      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
+      vars:
+        server_name_cluster1_query: "domain.server[?cluster=='cluster2'].{name: name, port: port}"
+
+To extract ports from all clusters with name starting with 'server1':
+
+.. code-block:: yaml+jinja
+
+    - name: Display all ports from cluster1
+      ansible.builtin.debug:
+        msg: "{{ domain_definition | to_json | from_json | community.general.json_query(server_name_query) }}"
+      vars:
+        server_name_query: "domain.server[?starts_with(name,'server1')].port"
+
+To extract ports from all clusters with name containing 'server1':
+
+.. code-block:: yaml+jinja
+
+    - name: Display all ports from cluster1
+      ansible.builtin.debug:
+        msg: "{{ domain_definition | to_json | from_json | community.general.json_query(server_name_query) }}"
+      vars:
+        server_name_query: "domain.server[?contains(name,'server1')].port"
+
+.. note:: while using ``starts_with`` and ``contains``, you have to use `` to_json | from_json `` filter for correct parsing of data structure.
--- a/docs/docsite/rst/filter_guide_working_with_times.rst
+++ b/docs/docsite/rst/filter_guide_working_with_times.rst
@@ -0,0 +1,84 @@
+Working with times
+------------------
+
+The ``to_time_unit`` filter allows to convert times from a human-readable string to a unit. For example, ``'4h 30min 12second' | community.general.to_time_unit('hour')`` gives the number of hours that correspond to 4 hours, 30 minutes and 12 seconds.
+
+There are shorthands to directly convert to various units, like ``to_hours``, ``to_minutes``, ``to_seconds``, and so on. The following table lists all units that can be used:
+
+.. list-table:: Units
+   :widths: 25 25 25 25
+   :header-rows: 1
+
+   * - Unit name
+     - Unit value in seconds
+     - Unit strings for filter
+     - Shorthand filter
+   * - Millisecond
+     - 1/1000 second
+     - ``ms``, ``millisecond``, ``milliseconds``, ``msec``, ``msecs``, ``msecond``, ``mseconds``
+     - ``to_milliseconds``
+   * - Second
+     - 1 second
+     - ``s``, ``sec``, ``secs``, ``second``, ``seconds``
+     - ``to_seconds``
+   * - Minute
+     - 60 seconds
+     - ``m``, ``min``, ``mins``, ``minute``, ``minutes``
+     - ``to_minutes``
+   * - Hour
+     - 60*60 seconds
+     - ``h``, ``hour``, ``hours``
+     - ``to_hours``
+   * - Day
+     - 24*60*60 seconds
+     - ``d``, ``day``, ``days``
+     - ``to_days``
+   * - Week
+     - 7*24*60*60 seconds
+     - ``w``, ``week``, ``weeks``
+     - ``to_weeks``
+   * - Month
+     - 30*24*60*60 seconds
+     - ``mo``, ``month``, ``months``
+     - ``to_months``
+   * - Year
+     - 365*24*60*60 seconds
+     - ``y``, ``year``, ``years``
+     - ``to_years``
+
+Note that months and years are using a simplified representation: a month is 30 days, and a year is 365 days. If you need different definitions of months or years, you can pass them as keyword arguments. For example, if you want a year to be 365.25 days, and a month to be 30.5 days, you can write ``'11months 4' | community.general.to_years(year=365.25, month=30.5)``. These keyword arguments can be specified to ``to_time_unit`` and to all shorthand filters.
+
+.. code-block:: yaml+jinja
+
+    - name: Convert string to seconds
+      debug:
+        msg: "{{ '30h 20m 10s 123ms' | community.general.to_time_unit('seconds') }}"
+
+    - name: Convert string to hours
+      debug:
+        msg: "{{ '30h 20m 10s 123ms' | community.general.to_hours }}"
+
+    - name: Convert string to years (using 365.25 days == 1 year)
+      debug:
+        msg: "{{ '400d 15h' | community.general.to_years(year=365.25) }}"
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Convert string to seconds] **********************************************************
+    ok: [localhost] => {
+        "msg": "109210.123"
+    }
+
+    TASK [Convert string to hours] ************************************************************
+    ok: [localhost] => {
+        "msg": "30.336145277778"
+    }
+
+    TASK [Convert string to years (using 365.25 days == 1 year)] ******************************
+    ok: [localhost] => {
+        "msg": "1.096851471595"
+    }
+
+.. versionadded: 0.2.0
--- a/docs/docsite/rst/filter_guide_working_with_unicode.rst
+++ b/docs/docsite/rst/filter_guide_working_with_unicode.rst
@@ -0,0 +1,30 @@
+Working with Unicode
+---------------------
+
+`Unicode <https://unicode.org/main.html>`_ makes it possible to produce two strings which may be visually equivalent, but are comprised of distinctly different characters/character sequences. To address this ``Unicode`` defines `normalization forms <https://unicode.org/reports/tr15/>`_ which avoid these distinctions by choosing a unique character sequence for a given visual representation.
+
+You can use the ``community.general.unicode_normalize`` filter to normalize ``Unicode`` strings within your playbooks.
+
+.. code-block:: yaml+jinja
+
+    - name: Compare Unicode representations
+      debug:
+        msg: "{{ with_combining_character | community.general.unicode_normalize == without_combining_character }}"
+      vars:
+        with_combining_character: "{{ 'Mayagu\u0308ez' }}"
+        without_combining_character: Mayagüez
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Compare Unicode representations] ********************************************************
+    ok: [localhost] => {
+        "msg": true
+    }
+
+The ``community.general.unicode_normalize`` filter accepts a keyword argument to select the ``Unicode`` form used to normalize the input string.
+
+:form: One of ``'NFC'`` (default), ``'NFD'``, ``'NFKC'``, or ``'NFKD'``. See the `Unicode reference <https://unicode.org/reports/tr15/>`_ for more information.
+
+.. versionadded:: 3.7.0
--- a/docs/docsite/rst/filter_guide_working_with_versions.rst
+++ b/docs/docsite/rst/filter_guide_working_with_versions.rst
@@ -0,0 +1,34 @@
+Working with versions
+---------------------
+
+If you need to sort a list of version numbers, the Jinja ``sort`` filter is problematic. Since it sorts lexicographically, ``2.10`` will come before ``2.9``. To treat version numbers correctly, you can use the ``version_sort`` filter:
+
+.. code-block:: yaml+jinja
+
+    - name: Sort list by version number
+      debug:
+        var: ansible_versions | community.general.version_sort
+      vars:
+        ansible_versions:
+          - '2.8.0'
+          - '2.11.0'
+          - '2.7.0'
+          - '2.10.0'
+          - '2.9.0'
+
+This produces:
+
+.. code-block:: ansible-output
+
+    TASK [Sort list by version number] ********************************************************
+    ok: [localhost] => {
+        "ansible_versions | community.general.version_sort": [
+            "2.7.0",
+            "2.8.0",
+            "2.9.0",
+            "2.10.0",
+            "2.11.0"
+        ]
+    }
+
+.. versionadded: 2.2.0
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -1,6 +1,6 @@
 namespace: community
 name: general
-version: 4.1.0
+version: 4.8.0
 readme: README.md
 authors:
  - Ansible (https://github.com/ansible)
--- a/plugins/cache/memcached.py
+++ b/plugins/cache/memcached.py
@@ -20,6 +20,7 @@ DOCUMENTATION = '''
          - List of connection information for the memcached DBs
        default: ['127.0.0.1:11211']
        type: list
+        elements: string
        env:
          - name: ANSIBLE_CACHE_PLUGIN_CONNECTION
        ini:
--- a/plugins/callback/mail.py
+++ b/plugins/callback/mail.py
@@ -11,14 +11,16 @@ name: mail
 type: notification
 short_description: Sends failure events via email
 description:
- This callback will report failures via email
+- This callback will report failures via email.
 author:
 - Dag Wieers (@dagwieers)
 requirements:
 - whitelisting in configuration
 options:
  mta:
-    description: Mail Transfer Agent, server that accepts SMTP
+    description:
+        - Mail Transfer Agent, server that accepts SMTP.
+    type: str
    env:
        - name: SMTPHOST
    ini:
@@ -26,39 +28,53 @@ options:
          key: smtphost
    default: localhost
  mtaport:
-    description: Mail Transfer Agent Port, port at which server SMTP
+    description:
+        - Mail Transfer Agent Port.
+        - Port at which server SMTP.
+    type: int
    ini:
        - section: callback_mail
          key: smtpport
    default: 25
  to:
-    description: Mail recipient
+    description:
+        - Mail recipient.
+    type: list
+    elements: str
    ini:
        - section: callback_mail
          key: to
-    default: root
+    default: [root]
  sender:
-    description: Mail sender
+    description:
+        - Mail sender.
+        - Note that this will be required from community.general 6.0.0 on.
+    type: str
    ini:
        - section: callback_mail
          key: sender
  cc:
-    description: CC'd recipient
+    description:
+        - CC'd recipients.
+    type: list
+    elements: str
    ini:
        - section: callback_mail
          key: cc
  bcc:
-    description: BCC'd recipient
+    description:
+        - BCC'd recipients.
+    type: list
+    elements: str
    ini:
        - section: callback_mail
          key: bcc
-notes:
- "TODO: expand configuration options now that plugins can leverage Ansible's configuration"
 '''

 import json
 import os
 import re
+import email.utils
 import smtplib

 from ansible.module_utils.six import string_types
@@ -88,9 +104,13 @@ class CallbackModule(CallbackBase):
        super(CallbackModule, self).set_options(task_keys=task_keys, var_options=var_options, direct=direct)

        self.sender = self.get_option('sender')
+        if self.sender is None:
+            self._display.deprecated(
+                'The sender for the mail callback has not been specified. This will be an error in the future',
+                version='6.0.0', collection_name='community.general')
        self.to = self.get_option('to')
        self.smtphost = self.get_option('mta')
-        self.smtpport = int(self.get_option('mtaport'))
+        self.smtpport = self.get_option('mtaport')
        self.cc = self.get_option('cc')
        self.bcc = self.get_option('bcc')

@@ -100,28 +120,34 @@ class CallbackModule(CallbackBase):

        smtp = smtplib.SMTP(self.smtphost, port=self.smtpport)

-        b_sender = to_bytes(self.sender)
-        b_to = to_bytes(self.to)
-        b_cc = to_bytes(self.cc)
-        b_bcc = to_bytes(self.bcc)
-        b_subject = to_bytes(subject)
-        b_body = to_bytes(body)
-
-        b_content = b'From: %s\n' % b_sender
-        b_content += b'To: %s\n' % b_to
+        sender_address = email.utils.parseaddr(self.sender)
+        if self.to:
+            to_addresses = email.utils.getaddresses(self.to)
        if self.cc:
-            b_content += b'Cc: %s\n' % b_cc
-        b_content += b'Subject: %s\n\n' % b_subject
-        b_content += b_body
-
-        b_addresses = b_to.split(b',')
-        if self.cc:
-            b_addresses += b_cc.split(b',')
+            cc_addresses = email.utils.getaddresses(self.cc)
        if self.bcc:
-            b_addresses += b_bcc.split(b',')
+            bcc_addresses = email.utils.getaddresses(self.bcc)

-        for b_address in b_addresses:
-            smtp.sendmail(b_sender, b_address, b_content)
+        content = 'Date: %s\n' % email.utils.formatdate()
+        content += 'From: %s\n' % email.utils.formataddr(sender_address)
+        if self.to:
+            content += 'To: %s\n' % ', '.join([email.utils.formataddr(pair) for pair in to_addresses])
+        if self.cc:
+            content += 'Cc: %s\n' % ', '.join([email.utils.formataddr(pair) for pair in cc_addresses])
+        content += 'Message-ID: %s\n' % email.utils.make_msgid()
+        content += 'Subject: %s\n\n' % subject.strip()
+        content += body
+
+        addresses = to_addresses
+        if self.cc:
+            addresses += cc_addresses
+        if self.bcc:
+            addresses += bcc_addresses
+
+        if not addresses:
+            self._display.warning('No receiver has been specified for the mail callback plugin.')
+
+        smtp.sendmail(self.sender, [address for name, address in addresses], to_bytes(content))

        smtp.quit()

--- a/plugins/callback/nrdp.py
+++ b/plugins/callback/nrdp.py
@@ -70,6 +70,7 @@ import os
 import json

 from ansible.module_utils.six.moves.urllib.parse import urlencode
+from ansible.module_utils.common.text.converters import to_bytes
 from ansible.module_utils.urls import open_url
 from ansible.plugins.callback import CallbackBase

@@ -143,7 +144,7 @@ class CallbackModule(CallbackBase):
        body = {
            'cmd': 'submitcheck',
            'token': self.token,
-            'XMLDATA': bytes(xmldata)
+            'XMLDATA': to_bytes(xmldata)
        }

        try:
--- a/plugins/callback/opentelemetry.py
+++ b/plugins/callback/opentelemetry.py
@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 # (C) 2021, Victor Martinez <VictorMartinezRubio@gmail.com>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

@@ -267,6 +268,8 @@ class OpenTelemetrySource(object):
            elif host_data.status == 'skipped':
                message = res['skip_reason'] if 'skip_reason' in res else 'skipped'
                status = Status(status_code=StatusCode.UNSET)
+            elif host_data.status == 'ignored':
+                status = Status(status_code=StatusCode.UNSET)

        span.set_status(status)
        if isinstance(task_data.args, dict) and "gather_facts" not in task_data.action:
@@ -316,9 +319,9 @@ class OpenTelemetrySource(object):
    @staticmethod
    def url_from_args(args):
        # the order matters
-        url_args = ("url", "api_url", "baseurl", "repo", "server_url", "chart_repo_url")
+        url_args = ("url", "api_url", "baseurl", "repo", "server_url", "chart_repo_url", "registry_url", "endpoint", "uri", "updates_url")
        for arg in url_args:
-            if args.get(arg):
+            if args is not None and args.get(arg):
                return args.get(arg)
        return ""

@@ -462,10 +465,15 @@ class CallbackModule(CallbackBase):
        )

    def v2_runner_on_failed(self, result, ignore_errors=False):
-        self.errors += 1
+        if ignore_errors:
+            status = 'ignored'
+        else:
+            status = 'failed'
+            self.errors += 1
+
        self.opentelemetry.finish_task(
            self.tasks_data,
-            'failed',
+            status,
            result
        )

--- a/plugins/callback/say.py
+++ b/plugins/callback/say.py
@@ -21,11 +21,11 @@ DOCUMENTATION = '''
      - In 2.8, this callback has been renamed from C(osx_say) into M(community.general.say).
 '''

-import distutils.spawn
 import platform
 import subprocess
 import os

+from ansible.module_utils.common.process import get_bin_path
 from ansible.plugins.callback import CallbackBase


@@ -47,21 +47,24 @@ class CallbackModule(CallbackBase):
        self.HAPPY_VOICE = None
        self.LASER_VOICE = None

-        self.synthesizer = distutils.spawn.find_executable('say')
-        if not self.synthesizer:
-            self.synthesizer = distutils.spawn.find_executable('espeak')
-            if self.synthesizer:
+        try:
+            self.synthesizer = get_bin_path('say')
+            if platform.system() != 'Darwin':
+                # 'say' binary available, it might be GNUstep tool which doesn't support 'voice' parameter
+                self._display.warning("'say' executable found but system is '%s': ignoring voice parameter" % platform.system())
+            else:
+                self.FAILED_VOICE = 'Zarvox'
+                self.REGULAR_VOICE = 'Trinoids'
+                self.HAPPY_VOICE = 'Cellos'
+                self.LASER_VOICE = 'Princess'
+        except ValueError:
+            try:
+                self.synthesizer = get_bin_path('espeak')
                self.FAILED_VOICE = 'klatt'
                self.HAPPY_VOICE = 'f5'
                self.LASER_VOICE = 'whisper'
-        elif platform.system() != 'Darwin':
-            # 'say' binary available, it might be GNUstep tool which doesn't support 'voice' parameter
-            self._display.warning("'say' executable found but system is '%s': ignoring voice parameter" % platform.system())
-        else:
-            self.FAILED_VOICE = 'Zarvox'
-            self.REGULAR_VOICE = 'Trinoids'
-            self.HAPPY_VOICE = 'Cellos'
-            self.LASER_VOICE = 'Princess'
+            except ValueError:
+                self.synthesizer = None

        # plugin disable itself if say is not present
        # ansible will not call any callback if disabled is set to True
--- a/plugins/callback/syslog_json.py
+++ b/plugins/callback/syslog_json.py
@@ -41,6 +41,16 @@ DOCUMENTATION = '''
        ini:
          - section: callback_syslog_json
            key: syslog_facility
+      setup:
+        description: Log setup tasks.
+        env:
+          - name: ANSIBLE_SYSLOG_SETUP
+        type: bool
+        default: true
+        ini:
+          - section: callback_syslog_json
+            key: syslog_setup
+        version_added: 4.5.0
 '''

 import os
@@ -86,23 +96,36 @@ class CallbackModule(CallbackBase):
        self.logger.addHandler(self.handler)
        self.hostname = socket.gethostname()

-    def runner_on_failed(self, host, res, ignore_errors=False):
+    def v2_runner_on_failed(self, result, ignore_errors=False):
+        res = result._result
+        host = result._host.get_name()
        self.logger.error('%s ansible-command: task execution FAILED; host: %s; message: %s', self.hostname, host, self._dump_results(res))

-    def runner_on_ok(self, host, res):
-        self.logger.info('%s ansible-command: task execution OK; host: %s; message: %s', self.hostname, host, self._dump_results(res))
+    def v2_runner_on_ok(self, result):
+        res = result._result
+        host = result._host.get_name()
+        if result._task.action != "gather_facts" or self.get_option("setup"):
+            self.logger.info('%s ansible-command: task execution OK; host: %s; message: %s', self.hostname, host, self._dump_results(res))

-    def runner_on_skipped(self, host, item=None):
+    def v2_runner_on_skipped(self, result):
+        host = result._host.get_name()
        self.logger.info('%s ansible-command: task execution SKIPPED; host: %s; message: %s', self.hostname, host, 'skipped')

-    def runner_on_unreachable(self, host, res):
+    def v2_runner_on_unreachable(self, result):
+        res = result._result
+        host = result._host.get_name()
        self.logger.error('%s ansible-command: task execution UNREACHABLE; host: %s; message: %s', self.hostname, host, self._dump_results(res))

-    def runner_on_async_failed(self, host, res, jid):
+    def v2_runner_on_async_failed(self, result):
+        res = result._result
+        host = result._host.get_name()
+        jid = result._result.get('ansible_job_id')
        self.logger.error('%s ansible-command: task execution FAILED; host: %s; message: %s', self.hostname, host, self._dump_results(res))

-    def playbook_on_import_for_host(self, host, imported_file):
+    def v2_playbook_on_import_for_host(self, result, imported_file):
+        host = result._host.get_name()
        self.logger.info('%s ansible-command: playbook IMPORTED; host: %s; message: imported file %s', self.hostname, host, imported_file)

-    def playbook_on_not_import_for_host(self, host, missing_file):
+    def v2_playbook_on_not_import_for_host(self, result, missing_file):
+        host = result._host.get_name()
        self.logger.info('%s ansible-command: playbook NOT IMPORTED; host: %s; message: missing file %s', self.hostname, host, missing_file)
--- a/plugins/connection/jail.py
+++ b/plugins/connection/jail.py
@@ -31,7 +31,6 @@ DOCUMENTATION = '''
            - name: ansible_jail_user
 '''

-import distutils.spawn
 import os
 import os.path
 import subprocess
@@ -39,6 +38,7 @@ import traceback

 from ansible.errors import AnsibleError
 from ansible.module_utils.six.moves import shlex_quote
+from ansible.module_utils.common.process import get_bin_path
 from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
 from ansible.plugins.connection import ConnectionBase, BUFSIZE
 from ansible.utils.display import Display
@@ -75,10 +75,10 @@ class Connection(ConnectionBase):

    @staticmethod
    def _search_executable(executable):
-        cmd = distutils.spawn.find_executable(executable)
-        if not cmd:
+        try:
+            return get_bin_path(executable)
+        except ValueError:
            raise AnsibleError("%s command not found in PATH" % executable)
-        return cmd

    def list_jails(self):
        p = subprocess.Popen([self.jls_cmd, '-q', 'name'],
--- a/plugins/connection/lxd.py
+++ b/plugins/connection/lxd.py
@@ -43,10 +43,10 @@ DOCUMENTATION = '''
 '''

 import os
-from distutils.spawn import find_executable
 from subprocess import Popen, PIPE

 from ansible.errors import AnsibleError, AnsibleConnectionFailure, AnsibleFileNotFound
+from ansible.module_utils.common.process import get_bin_path
 from ansible.module_utils.common.text.converters import to_bytes, to_text
 from ansible.plugins.connection import ConnectionBase

@@ -62,9 +62,9 @@ class Connection(ConnectionBase):
        super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)

        self._host = self._play_context.remote_addr
-        self._lxc_cmd = find_executable("lxc")
-
-        if not self._lxc_cmd:
+        try:
+            self._lxc_cmd = get_bin_path("lxc")
+        except ValueError:
            raise AnsibleError("lxc command not found in PATH")

        if self._play_context.remote_user is not None and self._play_context.remote_user != 'root':
@@ -89,9 +89,9 @@ class Connection(ConnectionBase):
            local_cmd.extend(["--project", self.get_option("project")])
        local_cmd.extend([
            "exec",
-            "%s:%s" % (self.get_option("remote"), self._host),
+            "%s:%s" % (self.get_option("remote"), self.get_option("remote_addr")),
            "--",
-            self._play_context.executable, "-c", cmd
+            self.get_option("executable"), "-c", cmd
        ])

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
@@ -126,7 +126,7 @@ class Connection(ConnectionBase):
        local_cmd.extend([
            "file", "push",
            in_path,
-            "%s:%s/%s" % (self.get_option("remote"), self._host, out_path)
+            "%s:%s/%s" % (self.get_option("remote"), self.get_option("remote_addr"), out_path)
        ])

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
@@ -145,7 +145,7 @@ class Connection(ConnectionBase):
            local_cmd.extend(["--project", self.get_option("project")])
        local_cmd.extend([
            "file", "pull",
-            "%s:%s/%s" % (self.get_option("remote"), self._host, in_path),
+            "%s:%s/%s" % (self.get_option("remote"), self.get_option("remote_addr"), in_path),
            out_path
        ])

--- a/plugins/connection/zone.py
+++ b/plugins/connection/zone.py
@@ -26,7 +26,6 @@ DOCUMENTATION = '''
            - name: ansible_zone_host
 '''

-import distutils.spawn
 import os
 import os.path
 import subprocess
@@ -34,6 +33,7 @@ import traceback

 from ansible.errors import AnsibleError
 from ansible.module_utils.six.moves import shlex_quote
+from ansible.module_utils.common.process import get_bin_path
 from ansible.module_utils.common.text.converters import to_bytes
 from ansible.plugins.connection import ConnectionBase, BUFSIZE
 from ansible.utils.display import Display
@@ -64,10 +64,10 @@ class Connection(ConnectionBase):

    @staticmethod
    def _search_executable(executable):
-        cmd = distutils.spawn.find_executable(executable)
-        if not cmd:
+        try:
+            return get_bin_path(executable)
+        except ValueError:
            raise AnsibleError("%s command not found in PATH" % executable)
-        return cmd

    def list_zones(self):
        process = subprocess.Popen([self.zoneadm_cmd, 'list', '-ip'],
--- a/plugins/doc_fragments/gitlab.py
+++ b/plugins/doc_fragments/gitlab.py
@@ -0,0 +1,31 @@
+# -*- coding: utf-8 -*-
+
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+
+class ModuleDocFragment(object):
+
+    # Standard files documentation fragment
+    DOCUMENTATION = r'''
+requirements:
+  - requests (Python library U(https://pypi.org/project/requests/))
+
+options:
+  api_token:
+    description:
+      - GitLab access token with API permissions.
+    type: str
+  api_oauth_token:
+    description:
+      - GitLab OAuth token for logging in.
+    type: str
+    version_added: 4.2.0
+  api_job_token:
+    description:
+      - GitLab CI job token for logging in.
+    type: str
+    version_added: 4.2.0
+'''
--- a/plugins/doc_fragments/keycloak.py
+++ b/plugins/doc_fragments/keycloak.py
@@ -61,4 +61,11 @@ options:
            - Verify TLS certificates (do not disable this in production).
        type: bool
        default: yes
+
+    connection_timeout:
+        description:
+            - Controls the HTTP connections timeout period (in seconds) to Keycloak API.
+        type: int
+        default: 10
+        version_added: 4.5.0
 '''
--- a/plugins/doc_fragments/ldap.py
+++ b/plugins/doc_fragments/ldap.py
@@ -38,8 +38,10 @@ options:
    version_added: 2.0.0
  server_uri:
    description:
-      - A URI to the LDAP server.
+      - The I(server_uri) parameter may be a comma- or whitespace-separated list of URIs containing only the schema, the host, and the port fields.
      - The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location.
+      - Note that when using multiple URIs you cannot determine to which URI your client gets connected.
+      - For URIs containing additional fields, particularly when using commas, behavior is undefined.
    type: str
    default: ldapi:///
  start_tls:
--- a/plugins/filter/counter.py
+++ b/plugins/filter/counter.py
@@ -0,0 +1,36 @@
+# -*- coding: utf-8 -*-
+# Copyright (c) 2021, Remy Keil <remy.keil@gmail.com>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.errors import AnsibleFilterError
+from ansible.module_utils.common._collections_compat import Sequence
+from collections import Counter
+
+
+def counter(sequence):
+    ''' Count elements in a sequence. Returns dict with count result. '''
+    if not isinstance(sequence, Sequence):
+        raise AnsibleFilterError('Argument for community.general.counter must be a sequence (string or list). %s is %s' %
+                                 (sequence, type(sequence)))
+
+    try:
+        result = dict(Counter(sequence))
+    except TypeError as e:
+        raise AnsibleFilterError(
+            "community.general.counter needs a sequence with hashable elements (int, float or str) - %s" % (e)
+        )
+    return result
+
+
+class FilterModule(object):
+    ''' Ansible counter jinja2 filters '''
+
+    def filters(self):
+        filters = {
+            'counter': counter,
+        }
+
+        return filters
--- a/plugins/filter/list.py
+++ b/plugins/filter/list.py
@@ -1,43 +1,113 @@
 # -*- coding: utf-8 -*-
-# Copyright (c) 2020, Vladimir Botka <vbotka@gmail.com>
+# Copyright (c) 2020-2022, Vladimir Botka <vbotka@gmail.com>
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-from ansible.errors import AnsibleError, AnsibleFilterError
+from ansible.errors import AnsibleFilterError
 from ansible.module_utils.six import string_types
 from ansible.module_utils.common._collections_compat import Mapping, Sequence
+from ansible.utils.vars import merge_hash
+from ansible.release import __version__ as ansible_version
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
+
 from collections import defaultdict
 from operator import itemgetter


-def lists_mergeby(l1, l2, index):
-    ''' merge lists by attribute index. Example:
-        - debug: msg="{{ l1|community.general.lists_mergeby(l2, 'index')|list }}" '''
+def merge_hash_wrapper(x, y, recursive=False, list_merge='replace'):
+    ''' Wrapper of the function merge_hash from ansible.utils.vars. Only 2 paramaters are allowed
+        for Ansible 2.9 and lower.'''

-    if not isinstance(l1, Sequence):
-        raise AnsibleFilterError('First argument for community.general.lists_mergeby must be list. %s is %s' %
-                                 (l1, type(l1)))
+    if LooseVersion(ansible_version) < LooseVersion('2.10'):
+        if list_merge != 'replace' or recursive:
+            msg = ("Non default options of list_merge(default=replace) or recursive(default=False) "
+                   "are not allowed in Ansible version 2.9 or lower. Ansible version is %s, "
+                   "recursive=%s, and list_merge=%s.")
+            raise AnsibleFilterError(msg % (ansible_version, recursive, list_merge))
+        else:
+            return merge_hash(x, y)
+    else:
+        return merge_hash(x, y, recursive, list_merge)

-    if not isinstance(l2, Sequence):
-        raise AnsibleFilterError('Second argument for community.general.lists_mergeby must be list. %s is %s' %
-                                 (l2, type(l2)))

-    if not isinstance(index, string_types):
-        raise AnsibleFilterError('Third argument for community.general.lists_mergeby must be string. %s is %s' %
-                                 (index, type(index)))
+def list_mergeby(x, y, index, recursive=False, list_merge='replace'):
+    ''' Merge 2 lists by attribute 'index'. The function merge_hash from ansible.utils.vars is used.
+        This function is used by the function lists_mergeby.
+    '''

    d = defaultdict(dict)
-    for l in (l1, l2):
+    for l in (x, y):
        for elem in l:
            if not isinstance(elem, Mapping):
-                raise AnsibleFilterError('Elements of list arguments for lists_mergeby must be dictionaries. Found {0!r}.'.format(elem))
+                msg = "Elements of list arguments for lists_mergeby must be dictionaries. %s is %s"
+                raise AnsibleFilterError(msg % (elem, type(elem)))
            if index in elem.keys():
-                d[elem[index]].update(elem)
+                d[elem[index]].update(merge_hash_wrapper(d[elem[index]], elem, recursive, list_merge))
    return sorted(d.values(), key=itemgetter(index))


+def lists_mergeby(*terms, **kwargs):
+    ''' Merge 2 or more lists by attribute 'index'. Optional parameters 'recursive' and 'list_merge'
+        control the merging of the lists in values. The function merge_hash from ansible.utils.vars
+        is used. To learn details on how to use the parameters 'recursive' and 'list_merge' see
+        Ansible User's Guide chapter "Using filters to manipulate data" section "Combining
+        hashes/dictionaries".
+
+        Example:
+        - debug:
+            msg: "{{ list1|
+                     community.general.lists_mergeby(list2,
+                                                     'index',
+                                                     recursive=True,
+                                                     list_merge='append')|
+                     list }}"
+    '''
+
+    recursive = kwargs.pop('recursive', False)
+    list_merge = kwargs.pop('list_merge', 'replace')
+    if kwargs:
+        raise AnsibleFilterError("'recursive' and 'list_merge' are the only valid keyword arguments.")
+    if len(terms) < 2:
+        raise AnsibleFilterError("At least one list and index are needed.")
+
+    # allow the user to do `[list1, list2, ...] | lists_mergeby('index')`
+    flat_list = []
+    for sublist in terms[:-1]:
+        if not isinstance(sublist, Sequence):
+            msg = ("All arguments before the argument index for community.general.lists_mergeby "
+                   "must be lists. %s is %s")
+            raise AnsibleFilterError(msg % (sublist, type(sublist)))
+        if len(sublist) > 0:
+            if all(isinstance(l, Sequence) for l in sublist):
+                for item in sublist:
+                    flat_list.append(item)
+            else:
+                flat_list.append(sublist)
+    lists = flat_list
+
+    if not lists:
+        return []
+
+    if len(lists) == 1:
+        return lists[0]
+
+    index = terms[-1]
+
+    if not isinstance(index, string_types):
+        msg = ("First argument after the lists for community.general.lists_mergeby must be string. "
+               "%s is %s")
+        raise AnsibleFilterError(msg % (index, type(index)))
+
+    high_to_low_prio_list_iterator = reversed(lists)
+    result = next(high_to_low_prio_list_iterator)
+    for list in high_to_low_prio_list_iterator:
+        result = list_mergeby(list, result, index, recursive, list_merge)
+
+    return result
+
+
 class FilterModule(object):
    ''' Ansible list filters '''

--- a/plugins/filter/version_sort.py
+++ b/plugins/filter/version_sort.py
@@ -5,7 +5,7 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-from distutils.version import LooseVersion
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion


 def version_sort(value, reverse=False):
--- a/plugins/inventory/cobbler.py
+++ b/plugins/inventory/cobbler.py
@@ -40,13 +40,25 @@ DOCUMENTATION = '''
        type: boolean
        default: no
      exclude_profiles:
-        description: Profiles to exclude from inventory
+        description:
+          - Profiles to exclude from inventory.
+          - Ignored if I(include_profiles) is specified.
        type: list
        default: []
        elements: str
+      include_profiles:
+        description:
+          - Profiles to include from inventory.
+          - If specified, all other profiles will be excluded.
+          - I(exclude_profiles) is ignored if I(include_profiles) is specified.
+        type: list
+        default: []
+        elements: str
+        version_added: 4.4.0
      group_by:
        description: Keys to group hosts by
        type: list
+        elements: string
        default: [ 'mgmt_classes', 'owners', 'status' ]
      group:
        description: Group to place all hosts into
@@ -68,12 +80,10 @@ user: ansible-tester
 password: secure
 '''

-from distutils.version import LooseVersion
 import socket

 from ansible.errors import AnsibleError
-from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
-from ansible.module_utils.common._collections_compat import MutableMapping
+from ansible.module_utils.common.text.converters import to_text
 from ansible.module_utils.six import iteritems
 from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, to_safe_group_name

@@ -95,18 +105,9 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
    NAME = 'community.general.cobbler'

    def __init__(self):
-
        super(InventoryModule, self).__init__()
-
-        # from config
-        self.cobbler_url = None
-        self.exclude_profiles = []  # A list of profiles to exclude
-
-        self.connection = None
-        self.token = None
-
        self.cache_key = None
-        self.use_cache = None
+        self.connection = None

    def verify_file(self, path):
        valid = False
@@ -178,6 +179,12 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
            self.inventory.add_child(group_name, child)
        return group_name

+    def _exclude_profile(self, profile):
+        if self.include_profiles:
+            return profile not in self.include_profiles
+        else:
+            return profile in self.exclude_profiles
+
    def parse(self, inventory, loader, path, cache=True):

        super(InventoryModule, self).parse(inventory, loader, path)
@@ -191,15 +198,16 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
        self.use_cache = cache and self.get_option('cache')

        self.exclude_profiles = self.get_option('exclude_profiles')
+        self.include_profiles = self.get_option('include_profiles')
        self.group_by = self.get_option('group_by')

        for profile in self._get_profiles():
            if profile['parent']:
                self.display.vvvv('Processing profile %s with parent %s\n' % (profile['name'], profile['parent']))
-                if profile['parent'] not in self.exclude_profiles:
+                if not self._exclude_profile(profile['parent']):
                    parent_group_name = self._add_safe_group_name(profile['parent'])
                    self.display.vvvv('Added profile parent group %s\n' % parent_group_name)
-                    if profile['name'] not in self.exclude_profiles:
+                    if not self._exclude_profile(profile['name']):
                        group_name = self._add_safe_group_name(profile['name'])
                        self.display.vvvv('Added profile group %s\n' % group_name)
                        self.inventory.add_child(parent_group_name, group_name)
@@ -211,7 +219,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
                while i < len(profile_elements) - 1:
                    profile_group = '-'.join(profile_elements[0:i + 1])
                    profile_group_child = '-'.join(profile_elements[0:i + 2])
-                    if profile_group in self.exclude_profiles:
+                    if self._exclude_profile(profile_group):
                        self.display.vvvv('Excluding profile %s\n' % profile_group)
                        break
                    group_name = self._add_safe_group_name(profile_group)
@@ -232,7 +240,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
            hostname = host['hostname']  # None
            interfaces = host['interfaces']

-            if host['profile'] in self.exclude_profiles:
+            if self._exclude_profile(host['profile']):
                self.display.vvvv('Excluding host %s in profile %s\n' % (host['name'], host['profile']))
                continue

--- a/plugins/inventory/gitlab_runners.py
+++ b/plugins/inventory/gitlab_runners.py
@@ -35,7 +35,6 @@ DOCUMENTATION = '''
                version_added: 1.0.0
            type: str
            required: true
-            default: https://gitlab.com
        api_token:
            description: GitLab token for logging in.
            env:
--- a/plugins/inventory/icinga2.py
+++ b/plugins/inventory/icinga2.py
@@ -16,7 +16,17 @@ DOCUMENTATION = '''
        - Get inventory hosts from the Icinga2 API.
        - "Uses a configuration file as an inventory source, it must end in
          C(.icinga2.yml) or C(.icinga2.yaml)."
+    extends_documentation_fragment:
+        - constructed
    options:
+      strict:
+        version_added: 4.4.0
+      compose:
+        version_added: 4.4.0
+      groups:
+        version_added: 4.4.0
+      keyed_groups:
+        version_added: 4.4.0
      plugin:
        description: Name of the plugin.
        required: true
@@ -35,13 +45,23 @@ DOCUMENTATION = '''
        type: string
        required: true
      host_filter:
-        description: An Icinga2 API valid host filter.
+        description:
+          - An Icinga2 API valid host filter. Leave blank for no filtering
        type: string
        required: false
      validate_certs:
        description: Enables or disables SSL certificate verification.
        type: boolean
        default: true
+      inventory_attr:
+        description:
+          - Allows the override of the inventory name based on different attributes.
+          - This allows for changing the way limits are used.
+          - The current default, C(address), is sometimes not unique or present. We recommend to use C(name) instead.
+        type: string
+        default: address
+        choices: ['name', 'display_name', 'address']
+        version_added: 4.2.0
 '''

 EXAMPLES = r'''
@@ -52,6 +72,21 @@ user: ansible
 password: secure
 host_filter: \"linux-servers\" in host.groups
 validate_certs: false
+inventory_attr: name
+groups:
+  # simple name matching
+  webservers: inventory_hostname.startswith('web')
+
+  # using icinga2 template
+  databaseservers: "'db-template' in (icinga2_attributes.templates|list)"
+
+compose:
+  # set all icinga2 attributes to a host variable 'icinga2_attrs'
+  icinga2_attrs: icinga2_attributes
+
+  # set 'ansible_user' and 'ansible_port' from icinga2 host vars
+  ansible_user: icinga2_attributes.vars.ansible_user
+  ansible_port: icinga2_attributes.vars.ansible_port | default(22)
 '''

 import json
@@ -59,6 +94,7 @@ import json
 from ansible.errors import AnsibleParserError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible.module_utils.urls import open_url
+from ansible.module_utils.six.moves.urllib.error import HTTPError


 class InventoryModule(BaseInventoryPlugin, Constructable):
@@ -76,6 +112,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        self.icinga2_password = None
        self.ssl_verify = None
        self.host_filter = None
+        self.inventory_attr = None

        self.cache_key = None
        self.use_cache = None
@@ -114,9 +151,21 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        if data is not None:
            request_args['data'] = json.dumps(data)
        self.display.vvv("Request Args: %s" % request_args)
-        response = open_url(request_url, **request_args)
+        try:
+            response = open_url(request_url, **request_args)
+        except HTTPError as e:
+            try:
+                error_body = json.loads(e.read().decode())
+                self.display.vvv("Error returned: {0}".format(error_body))
+            except Exception:
+                error_body = {"status": None}
+            if e.code == 404 and error_body.get('status') == "No objects found.":
+                raise AnsibleParserError("Host filter returned no data. Please confirm your host_filter value is valid")
+            raise AnsibleParserError("Unexpected data returned: {0} -- {1}".format(e, error_body))
+
        response_body = response.read()
        json_data = json.loads(response_body.decode('utf-8'))
+        self.display.vvv("Returned Data: %s" % json.dumps(json_data, indent=4, sort_keys=True))
        if 200 <= response.status <= 299:
            return json_data
        if response.status == 404 and json_data['status'] == "No objects found.":
@@ -155,7 +204,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        """Query for all hosts """
        self.display.vvv("Querying Icinga2 for inventory")
        query_args = {
-            "attrs": ["address", "state_type", "state", "groups"],
+            "attrs": ["address", "address6", "name", "display_name", "state_type", "state", "templates", "groups", "vars", "zone"],
        }
        if self.host_filter is not None:
            query_args['host_filter'] = self.host_filter
@@ -165,6 +214,12 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        ansible_inv = self._convert_inv(results_json)
        return ansible_inv

+    def _apply_constructable(self, name, variables):
+        strict = self.get_option('strict')
+        self._add_host_to_composed_groups(self.get_option('groups'), variables, name, strict=strict)
+        self._add_host_to_keyed_groups(self.get_option('keyed_groups'), variables, name, strict=strict)
+        self._set_composite_vars(self.get_option('compose'), variables, name, strict=strict)
+
    def _populate(self):
        groups = self._to_json(self.get_inventory_from_icinga())
        return groups
@@ -177,25 +232,40 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        """Convert Icinga2 API data to JSON format for Ansible"""
        groups_dict = {"_meta": {"hostvars": {}}}
        for entry in json_data:
-            host_name = entry['name']
            host_attrs = entry['attrs']
+            if self.inventory_attr == "name":
+                host_name = entry.get('name')
+            if self.inventory_attr == "address":
+                # When looking for address for inventory, if missing fallback to object name
+                if host_attrs.get('address', '') != '':
+                    host_name = host_attrs.get('address')
+                else:
+                    host_name = entry.get('name')
+            if self.inventory_attr == "display_name":
+                host_name = host_attrs.get('display_name')
            if host_attrs['state'] == 0:
                host_attrs['state'] = 'on'
            else:
                host_attrs['state'] = 'off'
-            host_groups = host_attrs['groups']
-            host_addr = host_attrs['address']
-            self.inventory.add_host(host_addr)
+            host_groups = host_attrs.get('groups')
+            self.inventory.add_host(host_name)
            for group in host_groups:
                if group not in self.inventory.groups.keys():
                    self.inventory.add_group(group)
-                self.inventory.add_child(group, host_addr)
-            self.inventory.set_variable(host_addr, 'address', host_addr)
-            self.inventory.set_variable(host_addr, 'hostname', host_name)
-            self.inventory.set_variable(host_addr, 'state',
+                self.inventory.add_child(group, host_name)
+            # If the address attribute is populated, override ansible_host with the value
+            if host_attrs.get('address') != '':
+                self.inventory.set_variable(host_name, 'ansible_host', host_attrs.get('address'))
+            self.inventory.set_variable(host_name, 'hostname', entry.get('name'))
+            self.inventory.set_variable(host_name, 'display_name', host_attrs.get('display_name'))
+            self.inventory.set_variable(host_name, 'state',
                                        host_attrs['state'])
-            self.inventory.set_variable(host_addr, 'state_type',
+            self.inventory.set_variable(host_name, 'state_type',
                                        host_attrs['state_type'])
+            # Adds all attributes to a variable 'icinga2_attributes'
+            construct_vars = dict(self.inventory.get_host(host_name).get_vars())
+            construct_vars['icinga2_attributes'] = host_attrs
+            self._apply_constructable(host_name, construct_vars)
        return groups_dict

    def parse(self, inventory, loader, path, cache=True):
@@ -211,6 +281,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        self.icinga2_password = self.get_option('password')
        self.ssl_verify = self.get_option('validate_certs')
        self.host_filter = self.get_option('host_filter')
+        self.inventory_attr = self.get_option('inventory_attr')
        # Not currently enabled
        # self.cache_key = self.get_cache_key(path)
        # self.use_cache = cache and self.get_option('cache')
--- a/plugins/inventory/linode.py
+++ b/plugins/inventory/linode.py
@@ -21,7 +21,18 @@ DOCUMENTATION = r'''
          Linode) and not tags.
    extends_documentation_fragment:
        - constructed
+        - inventory_cache
    options:
+        cache:
+            version_added: 4.5.0
+        cache_plugin:
+            version_added: 4.5.0
+        cache_timeout:
+            version_added: 4.5.0
+        cache_connection:
+            version_added: 4.5.0
+        cache_prefix:
+            version_added: 4.5.0
        plugin:
            description: Marks this as an instance of the 'linode' plugin.
            required: true
@@ -43,15 +54,18 @@ DOCUMENTATION = r'''
          description: Populate inventory with instances in this region.
          default: []
          type: list
+          elements: string
        tags:
          description: Populate inventory only with instances which have at least one of the tags listed here.
          default: []
          type: list
+          elements: string
          version_added: 2.0.0
        types:
          description: Populate inventory with instances with this type.
          default: []
          type: list
+          elements: string
        strict:
          version_added: 2.0.0
        compose:
@@ -66,6 +80,12 @@ EXAMPLES = r'''
 # Minimal example. `LINODE_ACCESS_TOKEN` is exposed in environment.
 plugin: community.general.linode

+# You can use Jinja to template the access token.
+plugin: community.general.linode
+access_token: "{{ lookup('ini', 'token', section='your_username', file='~/.config/linode-cli') }}"
+# For older Ansible versions, you need to write this as:
+# access_token: "{{ lookup('ini', 'token section=your_username file=~/.config/linode-cli') }}"
+
 # Example with regions, types, groups and access token
 plugin: community.general.linode
 access_token: foobar
@@ -104,25 +124,31 @@ import os

 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.module_utils.six import string_types
-from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
+from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
+from ansible.template import Templar


 try:
    from linode_api4 import LinodeClient
+    from linode_api4.objects.linode import Instance
    from linode_api4.errors import ApiError as LinodeApiError
    HAS_LINODE = True
 except ImportError:
    HAS_LINODE = False


-class InventoryModule(BaseInventoryPlugin, Constructable):
+class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

    NAME = 'community.general.linode'

-    def _build_client(self):
+    def _build_client(self, loader):
        """Build the Linode client."""

+        t = Templar(loader=loader)
+
        access_token = self.get_option('access_token')
+        if t.is_template(access_token):
+            access_token = t.template(variable=access_token, disable_lookups=False)

        if access_token is None:
            try:
@@ -158,20 +184,23 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        for linode_group in self.linode_groups:
            self.inventory.add_group(linode_group)

-    def _filter_by_config(self, regions, types, tags):
+    def _filter_by_config(self):
        """Filter instances by user specified configuration."""
+        regions = self.get_option('regions')
        if regions:
            self.instances = [
                instance for instance in self.instances
                if instance.region.id in regions
            ]

+        types = self.get_option('types')
        if types:
            self.instances = [
                instance for instance in self.instances
                if instance.type.id in types
            ]

+        tags = self.get_option('tags')
        if tags:
            self.instances = [
                instance for instance in self.instances
@@ -224,76 +253,13 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
            )
        return data

-    def _validate_option(self, name, desired_type, option_value):
-        """Validate user specified configuration data against types."""
-        if isinstance(option_value, string_types) and desired_type == list:
-            option_value = [option_value]
-
-        if option_value is None:
-            option_value = desired_type()
-
-        if not isinstance(option_value, desired_type):
-            raise AnsibleParserError(
-                'The option %s (%s) must be a %s' % (
-                    name, option_value, desired_type
-                )
-            )
-
-        return option_value
-
-    def _get_query_options(self, config_data):
-        """Get user specified query options from the configuration."""
-        options = {
-            'regions': {
-                'type_to_be': list,
-                'value': config_data.get('regions', [])
-            },
-            'types': {
-                'type_to_be': list,
-                'value': config_data.get('types', [])
-            },
-            'tags': {
-                'type_to_be': list,
-                'value': config_data.get('tags', [])
-            },
-        }
-
-        for name in options:
-            options[name]['value'] = self._validate_option(
-                name,
-                options[name]['type_to_be'],
-                options[name]['value']
-            )
-
-        regions = options['regions']['value']
-        types = options['types']['value']
-        tags = options['tags']['value']
-
-        return regions, types, tags
-
-    def verify_file(self, path):
-        """Verify the Linode configuration file."""
-        if super(InventoryModule, self).verify_file(path):
-            endings = ('linode.yaml', 'linode.yml')
-            if any((path.endswith(ending) for ending in endings)):
-                return True
-        return False
-
-    def parse(self, inventory, loader, path, cache=True):
-        """Dynamically parse Linode the cloud inventory."""
-        super(InventoryModule, self).parse(inventory, loader, path)
-
-        if not HAS_LINODE:
-            raise AnsibleError('the Linode dynamic inventory plugin requires linode_api4.')
-
-        config_data = self._read_config_data(path)
-        self._build_client()
-
-        self._get_instances_inventory()
+    def _cacheable_inventory(self):
+        return [i._raw_json for i in self.instances]

+    def populate(self):
        strict = self.get_option('strict')
-        regions, types, tags = self._get_query_options(config_data)
-        self._filter_by_config(regions, types, tags)
+
+        self._filter_by_config()

        self._add_groups()
        self._add_instances_to_groups()
@@ -315,3 +281,44 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
                variables,
                instance.label,
                strict=strict)
+
+    def verify_file(self, path):
+        """Verify the Linode configuration file."""
+        if super(InventoryModule, self).verify_file(path):
+            endings = ('linode.yaml', 'linode.yml')
+            if any((path.endswith(ending) for ending in endings)):
+                return True
+        return False
+
+    def parse(self, inventory, loader, path, cache=True):
+        """Dynamically parse Linode the cloud inventory."""
+        super(InventoryModule, self).parse(inventory, loader, path)
+        self.instances = None
+
+        if not HAS_LINODE:
+            raise AnsibleError('the Linode dynamic inventory plugin requires linode_api4.')
+
+        self._read_config_data(path)
+
+        cache_key = self.get_cache_key(path)
+
+        if cache:
+            cache = self.get_option('cache')
+
+        update_cache = False
+        if cache:
+            try:
+                self.instances = [Instance(None, i["id"], i) for i in self._cache[cache_key]]
+            except KeyError:
+                update_cache = True
+
+        # Check for None rather than False in order to allow
+        # for empty sets of cached instances
+        if self.instances is None:
+            self._build_client(loader)
+            self._get_instances_inventory()
+
+        if update_cache:
+            self._cache[cache_key] = self._cacheable_inventory()
+
+        self.populate()
--- a/plugins/inventory/lxd.py
+++ b/plugins/inventory/lxd.py
@@ -15,6 +15,7 @@ DOCUMENTATION = r'''
    author: "Frank Dornheim (@conloos)"
    requirements:
        - ipaddress
+        - lxd >= 4.0
    options:
        plugin:
            description: Token that ensures this is a source file for the 'lxd' plugin.
@@ -49,26 +50,38 @@ DOCUMENTATION = r'''
            - If I(trust_password) is set, this module send a request for authentication before sending any requests.
            type: str
        state:
-            description: Filter the container according to the current status.
+            description: Filter the instance according to the current status.
            type: str
            default: none
            choices: [ 'STOPPED', 'STARTING', 'RUNNING', 'none' ]
-        prefered_container_network_interface:
+        type_filter:
            description:
-            - If a container has multiple network interfaces, select which one is the prefered as pattern.
+            - Filter the instances by type C(virtual-machine), C(container) or C(both).
+            - The first version of the inventory only supported containers.
+            type: str
+            default: container
+            choices: [ 'virtual-machine', 'container', 'both' ]
+            version_added: 4.2.0
+        prefered_instance_network_interface:
+            description:
+            - If an instance has multiple network interfaces, select which one is the prefered as pattern.
            - Combined with the first number that can be found e.g. 'eth' + 0.
+            - The option has been renamed from I(prefered_container_network_interface) to I(prefered_instance_network_interface) in community.general 3.8.0.
+              The old name still works as an alias.
            type: str
            default: eth
-        prefered_container_network_family:
+            aliases:
+              - prefered_container_network_interface
+        prefered_instance_network_family:
            description:
-            - If a container has multiple network interfaces, which one is the prefered by family.
+            - If an instance has multiple network interfaces, which one is the prefered by family.
            - Specify C(inet) for IPv4 and C(inet6) for IPv6.
            type: str
            default: inet
            choices: [ 'inet', 'inet6' ]
        groupby:
            description:
-            - Create groups by the following keywords C(location), C(pattern), C(network_range), C(os), C(release), C(profile), C(vlanid).
+            - Create groups by the following keywords C(location), C(network_range), C(os), C(pattern), C(profile), C(release), C(type), C(vlanid).
            - See example for syntax.
            type: dict
 '''
@@ -83,38 +96,49 @@ plugin: community.general.lxd
 url: unix:/var/snap/lxd/common/lxd/unix.socket
 state: RUNNING

+# simple lxd.yml including virtual machines and containers
+plugin: community.general.lxd
+url: unix:/var/snap/lxd/common/lxd/unix.socket
+type_filter: both
+
 # grouping lxd.yml
 groupby:
-  testpattern:
-    type: pattern
-    attribute: test
-  vlan666:
-    type: vlanid
-    attribute: 666
  locationBerlin:
    type: location
    attribute: Berlin
-  osUbuntu:
-    type: os
-    attribute: ubuntu
-  releaseFocal:
-    type: release
-    attribute: focal
-  releaseBionic:
-    type: release
-    attribute: bionic
-  profileDefault:
-    type: profile
-    attribute: default
-  profileX11:
-    type: profile
-    attribute: x11
  netRangeIPv4:
    type: network_range
    attribute: 10.98.143.0/24
  netRangeIPv6:
    type: network_range
    attribute: fd42:bd00:7b11:2167:216:3eff::/24
+  osUbuntu:
+    type: os
+    attribute: ubuntu
+  testpattern:
+    type: pattern
+    attribute: test
+  profileDefault:
+    type: profile
+    attribute: default
+  profileX11:
+    type: profile
+    attribute: x11
+  releaseFocal:
+    type: release
+    attribute: focal
+  releaseBionic:
+    type: release
+    attribute: bionic
+  typeVM:
+    type: type
+    attribute: virtual-machine
+  typeContainer:
+    type: type
+    attribute: container
+  vlan666:
+    type: vlanid
+    attribute: 666
 '''

 import binascii
@@ -283,10 +307,10 @@ class InventoryModule(BaseInventoryPlugin):
        network_configs = self.socket.do('GET', '/1.0/networks')
        return [m.split('/')[3] for m in network_configs['metadata']]

-    def _get_containers(self):
-        """Get Containernames
+    def _get_instances(self):
+        """Get instancenames

-        Returns all containernames
+        Returns all instancenames

        Args:
            None
@@ -295,25 +319,27 @@ class InventoryModule(BaseInventoryPlugin):
        Raises:
            None
        Returns:
-            list(names): names of all containers"""
-        # e.g. {'type': 'sync',
-        #       'status': 'Success',
-        #       'status_code': 200,
-        #       'operation': '',
-        #       'error_code': 0,
-        #       'error': '',
-        #       'metadata': ['/1.0/containers/udemy-ansible-ubuntu-2004']}
-        containers = self.socket.do('GET', '/1.0/containers')
-        return [m.split('/')[3] for m in containers['metadata']]
+            list(names): names of all instances"""
+        # e.g. {
+        #        "metadata": [
+        #          "/1.0/instances/foo",
+        #          "/1.0/instances/bar"
+        #        ],
+        #        "status": "Success",
+        #        "status_code": 200,
+        #        "type": "sync"
+        #      }
+        instances = self.socket.do('GET', '/1.0/instances')
+        return [m.split('/')[3] for m in instances['metadata']]

    def _get_config(self, branch, name):
-        """Get inventory of container
+        """Get inventory of instance

-        Get config of container
+        Get config of instance

        Args:
            str(branch): Name oft the API-Branch
-            str(name): Name of Container
+            str(name): Name of instance
        Kwargs:
            None
        Source:
@@ -321,7 +347,7 @@ class InventoryModule(BaseInventoryPlugin):
        Raises:
            None
        Returns:
-            dict(config): Config of the container"""
+            dict(config): Config of the instance"""
        config = {}
        if isinstance(branch, (tuple, list)):
            config[name] = {branch[1]: self.socket.do('GET', '/1.0/{0}/{1}/{2}'.format(to_native(branch[0]), to_native(name), to_native(branch[1])))}
@@ -329,13 +355,13 @@ class InventoryModule(BaseInventoryPlugin):
            config[name] = {branch: self.socket.do('GET', '/1.0/{0}/{1}'.format(to_native(branch), to_native(name)))}
        return config

-    def get_container_data(self, names):
-        """Create Inventory of the container
+    def get_instance_data(self, names):
+        """Create Inventory of the instance

-        Iterate through the different branches of the containers and collect Informations.
+        Iterate through the different branches of the instances and collect Informations.

        Args:
-            list(names): List of container names
+            list(names): List of instance names
        Kwargs:
            None
        Raises:
@@ -344,20 +370,20 @@ class InventoryModule(BaseInventoryPlugin):
            None"""
        # tuple(('instances','metadata/templates')) to get section in branch
        # e.g. /1.0/instances/<name>/metadata/templates
-        branches = ['containers', ('instances', 'state')]
-        container_config = {}
+        branches = ['instances', ('instances', 'state')]
+        instance_config = {}
        for branch in branches:
            for name in names:
-                container_config['containers'] = self._get_config(branch, name)
-                self.data = dict_merge(container_config, self.data)
+                instance_config['instances'] = self._get_config(branch, name)
+                self.data = dict_merge(instance_config, self.data)

    def get_network_data(self, names):
-        """Create Inventory of the container
+        """Create Inventory of the instance

-        Iterate through the different branches of the containers and collect Informations.
+        Iterate through the different branches of the instances and collect Informations.

        Args:
-            list(names): List of container names
+            list(names): List of instance names
        Kwargs:
            None
        Raises:
@@ -376,26 +402,26 @@ class InventoryModule(BaseInventoryPlugin):
                    network_config['networks'] = {name: None}
                self.data = dict_merge(network_config, self.data)

-    def extract_network_information_from_container_config(self, container_name):
+    def extract_network_information_from_instance_config(self, instance_name):
        """Returns the network interface configuration

-        Returns the network ipv4 and ipv6 config of the container without local-link
+        Returns the network ipv4 and ipv6 config of the instance without local-link

        Args:
-            str(container_name): Name oft he container
+            str(instance_name): Name oft he instance
        Kwargs:
            None
        Raises:
            None
        Returns:
            dict(network_configuration): network config"""
-        container_network_interfaces = self._get_data_entry('containers/{0}/state/metadata/network'.format(container_name))
+        instance_network_interfaces = self._get_data_entry('instances/{0}/state/metadata/network'.format(instance_name))
        network_configuration = None
-        if container_network_interfaces:
+        if instance_network_interfaces:
            network_configuration = {}
-            gen_interface_names = [interface_name for interface_name in container_network_interfaces if interface_name != 'lo']
+            gen_interface_names = [interface_name for interface_name in instance_network_interfaces if interface_name != 'lo']
            for interface_name in gen_interface_names:
-                gen_address = [address for address in container_network_interfaces[interface_name]['addresses'] if address.get('scope') != 'link']
+                gen_address = [address for address in instance_network_interfaces[interface_name]['addresses'] if address.get('scope') != 'link']
                network_configuration[interface_name] = []
                for address in gen_address:
                    address_set = {}
@@ -406,24 +432,24 @@ class InventoryModule(BaseInventoryPlugin):
                    network_configuration[interface_name].append(address_set)
        return network_configuration

-    def get_prefered_container_network_interface(self, container_name):
-        """Helper to get the prefered interface of thr container
+    def get_prefered_instance_network_interface(self, instance_name):
+        """Helper to get the prefered interface of thr instance

-        Helper to get the prefered interface provide by neme pattern from 'prefered_container_network_interface'.
+        Helper to get the prefered interface provide by neme pattern from 'prefered_instance_network_interface'.

        Args:
-            str(containe_name): name of container
+            str(containe_name): name of instance
        Kwargs:
            None
        Raises:
            None
        Returns:
            str(prefered_interface): None or interface name"""
-        container_network_interfaces = self._get_data_entry('inventory/{0}/network_interfaces'.format(container_name))
+        instance_network_interfaces = self._get_data_entry('inventory/{0}/network_interfaces'.format(instance_name))
        prefered_interface = None  # init
-        if container_network_interfaces:  # container have network interfaces
+        if instance_network_interfaces:  # instance have network interfaces
            # generator if interfaces which start with the desired pattern
-            net_generator = [interface for interface in container_network_interfaces if interface.startswith(self.prefered_container_network_interface)]
+            net_generator = [interface for interface in instance_network_interfaces if interface.startswith(self.prefered_instance_network_interface)]
            selected_interfaces = []  # init
            for interface in net_generator:
                selected_interfaces.append(interface)
@@ -431,13 +457,13 @@ class InventoryModule(BaseInventoryPlugin):
                prefered_interface = sorted(selected_interfaces)[0]
        return prefered_interface

-    def get_container_vlans(self, container_name):
-        """Get VLAN(s) from container
+    def get_instance_vlans(self, instance_name):
+        """Get VLAN(s) from instance

-        Helper to get the VLAN_ID from the container
+        Helper to get the VLAN_ID from the instance

        Args:
-            str(containe_name): name of container
+            str(containe_name): name of instance
        Kwargs:
            None
        Raises:
@@ -450,13 +476,13 @@ class InventoryModule(BaseInventoryPlugin):
            if self._get_data_entry('state/metadata/vlan/vid', data=self.data['networks'].get(network)):
                network_vlans[network] = self._get_data_entry('state/metadata/vlan/vid', data=self.data['networks'].get(network))

-        # get networkdevices of container and return
+        # get networkdevices of instance and return
        # e.g.
        # "eth0":{ "name":"eth0",
        #          "network":"lxdbr0",
        #          "type":"nic"},
        vlan_ids = {}
-        devices = self._get_data_entry('containers/{0}/containers/metadata/expanded_devices'.format(to_native(container_name)))
+        devices = self._get_data_entry('instances/{0}/instances/metadata/expanded_devices'.format(to_native(instance_name)))
        for device in devices:
            if 'network' in devices[device]:
                if devices[device]['network'] in network_vlans:
@@ -492,14 +518,14 @@ class InventoryModule(BaseInventoryPlugin):
        except KeyError:
            return None

-    def _set_data_entry(self, container_name, key, value, path=None):
+    def _set_data_entry(self, instance_name, key, value, path=None):
        """Helper to save data

        Helper to save the data in self.data
        Detect if data is allready in branch and use dict_merge() to prevent that branch is overwritten.

        Args:
-            str(container_name): name of container
+            str(instance_name): name of instance
            str(key): same as dict
            *(value): same as dict
        Kwargs:
@@ -510,24 +536,24 @@ class InventoryModule(BaseInventoryPlugin):
            None"""
        if not path:
            path = self.data['inventory']
-        if container_name not in path:
-            path[container_name] = {}
+        if instance_name not in path:
+            path[instance_name] = {}

        try:
-            if isinstance(value, dict) and key in path[container_name]:
-                path[container_name] = dict_merge(value, path[container_name][key])
+            if isinstance(value, dict) and key in path[instance_name]:
+                path[instance_name] = dict_merge(value, path[instance_name][key])
            else:
-                path[container_name][key] = value
+                path[instance_name][key] = value
        except KeyError as err:
            raise AnsibleParserError("Unable to store Informations: {0}".format(to_native(err)))

-    def extract_information_from_container_configs(self):
+    def extract_information_from_instance_configs(self):
        """Process configuration information

        Preparation of the data

        Args:
-            dict(configs): Container configurations
+            dict(configs): instance configurations
        Kwargs:
            None
        Raises:
@@ -538,33 +564,35 @@ class InventoryModule(BaseInventoryPlugin):
        if 'inventory' not in self.data:
            self.data['inventory'] = {}

-        for container_name in self.data['containers']:
-            self._set_data_entry(container_name, 'os', self._get_data_entry(
-                'containers/{0}/containers/metadata/config/image.os'.format(container_name)))
-            self._set_data_entry(container_name, 'release', self._get_data_entry(
-                'containers/{0}/containers/metadata/config/image.release'.format(container_name)))
-            self._set_data_entry(container_name, 'version', self._get_data_entry(
-                'containers/{0}/containers/metadata/config/image.version'.format(container_name)))
-            self._set_data_entry(container_name, 'profile', self._get_data_entry(
-                'containers/{0}/containers/metadata/profiles'.format(container_name)))
-            self._set_data_entry(container_name, 'location', self._get_data_entry(
-                'containers/{0}/containers/metadata/location'.format(container_name)))
-            self._set_data_entry(container_name, 'state', self._get_data_entry(
-                'containers/{0}/containers/metadata/config/volatile.last_state.power'.format(container_name)))
-            self._set_data_entry(container_name, 'network_interfaces', self.extract_network_information_from_container_config(container_name))
-            self._set_data_entry(container_name, 'preferred_interface', self.get_prefered_container_network_interface(container_name))
-            self._set_data_entry(container_name, 'vlan_ids', self.get_container_vlans(container_name))
+        for instance_name in self.data['instances']:
+            self._set_data_entry(instance_name, 'os', self._get_data_entry(
+                'instances/{0}/instances/metadata/config/image.os'.format(instance_name)))
+            self._set_data_entry(instance_name, 'release', self._get_data_entry(
+                'instances/{0}/instances/metadata/config/image.release'.format(instance_name)))
+            self._set_data_entry(instance_name, 'version', self._get_data_entry(
+                'instances/{0}/instances/metadata/config/image.version'.format(instance_name)))
+            self._set_data_entry(instance_name, 'profile', self._get_data_entry(
+                'instances/{0}/instances/metadata/profiles'.format(instance_name)))
+            self._set_data_entry(instance_name, 'location', self._get_data_entry(
+                'instances/{0}/instances/metadata/location'.format(instance_name)))
+            self._set_data_entry(instance_name, 'state', self._get_data_entry(
+                'instances/{0}/instances/metadata/config/volatile.last_state.power'.format(instance_name)))
+            self._set_data_entry(instance_name, 'type', self._get_data_entry(
+                'instances/{0}/instances/metadata/type'.format(instance_name)))
+            self._set_data_entry(instance_name, 'network_interfaces', self.extract_network_information_from_instance_config(instance_name))
+            self._set_data_entry(instance_name, 'preferred_interface', self.get_prefered_instance_network_interface(instance_name))
+            self._set_data_entry(instance_name, 'vlan_ids', self.get_instance_vlans(instance_name))

-    def build_inventory_network(self, container_name):
-        """Add the network interfaces of the container to the inventory
+    def build_inventory_network(self, instance_name):
+        """Add the network interfaces of the instance to the inventory

        Logic:
-            - if the container have no interface -> 'ansible_connection: local'
-            - get preferred_interface & prefered_container_network_family -> 'ansible_connection: ssh' & 'ansible_host: <IP>'
-            - first Interface from: network_interfaces prefered_container_network_family -> 'ansible_connection: ssh' & 'ansible_host: <IP>'
+            - if the instance have no interface -> 'ansible_connection: local'
+            - get preferred_interface & prefered_instance_network_family -> 'ansible_connection: ssh' & 'ansible_host: <IP>'
+            - first Interface from: network_interfaces prefered_instance_network_family -> 'ansible_connection: ssh' & 'ansible_host: <IP>'

        Args:
-            str(container_name): name of container
+            str(instance_name): name of instance
        Kwargs:
            None
        Raises:
@@ -572,45 +600,45 @@ class InventoryModule(BaseInventoryPlugin):
        Returns:
            None"""

-        def interface_selection(container_name):
-            """Select container Interface for inventory
+        def interface_selection(instance_name):
+            """Select instance Interface for inventory

            Logic:
-                - get preferred_interface & prefered_container_network_family -> str(IP)
-                - first Interface from: network_interfaces prefered_container_network_family -> str(IP)
+                - get preferred_interface & prefered_instance_network_family -> str(IP)
+                - first Interface from: network_interfaces prefered_instance_network_family -> str(IP)

            Args:
-                str(container_name): name of container
+                str(instance_name): name of instance
            Kwargs:
                None
            Raises:
                None
            Returns:
                dict(interface_name: ip)"""
-            prefered_interface = self._get_data_entry('inventory/{0}/preferred_interface'.format(container_name))  # name or None
-            prefered_container_network_family = self.prefered_container_network_family
+            prefered_interface = self._get_data_entry('inventory/{0}/preferred_interface'.format(instance_name))  # name or None
+            prefered_instance_network_family = self.prefered_instance_network_family

            ip_address = ''
            if prefered_interface:
-                interface = self._get_data_entry('inventory/{0}/network_interfaces/{1}'.format(container_name, prefered_interface))
+                interface = self._get_data_entry('inventory/{0}/network_interfaces/{1}'.format(instance_name, prefered_interface))
                for config in interface:
-                    if config['family'] == prefered_container_network_family:
+                    if config['family'] == prefered_instance_network_family:
                        ip_address = config['address']
                        break
            else:
-                interface = self._get_data_entry('inventory/{0}/network_interfaces'.format(container_name))
-                for config in interface:
-                    if config['family'] == prefered_container_network_family:
-                        ip_address = config['address']
-                        break
+                interfaces = self._get_data_entry('inventory/{0}/network_interfaces'.format(instance_name))
+                for interface in interfaces.values():
+                    for config in interface:
+                        if config['family'] == prefered_instance_network_family:
+                            ip_address = config['address']
+                            break
            return ip_address

-        if self._get_data_entry('inventory/{0}/network_interfaces'.format(container_name)):  # container have network interfaces
-            if self._get_data_entry('inventory/{0}/preferred_interface'.format(container_name)):  # container have a preferred interface
-                self.inventory.set_variable(container_name, 'ansible_connection', 'ssh')
-                self.inventory.set_variable(container_name, 'ansible_host', interface_selection(container_name))
+        if self._get_data_entry('inventory/{0}/network_interfaces'.format(instance_name)):  # instance have network interfaces
+            self.inventory.set_variable(instance_name, 'ansible_connection', 'ssh')
+            self.inventory.set_variable(instance_name, 'ansible_host', interface_selection(instance_name))
        else:
-            self.inventory.set_variable(container_name, 'ansible_connection', 'local')
+            self.inventory.set_variable(instance_name, 'ansible_connection', 'local')

    def build_inventory_hosts(self):
        """Build host-part dynamic inventory
@@ -626,29 +654,37 @@ class InventoryModule(BaseInventoryPlugin):
            None
        Returns:
            None"""
-        for container_name in self.data['inventory']:
-            # Only consider containers that match the "state" filter, if self.state is not None
+        for instance_name in self.data['inventory']:
+            instance_state = str(self._get_data_entry('inventory/{0}/state'.format(instance_name)) or "STOPPED").lower()
+
+            # Only consider instances that match the "state" filter, if self.state is not None
            if self.filter:
-                if self.filter.lower() != self._get_data_entry('inventory/{0}/state'.format(container_name)).lower():
+                if self.filter.lower() != instance_state:
                    continue
-            # add container
-            self.inventory.add_host(container_name)
+            # add instance
+            self.inventory.add_host(instance_name)
            # add network informations
-            self.build_inventory_network(container_name)
+            self.build_inventory_network(instance_name)
            # add os
-            self.inventory.set_variable(container_name, 'ansible_lxd_os', self._get_data_entry('inventory/{0}/os'.format(container_name)).lower())
+            v = self._get_data_entry('inventory/{0}/os'.format(instance_name))
+            if v:
+                self.inventory.set_variable(instance_name, 'ansible_lxd_os', v.lower())
            # add release
-            self.inventory.set_variable(container_name, 'ansible_lxd_release', self._get_data_entry('inventory/{0}/release'.format(container_name)).lower())
+            v = self._get_data_entry('inventory/{0}/release'.format(instance_name))
+            if v:
+                self.inventory.set_variable(instance_name, 'ansible_lxd_release', v.lower())
            # add profile
-            self.inventory.set_variable(container_name, 'ansible_lxd_profile', self._get_data_entry('inventory/{0}/profile'.format(container_name)))
+            self.inventory.set_variable(instance_name, 'ansible_lxd_profile', self._get_data_entry('inventory/{0}/profile'.format(instance_name)))
            # add state
-            self.inventory.set_variable(container_name, 'ansible_lxd_state', self._get_data_entry('inventory/{0}/state'.format(container_name)).lower())
+            self.inventory.set_variable(instance_name, 'ansible_lxd_state', instance_state)
+            # add type
+            self.inventory.set_variable(instance_name, 'ansible_lxd_type', self._get_data_entry('inventory/{0}/type'.format(instance_name)))
            # add location information
-            if self._get_data_entry('inventory/{0}/location'.format(container_name)) != "none":  # wrong type by lxd 'none' != 'None'
-                self.inventory.set_variable(container_name, 'ansible_lxd_location', self._get_data_entry('inventory/{0}/location'.format(container_name)))
+            if self._get_data_entry('inventory/{0}/location'.format(instance_name)) != "none":  # wrong type by lxd 'none' != 'None'
+                self.inventory.set_variable(instance_name, 'ansible_lxd_location', self._get_data_entry('inventory/{0}/location'.format(instance_name)))
            # add VLAN_ID information
-            if self._get_data_entry('inventory/{0}/vlan_ids'.format(container_name)):
-                self.inventory.set_variable(container_name, 'ansible_lxd_vlan_ids', self._get_data_entry('inventory/{0}/vlan_ids'.format(container_name)))
+            if self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)):
+                self.inventory.set_variable(instance_name, 'ansible_lxd_vlan_ids', self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)))

    def build_inventory_groups_location(self, group_name):
        """create group by attribute: location
@@ -665,9 +701,9 @@ class InventoryModule(BaseInventoryPlugin):
        if group_name not in self.inventory.groups:
            self.inventory.add_group(group_name)

-        for container_name in self.inventory.hosts:
-            if 'ansible_lxd_location' in self.inventory.get_host(container_name).get_vars():
-                self.inventory.add_child(group_name, container_name)
+        for instance_name in self.inventory.hosts:
+            if 'ansible_lxd_location' in self.inventory.get_host(instance_name).get_vars():
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups_pattern(self, group_name):
        """create group by name pattern
@@ -686,10 +722,10 @@ class InventoryModule(BaseInventoryPlugin):

        regex_pattern = self.groupby[group_name].get('attribute')

-        for container_name in self.inventory.hosts:
-            result = re.search(regex_pattern, container_name)
+        for instance_name in self.inventory.hosts:
+            result = re.search(regex_pattern, instance_name)
            if result:
-                self.inventory.add_child(group_name, container_name)
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups_network_range(self, group_name):
        """check if IP is in network-class
@@ -712,14 +748,14 @@ class InventoryModule(BaseInventoryPlugin):
            raise AnsibleParserError(
                'Error while parsing network range {0}: {1}'.format(self.groupby[group_name].get('attribute'), to_native(err)))

-        for container_name in self.inventory.hosts:
-            if self.data['inventory'][container_name].get('network_interfaces') is not None:
-                for interface in self.data['inventory'][container_name].get('network_interfaces'):
-                    for interface_family in self.data['inventory'][container_name].get('network_interfaces')[interface]:
+        for instance_name in self.inventory.hosts:
+            if self.data['inventory'][instance_name].get('network_interfaces') is not None:
+                for interface in self.data['inventory'][instance_name].get('network_interfaces'):
+                    for interface_family in self.data['inventory'][instance_name].get('network_interfaces')[interface]:
                        try:
                            address = ipaddress.ip_address(to_text(interface_family['address']))
                            if address.version == network.version and address in network:
-                                self.inventory.add_child(group_name, container_name)
+                                self.inventory.add_child(group_name, instance_name)
                        except ValueError:
                            # Ignore invalid IP addresses returned by lxd
                            pass
@@ -730,7 +766,7 @@ class InventoryModule(BaseInventoryPlugin):
        Args:
            str(group_name): Group name
        Kwargs:
-            Noneself.data['inventory'][container_name][interface]
+            None
        Raises:
            None
        Returns:
@@ -739,12 +775,12 @@ class InventoryModule(BaseInventoryPlugin):
        if group_name not in self.inventory.groups:
            self.inventory.add_group(group_name)

-        gen_containers = [
-            container_name for container_name in self.inventory.hosts
-            if 'ansible_lxd_os' in self.inventory.get_host(container_name).get_vars()]
-        for container_name in gen_containers:
-            if self.groupby[group_name].get('attribute').lower() == self.inventory.get_host(container_name).get_vars().get('ansible_lxd_os'):
-                self.inventory.add_child(group_name, container_name)
+        gen_instances = [
+            instance_name for instance_name in self.inventory.hosts
+            if 'ansible_lxd_os' in self.inventory.get_host(instance_name).get_vars()]
+        for instance_name in gen_instances:
+            if self.groupby[group_name].get('attribute').lower() == self.inventory.get_host(instance_name).get_vars().get('ansible_lxd_os'):
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups_release(self, group_name):
        """create group by attribute: release
@@ -761,12 +797,12 @@ class InventoryModule(BaseInventoryPlugin):
        if group_name not in self.inventory.groups:
            self.inventory.add_group(group_name)

-        gen_containers = [
-            container_name for container_name in self.inventory.hosts
-            if 'ansible_lxd_release' in self.inventory.get_host(container_name).get_vars()]
-        for container_name in gen_containers:
-            if self.groupby[group_name].get('attribute').lower() == self.inventory.get_host(container_name).get_vars().get('ansible_lxd_release'):
-                self.inventory.add_child(group_name, container_name)
+        gen_instances = [
+            instance_name for instance_name in self.inventory.hosts
+            if 'ansible_lxd_release' in self.inventory.get_host(instance_name).get_vars()]
+        for instance_name in gen_instances:
+            if self.groupby[group_name].get('attribute').lower() == self.inventory.get_host(instance_name).get_vars().get('ansible_lxd_release'):
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups_profile(self, group_name):
        """create group by attribute: profile
@@ -783,12 +819,12 @@ class InventoryModule(BaseInventoryPlugin):
        if group_name not in self.inventory.groups:
            self.inventory.add_group(group_name)

-        gen_containers = [
-            container_name for container_name in self.inventory.hosts.keys()
-            if 'ansible_lxd_profile' in self.inventory.get_host(container_name).get_vars().keys()]
-        for container_name in gen_containers:
-            if self.groupby[group_name].get('attribute').lower() in self.inventory.get_host(container_name).get_vars().get('ansible_lxd_profile'):
-                self.inventory.add_child(group_name, container_name)
+        gen_instances = [
+            instance_name for instance_name in self.inventory.hosts.keys()
+            if 'ansible_lxd_profile' in self.inventory.get_host(instance_name).get_vars().keys()]
+        for instance_name in gen_instances:
+            if self.groupby[group_name].get('attribute').lower() in self.inventory.get_host(instance_name).get_vars().get('ansible_lxd_profile'):
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups_vlanid(self, group_name):
        """create group by attribute: vlanid
@@ -805,12 +841,34 @@ class InventoryModule(BaseInventoryPlugin):
        if group_name not in self.inventory.groups:
            self.inventory.add_group(group_name)

-        gen_containers = [
-            container_name for container_name in self.inventory.hosts.keys()
-            if 'ansible_lxd_vlan_ids' in self.inventory.get_host(container_name).get_vars().keys()]
-        for container_name in gen_containers:
-            if self.groupby[group_name].get('attribute') in self.inventory.get_host(container_name).get_vars().get('ansible_lxd_vlan_ids').values():
-                self.inventory.add_child(group_name, container_name)
+        gen_instances = [
+            instance_name for instance_name in self.inventory.hosts.keys()
+            if 'ansible_lxd_vlan_ids' in self.inventory.get_host(instance_name).get_vars().keys()]
+        for instance_name in gen_instances:
+            if self.groupby[group_name].get('attribute') in self.inventory.get_host(instance_name).get_vars().get('ansible_lxd_vlan_ids').values():
+                self.inventory.add_child(group_name, instance_name)
+
+    def build_inventory_groups_type(self, group_name):
+        """create group by attribute: type
+
+        Args:
+            str(group_name): Group name
+        Kwargs:
+            None
+        Raises:
+            None
+        Returns:
+            None"""
+        # maybe we just want to expand one group
+        if group_name not in self.inventory.groups:
+            self.inventory.add_group(group_name)
+
+        gen_instances = [
+            instance_name for instance_name in self.inventory.hosts
+            if 'ansible_lxd_type' in self.inventory.get_host(instance_name).get_vars()]
+        for instance_name in gen_instances:
+            if self.groupby[group_name].get('attribute').lower() == self.inventory.get_host(instance_name).get_vars().get('ansible_lxd_type'):
+                self.inventory.add_child(group_name, instance_name)

    def build_inventory_groups(self):
        """Build group-part dynamic inventory
@@ -839,6 +897,7 @@ class InventoryModule(BaseInventoryPlugin):
                * 'release'
                * 'profile'
                * 'vlanid'
+                * 'type'

            Args:
                str(group_name): Group name
@@ -864,6 +923,8 @@ class InventoryModule(BaseInventoryPlugin):
                self.build_inventory_groups_profile(group_name)
            elif self.groupby[group_name].get('type') == 'vlanid':
                self.build_inventory_groups_vlanid(group_name)
+            elif self.groupby[group_name].get('type') == 'type':
+                self.build_inventory_groups_type(group_name)
            else:
                raise AnsibleParserError('Unknown group type: {0}'.format(to_native(group_name)))

@@ -890,10 +951,30 @@ class InventoryModule(BaseInventoryPlugin):
        self.build_inventory_hosts()
        self.build_inventory_groups()

+    def cleandata(self):
+        """Clean the dynamic inventory
+
+        The first version of the inventory only supported container.
+        This will change in the future.
+        The following function cleans up the data and remove the all items with the wrong type.
+
+        Args:
+            None
+        Kwargs:
+            None
+        Raises:
+            None
+        Returns:
+            None"""
+        iter_keys = list(self.data['instances'].keys())
+        for instance_name in iter_keys:
+            if self._get_data_entry('instances/{0}/instances/metadata/type'.format(instance_name)) != self.type_filter:
+                del self.data['instances'][instance_name]
+
    def _populate(self):
        """Return the hosts and groups

-        Returns the processed container configurations from the lxd import
+        Returns the processed instance configurations from the lxd import

        Args:
            None
@@ -906,10 +987,16 @@ class InventoryModule(BaseInventoryPlugin):

        if len(self.data) == 0:  # If no data is injected by unittests open socket
            self.socket = self._connect_to_socket()
-            self.get_container_data(self._get_containers())
+            self.get_instance_data(self._get_instances())
            self.get_network_data(self._get_networks())

-        self.extract_information_from_container_configs()
+        # The first version of the inventory only supported containers.
+        # This will change in the future.
+        # The following function cleans up the data.
+        if self.type_filter != 'both':
+            self.cleandata()
+
+        self.extract_information_from_instance_configs()

        # self.display.vvv(self.save_json_data([os.path.abspath(__file__)]))

@@ -948,8 +1035,9 @@ class InventoryModule(BaseInventoryPlugin):
            self.data = {}  # store for inventory-data
            self.groupby = self.get_option('groupby')
            self.plugin = self.get_option('plugin')
-            self.prefered_container_network_family = self.get_option('prefered_container_network_family')
-            self.prefered_container_network_interface = self.get_option('prefered_container_network_interface')
+            self.prefered_instance_network_family = self.get_option('prefered_instance_network_family')
+            self.prefered_instance_network_interface = self.get_option('prefered_instance_network_interface')
+            self.type_filter = self.get_option('type_filter')
            if self.get_option('state').lower() == 'none':  # none in config is str()
                self.filter = None
            else:
--- a/plugins/inventory/nmap.py
+++ b/plugins/inventory/nmap.py
@@ -21,12 +21,18 @@ DOCUMENTATION = '''
            description: token that ensures this is a source file for the 'nmap' plugin.
            required: True
            choices: ['nmap', 'community.general.nmap']
+        sudo:
+            description: Set to C(true) to execute a C(sudo nmap) plugin scan.
+            version_added: 4.8.0
+            default: false
+            type: boolean
        address:
            description: Network IP or range of IPs to scan, you can use a simple range (10.2.2.15-25) or CIDR notation.
            required: True
        exclude:
            description: list of addresses to exclude
            type: list
+            elements: string
        ports:
            description: Enable/disable scanning for open ports
            type: boolean
@@ -48,6 +54,13 @@ EXAMPLES = '''
 plugin: community.general.nmap
 strict: False
 address: 192.168.0.0/24
+
+
+# a sudo nmap scan to fully use nmap scan power.
+plugin: community.general.nmap
+sudo: true
+strict: False
+address: 192.168.0.0/24
 '''

 import os
@@ -134,6 +147,10 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        if not user_cache_setting or cache_needs_update:
            # setup command
            cmd = [self._nmap]
+
+            if self._options['sudo']:
+                cmd.insert(0, 'sudo')
+
            if not self._options['ports']:
                cmd.append('-sP')

--- a/plugins/inventory/online.py
+++ b/plugins/inventory/online.py
@@ -8,7 +8,7 @@ __metaclass__ = type
 DOCUMENTATION = r'''
    name: online
    author:
-      - Remy Leone (@sieben)
+      - Remy Leone (@remyleone)
    short_description: Scaleway (previously Online SAS or Online.net) inventory source
    description:
        - Get inventory hosts from Scaleway (previously Online SAS or Online.net).
@@ -28,6 +28,7 @@ DOCUMENTATION = r'''
        hostnames:
            description: List of preference about what to use as an hostname.
            type: list
+            elements: string
            default:
                - public_ipv4
            choices:
@@ -37,6 +38,7 @@ DOCUMENTATION = r'''
        groups:
            description: List of groups.
            type: list
+            elements: string
            choices:
                - location
                - offer
--- a/plugins/inventory/opennebula.py
+++ b/plugins/inventory/opennebula.py
@@ -95,7 +95,7 @@ except ImportError:

 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
-from ansible.module_utils._text import to_native
+from ansible.module_utils.common.text.converters import to_native

 from collections import namedtuple
 import os
@@ -206,28 +206,40 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
    def _populate(self):
        hostname_preference = self.get_option('hostname')
        group_by_labels = self.get_option('group_by_labels')
+        strict = self.get_option('strict')

        # Add a top group 'one'
        self.inventory.add_group(group='all')

        filter_by_label = self.get_option('filter_by_label')
-        for server in self._retrieve_servers(filter_by_label):
+        servers = self._retrieve_servers(filter_by_label)
+        for server in servers:
+            hostname = server['name']
            # check for labels
            if group_by_labels and server['LABELS']:
                for label in server['LABELS']:
                    self.inventory.add_group(group=label)
-                    self.inventory.add_host(host=server['name'], group=label)
+                    self.inventory.add_host(host=hostname, group=label)

-            self.inventory.add_host(host=server['name'], group='all')
+            self.inventory.add_host(host=hostname, group='all')

            for attribute, value in server.items():
-                self.inventory.set_variable(server['name'], attribute, value)
+                self.inventory.set_variable(hostname, attribute, value)

            if hostname_preference != 'name':
-                self.inventory.set_variable(server['name'], 'ansible_host', server[hostname_preference])
+                self.inventory.set_variable(hostname, 'ansible_host', server[hostname_preference])

            if server.get('SSH_PORT'):
-                self.inventory.set_variable(server['name'], 'ansible_port', server['SSH_PORT'])
+                self.inventory.set_variable(hostname, 'ansible_port', server['SSH_PORT'])
+
+            # handle construcable implementation: get composed variables if any
+            self._set_composite_vars(self.get_option('compose'), server, hostname, strict=strict)
+
+            # groups based on jinja conditionals get added to specific groups
+            self._add_host_to_composed_groups(self.get_option('groups'), server, hostname, strict=strict)
+
+            # groups based on variables associated with them in the inventory
+            self._add_host_to_keyed_groups(self.get_option('keyed_groups'), server, hostname, strict=strict)

    def parse(self, inventory, loader, path, cache=True):
        if not HAS_PYONE:
--- a/plugins/inventory/proxmox.py
+++ b/plugins/inventory/proxmox.py
@@ -3,6 +3,7 @@
 # Copyright (c) 2018 Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 from __future__ import (absolute_import, division, print_function)
+
 __metaclass__ = type

 DOCUMENTATION = '''
@@ -31,6 +32,7 @@ DOCUMENTATION = '''
        description:
          - URL to Proxmox cluster.
          - If the value is not specified in the inventory configuration, the value of environment variable C(PROXMOX_URL) will be used instead.
+          - Since community.general 4.7.0 you can also use templating to specify the value of the I(url).
        default: 'http://localhost:8006'
        type: str
        env:
@@ -40,6 +42,7 @@ DOCUMENTATION = '''
        description:
          - Proxmox authentication user.
          - If the value is not specified in the inventory configuration, the value of environment variable C(PROXMOX_USER) will be used instead.
+          - Since community.general 4.7.0 you can also use templating to specify the value of the I(user).
        required: yes
        type: str
        env:
@@ -49,11 +52,33 @@ DOCUMENTATION = '''
        description:
          - Proxmox authentication password.
          - If the value is not specified in the inventory configuration, the value of environment variable C(PROXMOX_PASSWORD) will be used instead.
-        required: yes
+          - Since community.general 4.7.0 you can also use templating to specify the value of the I(password).
+          - If you do not specify a password, you must set I(token_id) and I(token_secret) instead.
        type: str
        env:
          - name: PROXMOX_PASSWORD
            version_added: 2.0.0
+      token_id:
+        description:
+          - Proxmox authentication token ID.
+          - If the value is not specified in the inventory configuration, the value of environment variable C(PROXMOX_TOKEN_ID) will be used instead.
+          - To use token authentication, you must also specify I(token_secret). If you do not specify I(token_id) and I(token_secret),
+            you must set a password instead.
+          - Make sure to grant explicit pve permissions to the token or disable 'privilege separation' to use the users' privileges instead.
+        version_added: 4.8.0
+        type: str
+        env:
+          - name: PROXMOX_TOKEN_ID
+      token_secret:
+        description:
+          - Proxmox authentication token secret.
+          - If the value is not specified in the inventory configuration, the value of environment variable C(PROXMOX_TOKEN_SECRET) will be used instead.
+          - To use token authentication, you must also specify I(token_id). If you do not specify I(token_id) and I(token_secret),
+            you must set a password instead.
+        version_added: 4.8.0
+        type: str
+        env:
+          - name: PROXMOX_TOKEN_SECRET
      validate_certs:
        description: Verify SSL certificate if using HTTPS.
        type: boolean
@@ -75,8 +100,16 @@ DOCUMENTATION = '''
        description:
          - Whether to set C(ansbile_host) for proxmox nodes.
          - When set to C(true) (default), will use the first available interface. This can be different from what you expect.
-        default: true
+          - This currently defaults to C(true), but the default is deprecated since community.general 4.8.0.
+            The default will change to C(false) in community.general 6.0.0. To avoid a deprecation warning, please
+            set this parameter explicitly.
        type: bool
+      filters:
+        version_added: 4.6.0
+        description: A list of Jinja templates that allow filtering hosts.
+        type: list
+        elements: str
+        default: []
      strict:
        version_added: 2.5.0
      compose:
@@ -94,6 +127,25 @@ EXAMPLES = '''
 plugin: community.general.proxmox
 user: ansible@pve
 password: secure
+# Note that this can easily give you wrong values as ansible_host. See further below for
+# an example where this is set to `false` and where ansible_host is set with `compose`.
+want_proxmox_nodes_ansible_host: true
+
+# Instead of login with password, proxmox supports api token authentication since release 6.2.
+plugin: community.general.proxmox
+user: ci@pve
+token_id: gitlab-1
+token_secret: fa256e9c-26ab-41ec-82da-707a2c079829
+
+# The secret can also be a vault string or passed via the environment variable TOKEN_SECRET.
+token_secret: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          62353634333163633336343265623632626339313032653563653165313262343931643431656138
+          6134333736323265656466646539663134306166666237630a653363623262636663333762316136
+          34616361326263383766366663393837626437316462313332663736623066656237386531663731
+          3037646432383064630a663165303564623338666131353366373630656661333437393937343331
+          32643131386134396336623736393634373936356332623632306561356361323737313663633633
+          6231313333666361656537343562333337323030623732323833

 # More complete example demonstrating the use of 'want_facts' and the constructed options
 # Note that using facts returned by 'want_facts' in constructed options requires 'want_facts=true'
@@ -114,16 +166,53 @@ groups:
  mailservers: "'mail' in (proxmox_tags_parsed|list)"
 compose:
  ansible_port: 2222
+# Note that this can easily give you wrong values as ansible_host. See further below for
+# an example where this is set to `false` and where ansible_host is set with `compose`.
+want_proxmox_nodes_ansible_host: true
+
+# Using the inventory to allow ansible to connect via the first IP address of the VM / Container
+# (Default is connection by name of QEMU/LXC guests)
+# Note: my_inv_var demonstrates how to add a string variable to every host used by the inventory.
+# my.proxmox.yml
+plugin: community.general.proxmox
+url: http://pve.domain.com:8006
+user: ansible@pve
+password: secure
+validate_certs: false
+want_facts: true
+want_proxmox_nodes_ansible_host: false
+compose:
+  ansible_host: proxmox_ipconfig0.ip | default(proxmox_net0.ip) | ipaddr('address')
+  my_inv_var_1: "'my_var1_value'"
+  my_inv_var_2: >
+    "my_var_2_value"
+
+# Specify the url, user and password using templating
+# my.proxmox.yml
+plugin: community.general.proxmox
+url: "{{ lookup('ansible.builtin.ini', 'url', section='proxmox', file='file.ini') }}"
+user: "{{ lookup('ansible.builtin.env','PM_USER') | default('ansible@pve') }}"
+password: "{{ lookup('community.general.random_string', base64=True) }}"
+# Note that this can easily give you wrong values as ansible_host. See further up for
+# an example where this is set to `false` and where ansible_host is set with `compose`.
+want_proxmox_nodes_ansible_host: true
+
 '''

+import itertools
 import re

 from ansible.module_utils.common._collections_compat import MutableMapping
-from distutils.version import LooseVersion

 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
+from ansible.module_utils.common.text.converters import to_native
+from ansible.module_utils.six import string_types
 from ansible.module_utils.six.moves.urllib.parse import urlencode
+from ansible.utils.display import Display
+from ansible.template import Templar
+
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion

 # 3rd party imports
 try:
@@ -134,6 +223,8 @@ try:
 except ImportError:
    HAS_REQUESTS = False

+display = Display()
+

 class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
    ''' Host inventory parser for ansible using Proxmox as source. '''
@@ -170,15 +261,24 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
    def _get_auth(self):
        credentials = urlencode({'username': self.proxmox_user, 'password': self.proxmox_password, })

-        a = self._get_session()
-        ret = a.post('%s/api2/json/access/ticket' % self.proxmox_url, data=credentials)
+        if self.proxmox_password:

-        json = ret.json()
+            credentials = urlencode({'username': self.proxmox_user, 'password': self.proxmox_password, })

-        self.credentials = {
-            'ticket': json['data']['ticket'],
-            'CSRFPreventionToken': json['data']['CSRFPreventionToken'],
-        }
+            a = self._get_session()
+            ret = a.post('%s/api2/json/access/ticket' % self.proxmox_url, data=credentials)
+
+            json = ret.json()
+
+            self.headers = {
+                # only required for POST/PUT/DELETE methods, which we are not using currently
+                # 'CSRFPreventionToken': json['data']['CSRFPreventionToken'],
+                'Cookie': 'PVEAuthCookie={0}'.format(json['data']['ticket'])
+            }
+
+        else:
+
+            self.headers = {'Authorization': 'PVEAPIToken={0}!{1}={2}'.format(self.proxmox_user, self.proxmox_token_id, self.proxmox_token_secret)}

    def _get_json(self, url, ignore_errors=None):

@@ -190,8 +290,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
            data = []
            s = self._get_session()
            while True:
-                headers = {'Cookie': 'PVEAuthCookie={0}'.format(self.credentials['ticket'])}
-                ret = s.get(url, headers=headers)
+                ret = s.get(url, headers=self.headers)
                if ignore_errors and ret.status_code in ignore_errors:
                    break
                ret.raise_for_status()
@@ -274,28 +373,19 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

        return result

-    def _get_vm_config(self, node, vmid, vmtype, name):
+    def _get_vm_config(self, properties, node, vmid, vmtype, name):
        ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/config" % (self.proxmox_url, node, vmtype, vmid))

-        node_key = 'node'
-        node_key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), node_key.lower()))
-        self.inventory.set_variable(name, node_key, node)
-
-        vmid_key = 'vmid'
-        vmid_key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), vmid_key.lower()))
-        self.inventory.set_variable(name, vmid_key, vmid)
-
-        vmtype_key = 'vmtype'
-        vmtype_key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), vmtype_key.lower()))
-        self.inventory.set_variable(name, vmtype_key, vmtype)
+        properties[self._fact('node')] = node
+        properties[self._fact('vmid')] = vmid
+        properties[self._fact('vmtype')] = vmtype

        plaintext_configs = [
-            'tags',
+            'description',
        ]

        for config in ret:
-            key = config
-            key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), key.lower()))
+            key = self._fact(config)
            value = ret[config]
            try:
                # fixup disk images as they have no key
@@ -304,46 +394,48 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

                # Additional field containing parsed tags as list
                if config == 'tags':
-                    parsed_key = self.to_safe('%s%s' % (key, "_parsed"))
-                    parsed_value = [tag.strip() for tag in value.split(",")]
-                    self.inventory.set_variable(name, parsed_key, parsed_value)
+                    stripped_value = value.strip()
+                    if stripped_value:
+                        parsed_key = key + "_parsed"
+                        properties[parsed_key] = [tag.strip() for tag in stripped_value.split(",")]

                # The first field in the agent string tells you whether the agent is enabled
                # the rest of the comma separated string is extra config for the agent
                if config == 'agent' and int(value.split(',')[0]):
-                    agent_iface_key = self.to_safe('%s%s' % (key, "_interfaces"))
                    agent_iface_value = self._get_agent_network_interfaces(node, vmid, vmtype)
                    if agent_iface_value:
-                        self.inventory.set_variable(name, agent_iface_key, agent_iface_value)
+                        agent_iface_key = self.to_safe('%s%s' % (key, "_interfaces"))
+                        properties[agent_iface_key] = agent_iface_value

-                if not (isinstance(value, int) or ',' not in value):
+                if config == 'lxc':
+                    out_val = {}
+                    for k, v in value:
+                        if k.startswith('lxc.'):
+                            k = k[len('lxc.'):]
+                        out_val[k] = v
+                    value = out_val
+
+                if config not in plaintext_configs and isinstance(value, string_types) \
+                        and all("=" in v for v in value.split(",")):
                    # split off strings with commas to a dict
                    # skip over any keys that cannot be processed
                    try:
-                        value = dict(key.split("=") for key in value.split(","))
+                        value = dict(key.split("=", 1) for key in value.split(","))
                    except Exception:
                        continue

-                self.inventory.set_variable(name, key, value)
+                properties[key] = value
            except NameError:
                return None

-    def _get_vm_status(self, node, vmid, vmtype, name):
+    def _get_vm_status(self, properties, node, vmid, vmtype, name):
        ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/status/current" % (self.proxmox_url, node, vmtype, vmid))
+        properties[self._fact('status')] = ret['status']

-        status = ret['status']
-        status_key = 'status'
-        status_key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), status_key.lower()))
-        self.inventory.set_variable(name, status_key, status)
-
-    def _get_vm_snapshots(self, node, vmid, vmtype, name):
+    def _get_vm_snapshots(self, properties, node, vmid, vmtype, name):
        ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/snapshot" % (self.proxmox_url, node, vmtype, vmid))
-
-        snapshots_key = 'snapshots'
-        snapshots_key = self.to_safe('%s%s' % (self.get_option('facts_prefix'), snapshots_key.lower()))
-
        snapshots = [snapshot['name'] for snapshot in ret if snapshot['name'] != 'current']
-        self.inventory.set_variable(name, snapshots_key, snapshots)
+        properties[self._fact('snapshots')] = snapshots

    def to_safe(self, word):
        '''Converts 'bad' characters in a string to underscores so they can be used as Ansible groups
@@ -353,109 +445,140 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        regex = r"[^A-Za-z0-9\_]"
        return re.sub(regex, "_", word.replace(" ", ""))

-    def _apply_constructable(self, name, variables):
-        strict = self.get_option('strict')
-        self._add_host_to_composed_groups(self.get_option('groups'), variables, name, strict=strict)
-        self._add_host_to_keyed_groups(self.get_option('keyed_groups'), variables, name, strict=strict)
-        self._set_composite_vars(self.get_option('compose'), variables, name, strict=strict)
+    def _fact(self, name):
+        '''Generate a fact's full name from the common prefix and a name.'''
+        return self.to_safe('%s%s' % (self.facts_prefix, name.lower()))
+
+    def _group(self, name):
+        '''Generate a group's full name from the common prefix and a name.'''
+        return self.to_safe('%s%s' % (self.group_prefix, name.lower()))
+
+    def _can_add_host(self, name, properties):
+        '''Ensure that a host satisfies all defined hosts filters. If strict mode is
+        enabled, any error during host filter compositing will lead to an AnsibleError
+        being raised, otherwise the filter will be ignored.
+        '''
+        for host_filter in self.host_filters:
+            try:
+                if not self._compose(host_filter, properties):
+                    return False
+            except Exception as e:  # pylint: disable=broad-except
+                message = "Could not evaluate host filter %s for host %s - %s" % (host_filter, name, to_native(e))
+                if self.strict:
+                    raise AnsibleError(message)
+                display.warning(message)
+        return True
+
+    def _add_host(self, name, variables):
+        self.inventory.add_host(name)
+        for k, v in variables.items():
+            self.inventory.set_variable(name, k, v)
+        variables = self.inventory.get_host(name).get_vars()
+        self._set_composite_vars(self.get_option('compose'), variables, name, strict=self.strict)
+        self._add_host_to_composed_groups(self.get_option('groups'), variables, name, strict=self.strict)
+        self._add_host_to_keyed_groups(self.get_option('keyed_groups'), variables, name, strict=self.strict)
+
+    def _handle_item(self, node, ittype, item):
+        '''Handle an item from the list of LXC containers and Qemu VM. The
+        return value will be either None if the item was skipped or the name of
+        the item if it was added to the inventory.'''
+        if item.get('template'):
+            return None
+
+        properties = dict()
+        name, vmid = item['name'], item['vmid']
+
+        # get status, config and snapshots if want_facts == True
+        if self.get_option('want_facts'):
+            self._get_vm_status(properties, node, vmid, ittype, name)
+            self._get_vm_config(properties, node, vmid, ittype, name)
+            self._get_vm_snapshots(properties, node, vmid, ittype, name)
+
+        # ensure the host satisfies filters
+        if not self._can_add_host(name, properties):
+            return None
+
+        # add the host to the inventory
+        self._add_host(name, properties)
+        node_type_group = self._group('%s_%s' % (node, ittype))
+        self.inventory.add_child(self._group('all_' + ittype), name)
+        self.inventory.add_child(node_type_group, name)
+        if item['status'] == 'stopped':
+            self.inventory.add_child(self._group('all_stopped'), name)
+        elif item['status'] == 'running':
+            self.inventory.add_child(self._group('all_running'), name)
+
+        return name
+
+    def _populate_pool_groups(self, added_hosts):
+        '''Generate groups from Proxmox resource pools, ignoring VMs and
+        containers that were skipped.'''
+        for pool in self._get_pools():
+            poolid = pool.get('poolid')
+            if not poolid:
+                continue
+            pool_group = self._group('pool_' + poolid)
+            self.inventory.add_group(pool_group)
+
+            for member in self._get_members_per_pool(poolid):
+                name = member.get('name')
+                if name and name in added_hosts:
+                    self.inventory.add_child(pool_group, name)

    def _populate(self):

-        self._get_auth()
+        # create common groups
+        self.inventory.add_group(self._group('all_lxc'))
+        self.inventory.add_group(self._group('all_qemu'))
+        self.inventory.add_group(self._group('all_running'))
+        self.inventory.add_group(self._group('all_stopped'))
+        nodes_group = self._group('nodes')
+        self.inventory.add_group(nodes_group)
+
+        want_proxmox_nodes_ansible_host = self.get_option("want_proxmox_nodes_ansible_host")
+        if want_proxmox_nodes_ansible_host is None:
+            display.deprecated(
+                'The want_proxmox_nodes_ansible_host option of the community.general.proxmox inventory plugin'
+                ' currently defaults to `true`, but this default has been deprecated and will change to `false`'
+                ' in community.general 6.0.0. To keep the current behavior and remove this deprecation warning,'
+                ' explicitly set `want_proxmox_nodes_ansible_host` to `true` in your inventory configuration',
+                version='6.0.0', collection_name='community.general')
+            want_proxmox_nodes_ansible_host = True

        # gather vm's on nodes
+        self._get_auth()
+        hosts = []
        for node in self._get_nodes():
-            # FIXME: this can probably be cleaner
-            # create groups
-            lxc_group = 'all_lxc'
-            lxc_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), lxc_group.lower()))
-            self.inventory.add_group(lxc_group)
-            qemu_group = 'all_qemu'
-            qemu_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), qemu_group.lower()))
-            self.inventory.add_group(qemu_group)
-            nodes_group = 'nodes'
-            nodes_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), nodes_group.lower()))
-            self.inventory.add_group(nodes_group)
-            running_group = 'all_running'
-            running_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), running_group.lower()))
-            self.inventory.add_group(running_group)
-            stopped_group = 'all_stopped'
-            stopped_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), stopped_group.lower()))
-            self.inventory.add_group(stopped_group)
+            if not node.get('node'):
+                continue

-            if node.get('node'):
-                self.inventory.add_host(node['node'])
+            self.inventory.add_host(node['node'])
+            if node['type'] == 'node':
+                self.inventory.add_child(nodes_group, node['node'])

-                if node['type'] == 'node':
-                    self.inventory.add_child(nodes_group, node['node'])
+            if node['status'] == 'offline':
+                continue

-                if node['status'] == 'offline':
-                    continue
+            # get node IP address
+            if want_proxmox_nodes_ansible_host:
+                ip = self._get_node_ip(node['node'])
+                self.inventory.set_variable(node['node'], 'ansible_host', ip)

-                # get node IP address
-                if self.get_option("want_proxmox_nodes_ansible_host"):
-                    ip = self._get_node_ip(node['node'])
-                    self.inventory.set_variable(node['node'], 'ansible_host', ip)
+            # add LXC/Qemu groups for the node
+            for ittype in ('lxc', 'qemu'):
+                node_type_group = self._group('%s_%s' % (node['node'], ittype))
+                self.inventory.add_group(node_type_group)

-                # get LXC containers for this node
-                node_lxc_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), ('%s_lxc' % node['node']).lower()))
-                self.inventory.add_group(node_lxc_group)
-                for lxc in self._get_lxc_per_node(node['node']):
-                    self.inventory.add_host(lxc['name'])
-                    self.inventory.add_child(lxc_group, lxc['name'])
-                    self.inventory.add_child(node_lxc_group, lxc['name'])
-
-                    # get LXC status when want_facts == True
-                    if self.get_option('want_facts'):
-                        self._get_vm_status(node['node'], lxc['vmid'], 'lxc', lxc['name'])
-                        if lxc['status'] == 'stopped':
-                            self.inventory.add_child(stopped_group, lxc['name'])
-                        elif lxc['status'] == 'running':
-                            self.inventory.add_child(running_group, lxc['name'])
-
-                    # get LXC config and snapshots for facts
-                    if self.get_option('want_facts'):
-                        self._get_vm_config(node['node'], lxc['vmid'], 'lxc', lxc['name'])
-                        self._get_vm_snapshots(node['node'], lxc['vmid'], 'lxc', lxc['name'])
-
-                    self._apply_constructable(lxc["name"], self.inventory.get_host(lxc['name']).get_vars())
-
-                # get QEMU vm's for this node
-                node_qemu_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), ('%s_qemu' % node['node']).lower()))
-                self.inventory.add_group(node_qemu_group)
-                for qemu in self._get_qemu_per_node(node['node']):
-                    if qemu.get('template'):
-                        continue
-
-                    self.inventory.add_host(qemu['name'])
-                    self.inventory.add_child(qemu_group, qemu['name'])
-                    self.inventory.add_child(node_qemu_group, qemu['name'])
-
-                    # get QEMU status
-                    self._get_vm_status(node['node'], qemu['vmid'], 'qemu', qemu['name'])
-                    if qemu['status'] == 'stopped':
-                        self.inventory.add_child(stopped_group, qemu['name'])
-                    elif qemu['status'] == 'running':
-                        self.inventory.add_child(running_group, qemu['name'])
-
-                    # get QEMU config and snapshots for facts
-                    if self.get_option('want_facts'):
-                        self._get_vm_config(node['node'], qemu['vmid'], 'qemu', qemu['name'])
-                        self._get_vm_snapshots(node['node'], qemu['vmid'], 'qemu', qemu['name'])
-
-                    self._apply_constructable(qemu["name"], self.inventory.get_host(qemu['name']).get_vars())
+            # get LXC containers and Qemu VMs for this node
+            lxc_objects = zip(itertools.repeat('lxc'), self._get_lxc_per_node(node['node']))
+            qemu_objects = zip(itertools.repeat('qemu'), self._get_qemu_per_node(node['node']))
+            for ittype, item in itertools.chain(lxc_objects, qemu_objects):
+                name = self._handle_item(node['node'], ittype, item)
+                if name is not None:
+                    hosts.append(name)

        # gather vm's in pools
-        for pool in self._get_pools():
-            if pool.get('poolid'):
-                pool_group = 'pool_' + pool['poolid']
-                pool_group = self.to_safe('%s%s' % (self.get_option('group_prefix'), pool_group.lower()))
-                self.inventory.add_group(pool_group)
-
-                for member in self._get_members_per_pool(pool['poolid']):
-                    if member.get('name'):
-                        if not member.get('template'):
-                            self.inventory.add_child(pool_group, member['name'])
+        self._populate_pool_groups(hosts)

    def parse(self, inventory, loader, path, cache=True):
        if not HAS_REQUESTS:
@@ -467,12 +590,43 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        # read config from file, this sets 'options'
        self._read_config_data(path)

-        # get connection host
-        self.proxmox_url = self.get_option('url').rstrip('/')
-        self.proxmox_user = self.get_option('user')
-        self.proxmox_password = self.get_option('password')
+        t = Templar(loader=loader)
+
+        # read options
+        proxmox_url = self.get_option('url')
+        if t.is_template(proxmox_url):
+            proxmox_url = t.template(variable=proxmox_url, disable_lookups=False)
+        self.proxmox_url = proxmox_url.rstrip('/')
+
+        proxmox_user = self.get_option('user')
+        if t.is_template(proxmox_user):
+            proxmox_user = t.template(variable=proxmox_user, disable_lookups=False)
+        self.proxmox_user = proxmox_user
+
+        proxmox_password = self.get_option('password')
+        if t.is_template(proxmox_password):
+            proxmox_password = t.template(variable=proxmox_password, disable_lookups=False)
+        self.proxmox_password = proxmox_password
+
+        proxmox_token_id = self.get_option('token_id')
+        if t.is_template(proxmox_token_id):
+            proxmox_token_id = t.template(variable=proxmox_token_id, disable_lookups=False)
+        self.proxmox_token_id = proxmox_token_id
+
+        proxmox_token_secret = self.get_option('token_secret')
+        if t.is_template(proxmox_token_secret):
+            proxmox_token_secret = t.template(variable=proxmox_token_secret, disable_lookups=False)
+        self.proxmox_token_secret = proxmox_token_secret
+
+        if proxmox_password is None and (proxmox_token_id is None or proxmox_token_secret is None):
+            raise AnsibleError('You must specify either a password or both token_id and token_secret.')
+
        self.cache_key = self.get_cache_key(path)
        self.use_cache = cache and self.get_option('cache')
+        self.host_filters = self.get_option('filters')
+        self.group_prefix = self.get_option('group_prefix')
+        self.facts_prefix = self.get_option('facts_prefix')
+        self.strict = self.get_option('strict')

        # actually populate inventory
        self._populate()
--- a/plugins/inventory/scaleway.py
+++ b/plugins/inventory/scaleway.py
@@ -9,7 +9,7 @@ __metaclass__ = type
 DOCUMENTATION = r'''
    name: scaleway
    author:
-      - Remy Leone (@sieben)
+      - Remy Leone (@remyleone)
    short_description: Scaleway inventory source
    description:
        - Get inventory hosts from Scaleway.
@@ -23,6 +23,7 @@ DOCUMENTATION = r'''
        regions:
            description: Filter results on a specific Scaleway region.
            type: list
+            elements: string
            default:
                - ams1
                - par1
@@ -31,6 +32,13 @@ DOCUMENTATION = r'''
        tags:
            description: Filter results on a specific tag.
            type: list
+            elements: string
+        scw_profile:
+            description:
+            - The config profile to use in config file.
+            - By default uses the one specified as C(active_profile) in the config file, or falls back to C(default) if that is not defined.
+            type: string
+            version_added: 4.4.0
        oauth_token:
            description:
            - Scaleway OAuth token.
@@ -45,6 +53,7 @@ DOCUMENTATION = r'''
        hostnames:
            description: List of preference about what to use as an hostname.
            type: list
+            elements: string
            default:
                - public_ipv4
            choices:
@@ -303,7 +312,13 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        if not oauth_token and os.path.exists(scw_config_path):
            with open(scw_config_path) as fh:
                scw_config = yaml.safe_load(fh)
-                active_profile = scw_config.get('active_profile', 'default')
+                ansible_profile = self.get_option('scw_profile')
+
+                if ansible_profile:
+                    active_profile = ansible_profile
+                else:
+                    active_profile = scw_config.get('active_profile', 'default')
+
                if active_profile == 'default':
                    oauth_token = scw_config.get('secret_key')
                else:
--- a/plugins/inventory/xen_orchestra.py
+++ b/plugins/inventory/xen_orchestra.py
@@ -62,28 +62,27 @@ DOCUMENTATION = '''

 EXAMPLES = '''
 # file must be named xen_orchestra.yaml or xen_orchestra.yml
-simple_config_file:
-    plugin: community.general.xen_orchestra
-    api_host: 192.168.1.255
-    user: xo
-    password: xo_pwd
-    validate_certs: true
-    use_ssl: true
-    groups:
-        kube_nodes: "'kube_node' in tags"
-    compose:
-        ansible_port: 2222
+plugin: community.general.xen_orchestra
+api_host: 192.168.1.255
+user: xo
+password: xo_pwd
+validate_certs: true
+use_ssl: true
+groups:
+    kube_nodes: "'kube_node' in tags"
+compose:
+    ansible_port: 2222

 '''

 import json
 import ssl

-from distutils.version import LooseVersion
-
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable

+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
+
 # 3rd party imports
 try:
    HAS_WEBSOCKET = True
--- a/plugins/lookup/consul_kv.py
+++ b/plugins/lookup/consul_kv.py
@@ -20,6 +20,7 @@ DOCUMENTATION = '''
      _raw:
        description: List of key(s) to retrieve.
        type: list
+        elements: string
      recurse:
        type: boolean
        description: If true, will retrieve all the values that have the given key as prefix.
--- a/plugins/lookup/credstash.py
+++ b/plugins/lookup/credstash.py
@@ -17,11 +17,11 @@ DOCUMENTATION = '''
      _terms:
        description: term or list of terms to lookup in the credit store
        type: list
-        required: True
+        elements: string
+        required: true
      table:
        description: name of the credstash table to query
        default: 'credential-store'
-        required: True
      version:
        description: Credstash version
      region:
--- a/plugins/lookup/dnstxt.py
+++ b/plugins/lookup/dnstxt.py
@@ -18,6 +18,7 @@ DOCUMENTATION = '''
        description: domain or list of domains to query TXT records from
        required: True
        type: list
+        elements: string
 '''

 EXAMPLES = """
--- a/plugins/lookup/dsv.py
+++ b/plugins/lookup/dsv.py
@@ -105,11 +105,15 @@ display = Display()
 class LookupModule(LookupBase):
    @staticmethod
    def Client(vault_parameters):
-        return SecretsVault(**vault_parameters)
+        try:
+            vault = SecretsVault(**vault_parameters)
+            return vault
+        except TypeError:
+            raise AnsibleError("python-dsv-sdk==0.0.1 must be installed to use this plugin")

    def run(self, terms, variables, **kwargs):
        if sdk_is_missing:
-            raise AnsibleError("python-dsv-sdk must be installed to use this plugin")
+            raise AnsibleError("python-dsv-sdk==0.0.1 must be installed to use this plugin")

        self.set_options(var_options=variables, direct=kwargs)

--- a/plugins/lookup/etcd3.py
+++ b/plugins/lookup/etcd3.py
@@ -93,7 +93,7 @@ DOCUMENTATION = '''
      environment variable and keep I(endpoints), I(host), and I(port) unused.
    seealso:
    - module: community.general.etcd3
-    - ref: etcd_lookup
+    - ref: ansible_collections.community.general.etcd_lookup
      description: The etcd v2 lookup.

    requirements:
--- a/plugins/lookup/flattened.py
+++ b/plugins/lookup/flattened.py
@@ -23,7 +23,7 @@ DOCUMENTATION = '''
 EXAMPLES = """
 - name: "'unnest' all elements into single list"
  ansible.builtin.debug:
-    msg: "all in one list {{lookup('community.general.flattened', [1,2,3,[5,6]], [a,b,c], [[5,6,1,3], [34,a,b,c]])}}"
+    msg: "all in one list {{lookup('community.general.flattened', [1,2,3,[5,6]], ['a','b','c'], [[5,6,1,3], [34,'a','b','c']])}}"
 """

 RETURN = """
--- a/plugins/lookup/passwordstore.py
+++ b/plugins/lookup/passwordstore.py
@@ -14,6 +14,8 @@ DOCUMENTATION = '''
    description:
      - Enables Ansible to retrieve, create or update passwords from the passwordstore.org pass utility.
        It also retrieves YAML style keys stored as multilines in the passwordfile.
+      - To avoid problems when accessing multiple secrets at once, add C(auto-expand-secmem) to
+        C(~/.gnupg/gpg-agent.conf). Where this is not possible, consider using I(lock=readwrite) instead.
    options:
      _terms:
        description: query key.
@@ -77,54 +79,89 @@ DOCUMENTATION = '''
          - warn
          - empty
          - create
+      lock:
+        description:
+          - How to synchronize operations.
+          - The default of C(write) only synchronizes write operations.
+          - C(readwrite) synchronizes all operations (including read). This makes sure that gpg-agent is never called in parallel.
+          - C(none) does not do any synchronization.
+        ini:
+          - section: passwordstore_lookup
+            key: lock
+        type: str
+        default: write
+        choices:
+          - readwrite
+          - write
+          - none
+        version_added: 4.5.0
+      locktimeout:
+        description:
+          - Lock timeout applied when I(lock) is not C(none).
+          - Time with a unit suffix, C(s), C(m), C(h) for seconds, minutes, and hours, respectively. For example, C(900s) equals C(15m).
+          - Correlates with C(pinentry-timeout) in C(~/.gnupg/gpg-agent.conf), see C(man gpg-agent) for details.
+        ini:
+          - section: passwordstore_lookup
+            key: locktimeout
+        type: str
+        default: 15m
+        version_added: 4.5.0
 '''
 EXAMPLES = """
-# Debug is used for examples, BAD IDEA to show passwords on screen
- name: Basic lookup. Fails if example/test doesn't exist
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test')}}"
+ansible.cfg: |
+  [passwordstore_lookup]
+  lock=readwrite
+  locktimeout=45s

- name: Basic lookup. Warns if example/test does not exist and returns empty string
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test missing=warn')}}"
+playbook.yml: |
+  ---

- name: Create pass with random 16 character password. If password exists just give the password
-  ansible.builtin.debug:
-    var: mypassword
-  vars:
-    mypassword: "{{ lookup('community.general.passwordstore', 'example/test create=true')}}"
+  # Debug is used for examples, BAD IDEA to show passwords on screen
+  - name: Basic lookup. Fails if example/test does not exist
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test')}}"

- name: Create pass with random 16 character password. If password exists just give the password
-  ansible.builtin.debug:
-    var: mypassword
-  vars:
-    mypassword: "{{ lookup('community.general.passwordstore', 'example/test missing=create')}}"
+  - name: Basic lookup. Warns if example/test does not exist and returns empty string
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test missing=warn')}}"

- name: Prints 'abc' if example/test does not exist, just give the password otherwise
-  ansible.builtin.debug:
-    var: mypassword
-  vars:
-    mypassword: "{{ lookup('community.general.passwordstore', 'example/test missing=empty') | default('abc', true) }}"
+  - name: Create pass with random 16 character password. If password exists just give the password
+    ansible.builtin.debug:
+      var: mypassword
+    vars:
+      mypassword: "{{ lookup('community.general.passwordstore', 'example/test create=true')}}"

- name: Different size password
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test create=true length=42')}}"
+  - name: Create pass with random 16 character password. If password exists just give the password
+    ansible.builtin.debug:
+      var: mypassword
+    vars:
+      mypassword: "{{ lookup('community.general.passwordstore', 'example/test missing=create')}}"

- name: Create password and overwrite the password if it exists. As a bonus, this module includes the old password inside the pass file
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test create=true overwrite=true')}}"
+  - name: Prints 'abc' if example/test does not exist, just give the password otherwise
+    ansible.builtin.debug:
+      var: mypassword
+    vars:
+      mypassword: "{{ lookup('community.general.passwordstore', 'example/test missing=empty') | default('abc', true) }}"

- name: Create an alphanumeric password
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test create=true nosymbols=true') }}"
+  - name: Different size password
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test create=true length=42')}}"

- name: Return the value for user in the KV pair user, username
-  ansible.builtin.debug:
-    msg: "{{ lookup('community.general.passwordstore', 'example/test subkey=user')}}"
+  - name: Create password and overwrite the password if it exists. As a bonus, this module includes the old password inside the pass file
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test create=true overwrite=true')}}"

- name: Return the entire password file content
-  ansible.builtin.set_fact:
-    passfilecontent: "{{ lookup('community.general.passwordstore', 'example/test returnall=true')}}"
+  - name: Create an alphanumeric password
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test create=true nosymbols=true') }}"
+
+  - name: Return the value for user in the KV pair user, username
+    ansible.builtin.debug:
+      msg: "{{ lookup('community.general.passwordstore', 'example/test subkey=user')}}"
+
+  - name: Return the entire password file content
+    ansible.builtin.set_fact:
+      passfilecontent: "{{ lookup('community.general.passwordstore', 'example/test returnall=true')}}"
 """

 RETURN = """
@@ -135,15 +172,17 @@ _raw:
  elements: str
 """

+from contextlib import contextmanager
 import os
+import re
 import subprocess
 import time
 import yaml

-
-from distutils import util
 from ansible.errors import AnsibleError, AnsibleAssertionError
+from ansible.module_utils.common.file import FileLock
 from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
+from ansible.module_utils.parsing.convert_bool import boolean
 from ansible.utils.display import Display
 from ansible.utils.encrypt import random_password
 from ansible.plugins.lookup import LookupBase
@@ -154,6 +193,7 @@ display = Display()

 # backhacked check_output with input for python 2.7
 # http://stackoverflow.com/questions/10103551/passing-data-to-subprocess-check-output
+# note: contains special logic for calling 'pass', so not a drop-in replacement for check_output
 def check_output2(*popenargs, **kwargs):
    if 'stdout' in kwargs:
        raise ValueError('stdout argument not allowed, it will be overridden.')
@@ -175,9 +215,10 @@ def check_output2(*popenargs, **kwargs):
        process.wait()
        raise
    retcode = process.poll()
-    if retcode != 0 or \
-            b'encryption failed: Unusable public key' in b_out or \
-            b'encryption failed: Unusable public key' in b_err:
+    if retcode == 0 and (b'encryption failed: Unusable public key' in b_out or
+                         b'encryption failed: Unusable public key' in b_err):
+        retcode = 78  # os.EX_CONFIG
+    if retcode != 0:
        cmd = kwargs.get("args")
        if cmd is None:
            cmd = popenargs[0]
@@ -211,7 +252,7 @@ class LookupModule(LookupBase):
            try:
                for key in ['create', 'returnall', 'overwrite', 'backup', 'nosymbols']:
                    if not isinstance(self.paramvals[key], bool):
-                        self.paramvals[key] = util.strtobool(self.paramvals[key])
+                        self.paramvals[key] = boolean(self.paramvals[key])
            except (ValueError, AssertionError) as e:
                raise AnsibleError(e)
            if self.paramvals['missing'] not in ['error', 'warn', 'create', 'empty']:
@@ -227,13 +268,13 @@ class LookupModule(LookupBase):

            # Collect pass environment variables from the plugin's parameters.
            self.env = os.environ.copy()
+            self.env['LANGUAGE'] = 'C'  # make sure to get errors in English as required by check_output2

-            # Set PASSWORD_STORE_DIR if directory is set
-            if self.paramvals['directory']:
-                if os.path.isdir(self.paramvals['directory']):
-                    self.env['PASSWORD_STORE_DIR'] = self.paramvals['directory']
-                else:
-                    raise AnsibleError('Passwordstore directory \'{0}\' does not exist'.format(self.paramvals['directory']))
+            # Set PASSWORD_STORE_DIR
+            if os.path.isdir(self.paramvals['directory']):
+                self.env['PASSWORD_STORE_DIR'] = self.paramvals['directory']
+            else:
+                raise AnsibleError('Passwordstore directory \'{0}\' does not exist'.format(self.paramvals['directory']))

            # Set PASSWORD_STORE_UMASK if umask is set
            if 'umask' in self.paramvals:
@@ -261,19 +302,20 @@ class LookupModule(LookupBase):
                    if ':' in line:
                        name, value = line.split(':', 1)
                        self.passdict[name.strip()] = value.strip()
+            if os.path.isfile(os.path.join(self.paramvals['directory'], self.passname + ".gpg")):
+                # Only accept password as found, if there a .gpg file for it (might be a tree node otherwise)
+                return True
        except (subprocess.CalledProcessError) as e:
-            if e.returncode != 0 and 'not in the password store' in e.output:
-                # if pass returns 1 and return string contains 'is not in the password store.'
-                # We need to determine if this is valid or Error.
-                if self.paramvals['missing'] == 'error':
-                    raise AnsibleError('passwordstore: passname {0} not found and missing=error is set'.format(self.passname))
-                else:
-                    if self.paramvals['missing'] == 'warn':
-                        display.warning('passwordstore: passname {0} not found'.format(self.passname))
-                    return False
-            else:
+            # 'not in password store' is the expected error if a password wasn't found
+            if 'not in the password store' not in e.output:
                raise AnsibleError(e)
-        return True
+
+        if self.paramvals['missing'] == 'error':
+            raise AnsibleError('passwordstore: passname {0} not found and missing=error is set'.format(self.passname))
+        elif self.paramvals['missing'] == 'warn':
+            display.warning('passwordstore: passname {0} not found'.format(self.passname))
+
+        return False

    def get_newpass(self):
        if self.paramvals['nosymbols']:
@@ -325,11 +367,30 @@ class LookupModule(LookupBase):
            else:
                return None

-    def run(self, terms, variables, **kwargs):
-        result = []
+    @contextmanager
+    def opt_lock(self, type):
+        if self.get_option('lock') == type:
+            tmpdir = os.environ.get('TMPDIR', '/tmp')
+            lockfile = os.path.join(tmpdir, '.passwordstore.lock')
+            with FileLock().lock_file(lockfile, tmpdir, self.lock_timeout):
+                self.locked = type
+                yield
+            self.locked = None
+        else:
+            yield
+
+    def setup(self, variables):
+        self.locked = None
+        timeout = self.get_option('locktimeout')
+        if not re.match('^[0-9]+[smh]$', timeout):
+            raise AnsibleError("{0} is not a correct value for locktimeout".format(timeout))
+        unit_to_seconds = {"s": 1, "m": 60, "h": 3600}
+        self.lock_timeout = int(timeout[:-1]) * unit_to_seconds[timeout[-1]]
        self.paramvals = {
            'subkey': 'password',
-            'directory': variables.get('passwordstore'),
+            'directory': variables.get('passwordstore', os.environ.get(
+                                       'PASSWORD_STORE_DIR',
+                                       os.path.expanduser('~/.password-store'))),
            'create': False,
            'returnall': False,
            'overwrite': False,
@@ -340,17 +401,27 @@ class LookupModule(LookupBase):
            'missing': 'error',
        }

+    def run(self, terms, variables, **kwargs):
+        self.setup(variables)
+        result = []
+
        for term in terms:
            self.parse_params(term)   # parse the input into paramvals
-            if self.check_pass():     # password exists
-                if self.paramvals['overwrite'] and self.paramvals['subkey'] == 'password':
-                    result.append(self.update_password())
-                else:
-                    result.append(self.get_passresult())
-            else:                     # password does not exist
-                if self.paramvals['missing'] == 'create':
-                    result.append(self.generate_password())
-                else:
-                    result.append(None)
+            with self.opt_lock('readwrite'):
+                if self.check_pass():     # password exists
+                    if self.paramvals['overwrite'] and self.paramvals['subkey'] == 'password':
+                        with self.opt_lock('write'):
+                            result.append(self.update_password())
+                    else:
+                        result.append(self.get_passresult())
+                else:                     # password does not exist
+                    if self.paramvals['missing'] == 'create':
+                        with self.opt_lock('write'):
+                            if self.locked == 'write' and self.check_pass():  # lookup password again if under write lock
+                                result.append(self.get_passresult())
+                            else:
+                                result.append(self.generate_password())
+                    else:
+                        result.append(None)

        return result
--- a/plugins/lookup/tss.py
+++ b/plugins/lookup/tss.py
@@ -14,6 +14,10 @@ description:
    - Uses the Thycotic Secret Server Python SDK to get Secrets from Secret
      Server using token authentication with I(username) and I(password) on
      the REST API at I(base_url).
+    - When using self-signed certificates the environment variable
+      C(REQUESTS_CA_BUNDLE) can be set to a file containing the trusted certificates
+      (in C(.pem) format).
+    - For example, C(export REQUESTS_CA_BUNDLE='/etc/ssl/certs/ca-bundle.trust.crt').
 requirements:
    - python-tss-sdk - https://pypi.org/project/python-tss-sdk/
 options:
--- a/plugins/module_utils/_version.py
+++ b/plugins/module_utils/_version.py
@@ -0,0 +1,343 @@
+# Vendored copy of distutils/version.py from CPython 3.9.5
+#
+# Implements multiple version numbering conventions for the
+# Python Module Distribution Utilities.
+#
+# PSF License (see licenses/PSF-license.txt or https://opensource.org/licenses/Python-2.0)
+#
+
+"""Provides classes to represent module version numbers (one class for
+each style of version numbering).  There are currently two such classes
+implemented: StrictVersion and LooseVersion.
+
+Every version number class implements the following interface:
+  * the 'parse' method takes a string and parses it to some internal
+    representation; if the string is an invalid version number,
+    'parse' raises a ValueError exception
+  * the class constructor takes an optional string argument which,
+    if supplied, is passed to 'parse'
+  * __str__ reconstructs the string that was passed to 'parse' (or
+    an equivalent string -- ie. one that will generate an equivalent
+    version number instance)
+  * __repr__ generates Python code to recreate the version number instance
+  * _cmp compares the current instance with either another instance
+    of the same class or a string (which will be parsed to an instance
+    of the same class, thus must follow the same rules)
+"""
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import re
+
+try:
+    RE_FLAGS = re.VERBOSE | re.ASCII
+except AttributeError:
+    RE_FLAGS = re.VERBOSE
+
+
+class Version:
+    """Abstract base class for version numbering classes.  Just provides
+    constructor (__init__) and reproducer (__repr__), because those
+    seem to be the same for all version numbering classes; and route
+    rich comparisons to _cmp.
+    """
+
+    def __init__(self, vstring=None):
+        if vstring:
+            self.parse(vstring)
+
+    def __repr__(self):
+        return "%s ('%s')" % (self.__class__.__name__, str(self))
+
+    def __eq__(self, other):
+        c = self._cmp(other)
+        if c is NotImplemented:
+            return c
+        return c == 0
+
+    def __lt__(self, other):
+        c = self._cmp(other)
+        if c is NotImplemented:
+            return c
+        return c < 0
+
+    def __le__(self, other):
+        c = self._cmp(other)
+        if c is NotImplemented:
+            return c
+        return c <= 0
+
+    def __gt__(self, other):
+        c = self._cmp(other)
+        if c is NotImplemented:
+            return c
+        return c > 0
+
+    def __ge__(self, other):
+        c = self._cmp(other)
+        if c is NotImplemented:
+            return c
+        return c >= 0
+
+
+# Interface for version-number classes -- must be implemented
+# by the following classes (the concrete ones -- Version should
+# be treated as an abstract class).
+#    __init__ (string) - create and take same action as 'parse'
+#                        (string parameter is optional)
+#    parse (string)    - convert a string representation to whatever
+#                        internal representation is appropriate for
+#                        this style of version numbering
+#    __str__ (self)    - convert back to a string; should be very similar
+#                        (if not identical to) the string supplied to parse
+#    __repr__ (self)   - generate Python code to recreate
+#                        the instance
+#    _cmp (self, other) - compare two version numbers ('other' may
+#                        be an unparsed version string, or another
+#                        instance of your version class)
+
+
+class StrictVersion(Version):
+    """Version numbering for anal retentives and software idealists.
+    Implements the standard interface for version number classes as
+    described above.  A version number consists of two or three
+    dot-separated numeric components, with an optional "pre-release" tag
+    on the end.  The pre-release tag consists of the letter 'a' or 'b'
+    followed by a number.  If the numeric components of two version
+    numbers are equal, then one with a pre-release tag will always
+    be deemed earlier (lesser) than one without.
+
+    The following are valid version numbers (shown in the order that
+    would be obtained by sorting according to the supplied cmp function):
+
+        0.4       0.4.0  (these two are equivalent)
+        0.4.1
+        0.5a1
+        0.5b3
+        0.5
+        0.9.6
+        1.0
+        1.0.4a3
+        1.0.4b1
+        1.0.4
+
+    The following are examples of invalid version numbers:
+
+        1
+        2.7.2.2
+        1.3.a4
+        1.3pl1
+        1.3c4
+
+    The rationale for this version numbering system will be explained
+    in the distutils documentation.
+    """
+
+    version_re = re.compile(r'^(\d+) \. (\d+) (\. (\d+))? ([ab](\d+))?$',
+                            RE_FLAGS)
+
+    def parse(self, vstring):
+        match = self.version_re.match(vstring)
+        if not match:
+            raise ValueError("invalid version number '%s'" % vstring)
+
+        (major, minor, patch, prerelease, prerelease_num) = \
+            match.group(1, 2, 4, 5, 6)
+
+        if patch:
+            self.version = tuple(map(int, [major, minor, patch]))
+        else:
+            self.version = tuple(map(int, [major, minor])) + (0,)
+
+        if prerelease:
+            self.prerelease = (prerelease[0], int(prerelease_num))
+        else:
+            self.prerelease = None
+
+    def __str__(self):
+        if self.version[2] == 0:
+            vstring = '.'.join(map(str, self.version[0:2]))
+        else:
+            vstring = '.'.join(map(str, self.version))
+
+        if self.prerelease:
+            vstring = vstring + self.prerelease[0] + str(self.prerelease[1])
+
+        return vstring
+
+    def _cmp(self, other):
+        if isinstance(other, str):
+            other = StrictVersion(other)
+        elif not isinstance(other, StrictVersion):
+            return NotImplemented
+
+        if self.version != other.version:
+            # numeric versions don't match
+            # prerelease stuff doesn't matter
+            if self.version < other.version:
+                return -1
+            else:
+                return 1
+
+        # have to compare prerelease
+        # case 1: neither has prerelease; they're equal
+        # case 2: self has prerelease, other doesn't; other is greater
+        # case 3: self doesn't have prerelease, other does: self is greater
+        # case 4: both have prerelease: must compare them!
+
+        if (not self.prerelease and not other.prerelease):
+            return 0
+        elif (self.prerelease and not other.prerelease):
+            return -1
+        elif (not self.prerelease and other.prerelease):
+            return 1
+        elif (self.prerelease and other.prerelease):
+            if self.prerelease == other.prerelease:
+                return 0
+            elif self.prerelease < other.prerelease:
+                return -1
+            else:
+                return 1
+        else:
+            raise AssertionError("never get here")
+
+# end class StrictVersion
+
+# The rules according to Greg Stein:
+# 1) a version number has 1 or more numbers separated by a period or by
+#    sequences of letters. If only periods, then these are compared
+#    left-to-right to determine an ordering.
+# 2) sequences of letters are part of the tuple for comparison and are
+#    compared lexicographically
+# 3) recognize the numeric components may have leading zeroes
+#
+# The LooseVersion class below implements these rules: a version number
+# string is split up into a tuple of integer and string components, and
+# comparison is a simple tuple comparison.  This means that version
+# numbers behave in a predictable and obvious way, but a way that might
+# not necessarily be how people *want* version numbers to behave.  There
+# wouldn't be a problem if people could stick to purely numeric version
+# numbers: just split on period and compare the numbers as tuples.
+# However, people insist on putting letters into their version numbers;
+# the most common purpose seems to be:
+#   - indicating a "pre-release" version
+#     ('alpha', 'beta', 'a', 'b', 'pre', 'p')
+#   - indicating a post-release patch ('p', 'pl', 'patch')
+# but of course this can't cover all version number schemes, and there's
+# no way to know what a programmer means without asking him.
+#
+# The problem is what to do with letters (and other non-numeric
+# characters) in a version number.  The current implementation does the
+# obvious and predictable thing: keep them as strings and compare
+# lexically within a tuple comparison.  This has the desired effect if
+# an appended letter sequence implies something "post-release":
+# eg. "0.99" < "0.99pl14" < "1.0", and "5.001" < "5.001m" < "5.002".
+#
+# However, if letters in a version number imply a pre-release version,
+# the "obvious" thing isn't correct.  Eg. you would expect that
+# "1.5.1" < "1.5.2a2" < "1.5.2", but under the tuple/lexical comparison
+# implemented here, this just isn't so.
+#
+# Two possible solutions come to mind.  The first is to tie the
+# comparison algorithm to a particular set of semantic rules, as has
+# been done in the StrictVersion class above.  This works great as long
+# as everyone can go along with bondage and discipline.  Hopefully a
+# (large) subset of Python module programmers will agree that the
+# particular flavour of bondage and discipline provided by StrictVersion
+# provides enough benefit to be worth using, and will submit their
+# version numbering scheme to its domination.  The free-thinking
+# anarchists in the lot will never give in, though, and something needs
+# to be done to accommodate them.
+#
+# Perhaps a "moderately strict" version class could be implemented that
+# lets almost anything slide (syntactically), and makes some heuristic
+# assumptions about non-digits in version number strings.  This could
+# sink into special-case-hell, though; if I was as talented and
+# idiosyncratic as Larry Wall, I'd go ahead and implement a class that
+# somehow knows that "1.2.1" < "1.2.2a2" < "1.2.2" < "1.2.2pl3", and is
+# just as happy dealing with things like "2g6" and "1.13++".  I don't
+# think I'm smart enough to do it right though.
+#
+# In any case, I've coded the test suite for this module (see
+# ../test/test_version.py) specifically to fail on things like comparing
+# "1.2a2" and "1.2".  That's not because the *code* is doing anything
+# wrong, it's because the simple, obvious design doesn't match my
+# complicated, hairy expectations for real-world version numbers.  It
+# would be a snap to fix the test suite to say, "Yep, LooseVersion does
+# the Right Thing" (ie. the code matches the conception).  But I'd rather
+# have a conception that matches common notions about version numbers.
+
+
+class LooseVersion(Version):
+    """Version numbering for anarchists and software realists.
+    Implements the standard interface for version number classes as
+    described above.  A version number consists of a series of numbers,
+    separated by either periods or strings of letters.  When comparing
+    version numbers, the numeric components will be compared
+    numerically, and the alphabetic components lexically.  The following
+    are all valid version numbers, in no particular order:
+
+        1.5.1
+        1.5.2b2
+        161
+        3.10a
+        8.02
+        3.4j
+        1996.07.12
+        3.2.pl0
+        3.1.1.6
+        2g6
+        11g
+        0.960923
+        2.2beta29
+        1.13++
+        5.5.kw
+        2.0b1pl0
+
+    In fact, there is no such thing as an invalid version number under
+    this scheme; the rules for comparison are simple and predictable,
+    but may not always give the results you want (for some definition
+    of "want").
+    """
+
+    component_re = re.compile(r'(\d+ | [a-z]+ | \.)', re.VERBOSE)
+
+    def __init__(self, vstring=None):
+        if vstring:
+            self.parse(vstring)
+
+    def parse(self, vstring):
+        # I've given up on thinking I can reconstruct the version string
+        # from the parsed tuple -- so I just store the string here for
+        # use by __str__
+        self.vstring = vstring
+        components = [x for x in self.component_re.split(vstring) if x and x != '.']
+        for i, obj in enumerate(components):
+            try:
+                components[i] = int(obj)
+            except ValueError:
+                pass
+
+        self.version = components
+
+    def __str__(self):
+        return self.vstring
+
+    def __repr__(self):
+        return "LooseVersion ('%s')" % str(self)
+
+    def _cmp(self, other):
+        if isinstance(other, str):
+            other = LooseVersion(other)
+        elif not isinstance(other, LooseVersion):
+            return NotImplemented
+
+        if self.version == other.version:
+            return 0
+        if self.version < other.version:
+            return -1
+        if self.version > other.version:
+            return 1
+
+# end class LooseVersion
--- a/plugins/module_utils/cmd_runner.py
+++ b/plugins/module_utils/cmd_runner.py
@@ -0,0 +1,291 @@
+# -*- coding: utf-8 -*-
+# (c) 2022, Alexei Znamensky <russoz@gmail.com>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+from functools import wraps
+
+from ansible.module_utils.common.collections import is_sequence
+from ansible.module_utils.six import iteritems
+
+
+def _ensure_list(value):
+    return list(value) if is_sequence(value) else [value]
+
+
+def _process_as_is(rc, out, err):
+    return rc, out, err
+
+
+class CmdRunnerException(Exception):
+    pass
+
+
+class MissingArgumentFormat(CmdRunnerException):
+    def __init__(self, arg, args_order, args_formats):
+        self.args_order = args_order
+        self.arg = arg
+        self.args_formats = args_formats
+
+    def __repr__(self):
+        return "MissingArgumentFormat({0!r}, {1!r}, {2!r})".format(
+            self.arg,
+            self.args_order,
+            self.args_formats,
+        )
+
+    def __str__(self):
+        return "Cannot find format for parameter {0} {1} in: {2}".format(
+            self.arg,
+            self.args_order,
+            self.args_formats,
+        )
+
+
+class MissingArgumentValue(CmdRunnerException):
+    def __init__(self, args_order, arg):
+        self.args_order = args_order
+        self.arg = arg
+
+    def __repr__(self):
+        return "MissingArgumentValue({0!r}, {1!r})".format(
+            self.args_order,
+            self.arg,
+        )
+
+    def __str__(self):
+        return "Cannot find value for parameter {0} in {1}".format(
+            self.arg,
+            self.args_order,
+        )
+
+
+class FormatError(CmdRunnerException):
+    def __init__(self, name, value, args_formats, exc):
+        self.name = name
+        self.value = value
+        self.args_formats = args_formats
+        self.exc = exc
+        super(FormatError, self).__init__()
+
+    def __repr__(self):
+        return "FormatError({0!r}, {1!r}, {2!r}, {3!r})".format(
+            self.name,
+            self.value,
+            self.args_formats,
+            self.exc,
+        )
+
+    def __str__(self):
+        return "Failed to format parameter {0} with value {1}: {2}".format(
+            self.name,
+            self.value,
+            self.exc,
+        )
+
+
+class _ArgFormat(object):
+    def __init__(self, func, ignore_none=None):
+        self.func = func
+        self.ignore_none = ignore_none
+
+    def __call__(self, value, ctx_ignore_none):
+        ignore_none = self.ignore_none if self.ignore_none is not None else ctx_ignore_none
+        if value is None and ignore_none:
+            return []
+        f = self.func
+        return [str(x) for x in f(value)]
+
+
+class _Format(object):
+    @staticmethod
+    def as_bool(args):
+        return _ArgFormat(lambda value: _ensure_list(args) if value else [])
+
+    @staticmethod
+    def as_bool_not(args):
+        return _ArgFormat(lambda value: [] if value else _ensure_list(args), ignore_none=False)
+
+    @staticmethod
+    def as_optval(arg, ignore_none=None):
+        return _ArgFormat(lambda value: ["{0}{1}".format(arg, value)], ignore_none=ignore_none)
+
+    @staticmethod
+    def as_opt_val(arg, ignore_none=None):
+        return _ArgFormat(lambda value: [arg, value], ignore_none=ignore_none)
+
+    @staticmethod
+    def as_opt_eq_val(arg, ignore_none=None):
+        return _ArgFormat(lambda value: ["{0}={1}".format(arg, value)], ignore_none=ignore_none)
+
+    @staticmethod
+    def as_list(ignore_none=None):
+        return _ArgFormat(_ensure_list, ignore_none=ignore_none)
+
+    @staticmethod
+    def as_fixed(args):
+        return _ArgFormat(lambda value: _ensure_list(args), ignore_none=False)
+
+    @staticmethod
+    def as_func(func, ignore_none=None):
+        return _ArgFormat(func, ignore_none=ignore_none)
+
+    @staticmethod
+    def as_map(_map, default=None, ignore_none=None):
+        return _ArgFormat(lambda value: _ensure_list(_map.get(value, default)), ignore_none=ignore_none)
+
+    @staticmethod
+    def as_default_type(_type, arg="", ignore_none=None):
+        fmt = _Format
+        if _type == "dict":
+            return fmt.as_func(lambda d: ["--{0}={1}".format(*a) for a in iteritems(d)],
+                               ignore_none=ignore_none)
+        if _type == "list":
+            return fmt.as_func(lambda value: ["--{0}".format(x) for x in value], ignore_none=ignore_none)
+        if _type == "bool":
+            return fmt.as_bool("--{0}".format(arg))
+
+        return fmt.as_opt_val("--{0}".format(arg), ignore_none=ignore_none)
+
+    @staticmethod
+    def unpack_args(func):
+        @wraps(func)
+        def wrapper(v):
+            return func(*v)
+        return wrapper
+
+    @staticmethod
+    def unpack_kwargs(func):
+        @wraps(func)
+        def wrapper(v):
+            return func(**v)
+        return wrapper
+
+
+class CmdRunner(object):
+    """
+    Wrapper for ``AnsibleModule.run_command()``.
+
+    It aims to provide a reusable runner with consistent argument formatting
+    and sensible defaults.
+    """
+
+    @staticmethod
+    def _prepare_args_order(order):
+        return tuple(order) if is_sequence(order) else tuple(order.split())
+
+    def __init__(self, module, command, arg_formats=None, default_args_order=(),
+                 check_rc=False, force_lang="C", path_prefix=None, environ_update=None):
+        self.module = module
+        self.command = _ensure_list(command)
+        self.default_args_order = self._prepare_args_order(default_args_order)
+        if arg_formats is None:
+            arg_formats = {}
+        self.arg_formats = dict(arg_formats)
+        self.check_rc = check_rc
+        self.force_lang = force_lang
+        self.path_prefix = path_prefix
+        if environ_update is None:
+            environ_update = {}
+        self.environ_update = environ_update
+
+        self.command[0] = module.get_bin_path(command[0], opt_dirs=path_prefix, required=True)
+
+        for mod_param_name, spec in iteritems(module.argument_spec):
+            if mod_param_name not in self.arg_formats:
+                self.arg_formats[mod_param_name] = _Format.as_default_type(spec['type'], mod_param_name)
+
+    def context(self, args_order=None, output_process=None, ignore_value_none=True, **kwargs):
+        if output_process is None:
+            output_process = _process_as_is
+        if args_order is None:
+            args_order = self.default_args_order
+        args_order = self._prepare_args_order(args_order)
+        for p in args_order:
+            if p not in self.arg_formats:
+                raise MissingArgumentFormat(p, args_order, tuple(self.arg_formats.keys()))
+        return _CmdRunnerContext(runner=self,
+                                 args_order=args_order,
+                                 output_process=output_process,
+                                 ignore_value_none=ignore_value_none, **kwargs)
+
+    def has_arg_format(self, arg):
+        return arg in self.arg_formats
+
+
+class _CmdRunnerContext(object):
+    def __init__(self, runner, args_order, output_process, ignore_value_none, **kwargs):
+        self.runner = runner
+        self.args_order = tuple(args_order)
+        self.output_process = output_process
+        self.ignore_value_none = ignore_value_none
+        self.run_command_args = dict(kwargs)
+
+        self.environ_update = runner.environ_update
+        self.environ_update.update(self.run_command_args.get('environ_update', {}))
+        if runner.force_lang:
+            self.environ_update.update({
+                'LANGUAGE': runner.force_lang,
+                'LC_ALL': runner.force_lang,
+            })
+        self.run_command_args['environ_update'] = self.environ_update
+
+        if 'check_rc' not in self.run_command_args:
+            self.run_command_args['check_rc'] = runner.check_rc
+        self.check_rc = self.run_command_args['check_rc']
+
+        self.cmd = None
+        self.results_rc = None
+        self.results_out = None
+        self.results_err = None
+        self.results_processed = None
+
+    def run(self, **kwargs):
+        runner = self.runner
+        module = self.runner.module
+        self.cmd = list(runner.command)
+        self.context_run_args = dict(kwargs)
+
+        named_args = dict(module.params)
+        named_args.update(kwargs)
+        for arg_name in self.args_order:
+            value = None
+            try:
+                value = named_args[arg_name]
+                self.cmd.extend(runner.arg_formats[arg_name](value, ctx_ignore_none=self.ignore_value_none))
+            except KeyError:
+                raise MissingArgumentValue(self.args_order, arg_name)
+            except Exception as e:
+                raise FormatError(arg_name, value, runner.arg_formats[arg_name], e)
+
+        results = module.run_command(self.cmd, **self.run_command_args)
+        self.results_rc, self.results_out, self.results_err = results
+        self.results_processed = self.output_process(*results)
+        return self.results_processed
+
+    @property
+    def run_info(self):
+        return dict(
+            ignore_value_none=self.ignore_value_none,
+            check_rc=self.check_rc,
+            environ_update=self.environ_update,
+            args_order=self.args_order,
+            cmd=self.cmd,
+            run_command_args=self.run_command_args,
+            context_run_args=self.context_run_args,
+            results_rc=self.results_rc,
+            results_out=self.results_out,
+            results_err=self.results_err,
+            results_processed=self.results_processed,
+        )
+
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc_val, exc_tb):
+        return False
+
+
+fmt = _Format()
--- a/plugins/module_utils/gitlab.py
+++ b/plugins/module_utils/gitlab.py
@@ -7,29 +7,40 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-import json
-from distutils.version import StrictVersion
-
 from ansible.module_utils.basic import missing_required_lib
-from ansible.module_utils.urls import fetch_url
 from ansible.module_utils.common.text.converters import to_native

+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
+
 try:
    from urllib import quote_plus  # Python 2.X
+    from urlparse import urljoin
 except ImportError:
-    from urllib.parse import quote_plus  # Python 3+
+    from urllib.parse import quote_plus, urljoin  # Python 3+

 import traceback

 GITLAB_IMP_ERR = None
 try:
    import gitlab
+    import requests
    HAS_GITLAB_PACKAGE = True
 except Exception:
    GITLAB_IMP_ERR = traceback.format_exc()
    HAS_GITLAB_PACKAGE = False


+def auth_argument_spec(spec=None):
+    arg_spec = (dict(
+        api_token=dict(type='str', no_log=True),
+        api_oauth_token=dict(type='str', no_log=True),
+        api_job_token=dict(type='str', no_log=True),
+    ))
+    if spec:
+        arg_spec.update(spec)
+    return arg_spec
+
+
 def find_project(gitlab_instance, identifier):
    try:
        project = gitlab_instance.projects.get(identifier)
@@ -58,6 +69,8 @@ def gitlab_authentication(module):
    gitlab_user = module.params['api_username']
    gitlab_password = module.params['api_password']
    gitlab_token = module.params['api_token']
+    gitlab_oauth_token = module.params['api_oauth_token']
+    gitlab_job_token = module.params['api_job_token']

    if not HAS_GITLAB_PACKAGE:
        module.fail_json(msg=missing_required_lib("python-gitlab"), exception=GITLAB_IMP_ERR)
@@ -66,11 +79,20 @@ def gitlab_authentication(module):
        # python-gitlab library remove support for username/password authentication since 1.13.0
        # Changelog : https://github.com/python-gitlab/python-gitlab/releases/tag/v1.13.0
        # This condition allow to still support older version of the python-gitlab library
-        if StrictVersion(gitlab.__version__) < StrictVersion("1.13.0"):
+        if LooseVersion(gitlab.__version__) < LooseVersion("1.13.0"):
            gitlab_instance = gitlab.Gitlab(url=gitlab_url, ssl_verify=validate_certs, email=gitlab_user, password=gitlab_password,
                                            private_token=gitlab_token, api_version=4)
        else:
-            gitlab_instance = gitlab.Gitlab(url=gitlab_url, ssl_verify=validate_certs, private_token=gitlab_token, api_version=4)
+            # We can create an oauth_token using a username and password
+            # https://docs.gitlab.com/ee/api/oauth2.html#authorization-code-flow
+            if gitlab_user:
+                data = {'grant_type': 'password', 'username': gitlab_user, 'password': gitlab_password}
+                resp = requests.post(urljoin(gitlab_url, "oauth/token"), data=data, verify=validate_certs)
+                resp_data = resp.json()
+                gitlab_oauth_token = resp_data["access_token"]
+
+            gitlab_instance = gitlab.Gitlab(url=gitlab_url, ssl_verify=validate_certs, private_token=gitlab_token,
+                                            oauth_token=gitlab_oauth_token, job_token=gitlab_job_token, api_version=4)

        gitlab_instance.auth()
    except (gitlab.exceptions.GitlabAuthenticationError, gitlab.exceptions.GitlabGetError) as e:
--- a/plugins/module_utils/identity/keycloak/keycloak.py
+++ b/plugins/module_utils/identity/keycloak/keycloak.py
@@ -38,6 +38,7 @@ from ansible.module_utils.six.moves.urllib.parse import urlencode, quote
 from ansible.module_utils.six.moves.urllib.error import HTTPError
 from ansible.module_utils.common.text.converters import to_native, to_text

+URL_REALM_INFO = "{url}/realms/{realm}"
 URL_REALMS = "{url}/admin/realms"
 URL_REALM = "{url}/admin/realms/{realm}"

@@ -101,6 +102,7 @@ def keycloak_argument_spec():
        auth_username=dict(type='str', aliases=['username']),
        auth_password=dict(type='str', aliases=['password'], no_log=True),
        validate_certs=dict(type='bool', default=True),
+        connection_timeout=dict(type='int', default=10),
        token=dict(type='str', no_log=True),
    )

@@ -133,6 +135,7 @@ def get_token(module_params):
        auth_username = module_params.get('auth_username')
        auth_password = module_params.get('auth_password')
        client_secret = module_params.get('auth_client_secret')
+        connection_timeout = module_params.get('connection_timeout')
        auth_url = URL_TOKEN.format(url=base_url, realm=auth_realm)
        temp_payload = {
            'grant_type': 'password',
@@ -146,7 +149,7 @@ def get_token(module_params):
            (k, v) for k, v in temp_payload.items() if v is not None)
        try:
            r = json.loads(to_native(open_url(auth_url, method='POST',
-                                              validate_certs=validate_certs,
+                                              validate_certs=validate_certs, timeout=connection_timeout,
                                              data=urlencode(payload)).read()))
        except ValueError as e:
            raise KeycloakError(
@@ -228,8 +231,34 @@ class KeycloakAPI(object):
        self.module = module
        self.baseurl = self.module.params.get('auth_keycloak_url')
        self.validate_certs = self.module.params.get('validate_certs')
+        self.connection_timeout = self.module.params.get('connection_timeout')
        self.restheaders = connection_header

+    def get_realm_info_by_id(self, realm='master'):
+        """ Obtain realm public info by id
+
+        :param realm: realm id
+        :return: dict of real, representation or None if none matching exist
+        """
+        realm_info_url = URL_REALM_INFO.format(url=self.baseurl, realm=realm)
+
+        try:
+            return json.loads(to_native(open_url(realm_info_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
+                                                 validate_certs=self.validate_certs).read()))
+
+        except HTTPError as e:
+            if e.code == 404:
+                return None
+            else:
+                self.module.fail_json(msg='Could not obtain realm %s: %s' % (realm, str(e)),
+                                      exception=traceback.format_exc())
+        except ValueError as e:
+            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain realm %s: %s' % (realm, str(e)),
+                                  exception=traceback.format_exc())
+        except Exception as e:
+            self.module.fail_json(msg='Could not obtain realm %s: %s' % (realm, str(e)),
+                                  exception=traceback.format_exc())
+
    def get_realm_by_id(self, realm='master'):
        """ Obtain realm representation by id

@@ -239,7 +268,7 @@ class KeycloakAPI(object):
        realm_url = URL_REALM.format(url=self.baseurl, realm=realm)

        try:
-            return json.loads(to_native(open_url(realm_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(realm_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))

        except HTTPError as e:
@@ -264,7 +293,7 @@ class KeycloakAPI(object):
        realm_url = URL_REALM.format(url=self.baseurl, realm=realm)

        try:
-            return open_url(realm_url, method='PUT', headers=self.restheaders,
+            return open_url(realm_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(realmrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update realm %s: %s' % (realm, str(e)),
@@ -278,7 +307,7 @@ class KeycloakAPI(object):
        realm_url = URL_REALMS.format(url=self.baseurl)

        try:
-            return open_url(realm_url, method='POST', headers=self.restheaders,
+            return open_url(realm_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(realmrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create realm %s: %s' % (realmrep['id'], str(e)),
@@ -293,7 +322,7 @@ class KeycloakAPI(object):
        realm_url = URL_REALM.format(url=self.baseurl, realm=realm)

        try:
-            return open_url(realm_url, method='DELETE', headers=self.restheaders,
+            return open_url(realm_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not delete realm %s: %s' % (realm, str(e)),
@@ -311,7 +340,7 @@ class KeycloakAPI(object):
            clientlist_url += '?clientId=%s' % filter

        try:
-            return json.loads(to_native(open_url(clientlist_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(clientlist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of clients for realm %s: %s'
@@ -342,7 +371,7 @@ class KeycloakAPI(object):
        client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return json.loads(to_native(open_url(client_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(client_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))

        except HTTPError as e:
@@ -381,7 +410,7 @@ class KeycloakAPI(object):
        client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return open_url(client_url, method='PUT', headers=self.restheaders,
+            return open_url(client_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clientrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update client %s in realm %s: %s'
@@ -396,7 +425,7 @@ class KeycloakAPI(object):
        client_url = URL_CLIENTS.format(url=self.baseurl, realm=realm)

        try:
-            return open_url(client_url, method='POST', headers=self.restheaders,
+            return open_url(client_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clientrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create client %s in realm %s: %s'
@@ -412,7 +441,7 @@ class KeycloakAPI(object):
        client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return open_url(client_url, method='DELETE', headers=self.restheaders,
+            return open_url(client_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not delete client %s in realm %s: %s'
@@ -427,7 +456,7 @@ class KeycloakAPI(object):
        """
        client_roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return json.loads(to_native(open_url(client_roles_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(client_roles_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch rolemappings for client %s in realm %s: %s"
@@ -459,7 +488,7 @@ class KeycloakAPI(object):
        """
        rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
        try:
-            rolemappings = json.loads(to_native(open_url(rolemappings_url, method="GET", headers=self.restheaders,
+            rolemappings = json.loads(to_native(open_url(rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                         validate_certs=self.validate_certs).read()))
            for role in rolemappings:
                if rid == role['id']:
@@ -479,7 +508,7 @@ class KeycloakAPI(object):
        """
        available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_AVAILABLE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
        try:
-            return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
@@ -495,7 +524,7 @@ class KeycloakAPI(object):
        """
        available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_COMPOSITE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
        try:
-            return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
@@ -512,7 +541,8 @@ class KeycloakAPI(object):
        """
        available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
        try:
-            open_url(available_rolemappings_url, method="POST", headers=self.restheaders, data=json.dumps(role_rep), validate_certs=self.validate_certs)
+            open_url(available_rolemappings_url, method="POST", headers=self.restheaders, data=json.dumps(role_rep),
+                     validate_certs=self.validate_certs, timeout=self.connection_timeout)
        except Exception as e:
            self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
                                      % (cid, gid, realm, str(e)))
@@ -528,7 +558,8 @@ class KeycloakAPI(object):
        """
        available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
        try:
-            open_url(available_rolemappings_url, method="DELETE", headers=self.restheaders, validate_certs=self.validate_certs)
+            open_url(available_rolemappings_url, method="DELETE", headers=self.restheaders,
+                     validate_certs=self.validate_certs, timeout=self.connection_timeout)
        except Exception as e:
            self.module.fail_json(msg="Could not delete available rolemappings for client %s in group %s, realm %s: %s"
                                      % (cid, gid, realm, str(e)))
@@ -542,7 +573,7 @@ class KeycloakAPI(object):
        url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)

        try:
-            return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of client templates for realm %s: %s'
@@ -561,7 +592,7 @@ class KeycloakAPI(object):
        url = URL_CLIENTTEMPLATE.format(url=self.baseurl, id=id, realm=realm)

        try:
-            return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain client templates %s for realm %s: %s'
@@ -607,7 +638,7 @@ class KeycloakAPI(object):
        url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return open_url(url, method='PUT', headers=self.restheaders,
+            return open_url(url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clienttrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update client template %s in realm %s: %s'
@@ -622,7 +653,7 @@ class KeycloakAPI(object):
        url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)

        try:
-            return open_url(url, method='POST', headers=self.restheaders,
+            return open_url(url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clienttrep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create client template %s in realm %s: %s'
@@ -638,7 +669,7 @@ class KeycloakAPI(object):
        url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return open_url(url, method='DELETE', headers=self.restheaders,
+            return open_url(url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not delete client template %s in realm %s: %s'
@@ -655,7 +686,7 @@ class KeycloakAPI(object):
        """
        clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
        try:
-            return json.loads(to_native(open_url(clientscopes_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(clientscopes_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch list of clientscopes in realm %s: %s"
@@ -672,7 +703,7 @@ class KeycloakAPI(object):
        """
        clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return json.loads(to_native(open_url(clientscope_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(clientscope_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))

        except HTTPError as e:
@@ -717,7 +748,7 @@ class KeycloakAPI(object):
        """
        clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
        try:
-            return open_url(clientscopes_url, method='POST', headers=self.restheaders,
+            return open_url(clientscopes_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clientscoperep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Could not create clientscope %s in realm %s: %s"
@@ -732,7 +763,7 @@ class KeycloakAPI(object):
        clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=clientscoperep['id'])

        try:
-            return open_url(clientscope_url, method='PUT', headers=self.restheaders,
+            return open_url(clientscope_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(clientscoperep), validate_certs=self.validate_certs)

        except Exception as e:
@@ -770,7 +801,7 @@ class KeycloakAPI(object):
        # should have a good cid by here.
        clientscope_url = URL_CLIENTSCOPE.format(realm=realm, id=cid, url=self.baseurl)
        try:
-            return open_url(clientscope_url, method='DELETE', headers=self.restheaders,
+            return open_url(clientscope_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)

        except Exception as e:
@@ -788,7 +819,7 @@ class KeycloakAPI(object):
        """
        protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(id=cid, url=self.baseurl, realm=realm)
        try:
-            return json.loads(to_native(open_url(protocolmappers_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(protocolmappers_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch list of protocolmappers in realm %s: %s"
@@ -807,7 +838,7 @@ class KeycloakAPI(object):
        """
        protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=pid)
        try:
-            return json.loads(to_native(open_url(protocolmapper_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(protocolmapper_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))

        except HTTPError as e:
@@ -854,7 +885,7 @@ class KeycloakAPI(object):
        """
        protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(url=self.baseurl, id=cid, realm=realm)
        try:
-            return open_url(protocolmappers_url, method='POST', headers=self.restheaders,
+            return open_url(protocolmappers_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(mapper_rep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Could not create protocolmapper %s in realm %s: %s"
@@ -870,7 +901,7 @@ class KeycloakAPI(object):
        protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=mapper_rep['id'])

        try:
-            return open_url(protocolmapper_url, method='PUT', headers=self.restheaders,
+            return open_url(protocolmapper_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(mapper_rep), validate_certs=self.validate_certs)

        except Exception as e:
@@ -887,7 +918,7 @@ class KeycloakAPI(object):
        """
        groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
        try:
-            return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg="Could not fetch list of groups in realm %s: %s"
@@ -904,7 +935,7 @@ class KeycloakAPI(object):
        """
        groups_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=gid)
        try:
-            return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))

        except HTTPError as e:
@@ -950,7 +981,7 @@ class KeycloakAPI(object):
        """
        groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
        try:
-            return open_url(groups_url, method='POST', headers=self.restheaders,
+            return open_url(groups_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(grouprep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Could not create group %s in realm %s: %s"
@@ -965,7 +996,7 @@ class KeycloakAPI(object):
        group_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=grouprep['id'])

        try:
-            return open_url(group_url, method='PUT', headers=self.restheaders,
+            return open_url(group_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(grouprep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update group %s in realm %s: %s'
@@ -1002,7 +1033,7 @@ class KeycloakAPI(object):
        # should have a good groupid by here.
        group_url = URL_GROUP.format(realm=realm, groupid=groupid, url=self.baseurl)
        try:
-            return open_url(group_url, method='DELETE', headers=self.restheaders,
+            return open_url(group_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to delete group %s: %s" % (groupid, str(e)))
@@ -1015,7 +1046,7 @@ class KeycloakAPI(object):
        """
        rolelist_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
        try:
-            return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for realm %s: %s'
@@ -1033,7 +1064,7 @@ class KeycloakAPI(object):
        """
        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
        try:
-            return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except HTTPError as e:
            if e.code == 404:
@@ -1053,7 +1084,7 @@ class KeycloakAPI(object):
        """
        roles_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
        try:
-            return open_url(roles_url, method='POST', headers=self.restheaders,
+            return open_url(roles_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(rolerep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create role %s in realm %s: %s'
@@ -1067,7 +1098,7 @@ class KeycloakAPI(object):
        """
        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(rolerep['name']))
        try:
-            return open_url(role_url, method='PUT', headers=self.restheaders,
+            return open_url(role_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(rolerep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update role %s in realm %s: %s'
@@ -1081,7 +1112,7 @@ class KeycloakAPI(object):
        """
        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
        try:
-            return open_url(role_url, method='DELETE', headers=self.restheaders,
+            return open_url(role_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Unable to delete role %s in realm %s: %s'
@@ -1100,7 +1131,7 @@ class KeycloakAPI(object):
                                      % (clientid, realm))
        rolelist_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for client %s in realm %s: %s'
@@ -1124,7 +1155,7 @@ class KeycloakAPI(object):
                                      % (clientid, realm))
        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
        try:
-            return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except HTTPError as e:
            if e.code == 404:
@@ -1150,7 +1181,7 @@ class KeycloakAPI(object):
                                      % (clientid, realm))
        roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return open_url(roles_url, method='POST', headers=self.restheaders,
+            return open_url(roles_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(rolerep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create role %s for client %s in realm %s: %s'
@@ -1170,7 +1201,7 @@ class KeycloakAPI(object):
                                      % (clientid, realm))
        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep['name']))
        try:
-            return open_url(role_url, method='PUT', headers=self.restheaders,
+            return open_url(role_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(rolerep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update role %s for client %s in realm %s: %s'
@@ -1189,7 +1220,7 @@ class KeycloakAPI(object):
                                      % (clientid, realm))
        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
        try:
-            return open_url(role_url, method='DELETE', headers=self.restheaders,
+            return open_url(role_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Unable to delete role %s for client %s in realm %s: %s'
@@ -1205,7 +1236,8 @@ class KeycloakAPI(object):
        try:
            authentication_flow = {}
            # Check if the authentication flow exists on the Keycloak serveraders
-            authentications = json.load(open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl, realm=realm), method='GET', headers=self.restheaders))
+            authentications = json.load(open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl, realm=realm), method='GET',
+                                                 headers=self.restheaders, timeout=self.connection_timeout, validate_certs=self.validate_certs))
            for authentication in authentications:
                if authentication["alias"] == alias:
                    authentication_flow = authentication
@@ -1224,7 +1256,7 @@ class KeycloakAPI(object):
        flow_url = URL_AUTHENTICATION_FLOW.format(url=self.baseurl, realm=realm, id=id)

        try:
-            return open_url(flow_url, method='DELETE', headers=self.restheaders,
+            return open_url(flow_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not delete authentication flow %s in realm %s: %s'
@@ -1248,13 +1280,17 @@ class KeycloakAPI(object):
                    copyfrom=quote(config["copyFrom"])),
                method='POST',
                headers=self.restheaders,
-                data=json.dumps(new_name))
+                data=json.dumps(new_name),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
            flow_list = json.load(
                open_url(
                    URL_AUTHENTICATION_FLOWS.format(url=self.baseurl,
                                                    realm=realm),
                    method='GET',
-                    headers=self.restheaders))
+                    headers=self.restheaders,
+                    timeout=self.connection_timeout,
+                    validate_certs=self.validate_certs))
            for flow in flow_list:
                if flow["alias"] == config["alias"]:
                    return flow
@@ -1283,14 +1319,18 @@ class KeycloakAPI(object):
                    realm=realm),
                method='POST',
                headers=self.restheaders,
-                data=json.dumps(new_flow))
+                data=json.dumps(new_flow),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
            flow_list = json.load(
                open_url(
                    URL_AUTHENTICATION_FLOWS.format(
                        url=self.baseurl,
                        realm=realm),
                    method='GET',
-                    headers=self.restheaders))
+                    headers=self.restheaders,
+                    timeout=self.connection_timeout,
+                    validate_certs=self.validate_certs))
            for flow in flow_list:
                if flow["alias"] == config["alias"]:
                    return flow
@@ -1314,7 +1354,9 @@ class KeycloakAPI(object):
                    flowalias=quote(flowAlias)),
                method='PUT',
                headers=self.restheaders,
-                data=json.dumps(updatedExec))
+                data=json.dumps(updatedExec),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to update executions %s: %s" % (updatedExec, str(e)))

@@ -1333,7 +1375,9 @@ class KeycloakAPI(object):
                    id=executionId),
                method='POST',
                headers=self.restheaders,
-                data=json.dumps(authenticationConfig))
+                data=json.dumps(authenticationConfig),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to add authenticationConfig %s: %s" % (executionId, str(e)))

@@ -1356,7 +1400,9 @@ class KeycloakAPI(object):
                    flowalias=quote(flowAlias)),
                method='POST',
                headers=self.restheaders,
-                data=json.dumps(newSubFlow))
+                data=json.dumps(newSubFlow),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to create new subflow %s: %s" % (subflowName, str(e)))

@@ -1378,7 +1424,9 @@ class KeycloakAPI(object):
                    flowalias=quote(flowAlias)),
                method='POST',
                headers=self.restheaders,
-                data=json.dumps(newExec))
+                data=json.dumps(newExec),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to create new execution %s: %s" % (execution["provider"], str(e)))

@@ -1399,7 +1447,9 @@ class KeycloakAPI(object):
                            realm=realm,
                            id=executionId),
                        method='POST',
-                        headers=self.restheaders)
+                        headers=self.restheaders,
+                        timeout=self.connection_timeout,
+                        validate_certs=self.validate_certs)
            elif diff < 0:
                for i in range(-diff):
                    open_url(
@@ -1408,7 +1458,9 @@ class KeycloakAPI(object):
                            realm=realm,
                            id=executionId),
                        method='POST',
-                        headers=self.restheaders)
+                        headers=self.restheaders,
+                        timeout=self.connection_timeout,
+                        validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg="Unable to change execution priority %s: %s" % (executionId, str(e)))

@@ -1428,7 +1480,9 @@ class KeycloakAPI(object):
                        realm=realm,
                        flowalias=quote(config["alias"])),
                    method='GET',
-                    headers=self.restheaders))
+                    headers=self.restheaders,
+                    timeout=self.connection_timeout,
+                    validate_certs=self.validate_certs))
            for execution in executions:
                if "authenticationConfig" in execution:
                    execConfigId = execution["authenticationConfig"]
@@ -1439,7 +1493,9 @@ class KeycloakAPI(object):
                                realm=realm,
                                id=execConfigId),
                            method='GET',
-                            headers=self.restheaders))
+                            headers=self.restheaders,
+                            timeout=self.connection_timeout,
+                            validate_certs=self.validate_certs))
                    execution["authenticationConfig"] = execConfig
            return executions
        except Exception as e:
@@ -1453,7 +1509,7 @@ class KeycloakAPI(object):
        """
        idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
        try:
-            return json.loads(to_native(open_url(idps_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(idps_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity providers for realm %s: %s'
@@ -1470,7 +1526,7 @@ class KeycloakAPI(object):
        """
        idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
        try:
-            return json.loads(to_native(open_url(idp_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(idp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except HTTPError as e:
            if e.code == 404:
@@ -1490,7 +1546,7 @@ class KeycloakAPI(object):
        """
        idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
        try:
-            return open_url(idps_url, method='POST', headers=self.restheaders,
+            return open_url(idps_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(idprep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create identity provider %s in realm %s: %s'
@@ -1504,7 +1560,7 @@ class KeycloakAPI(object):
        """
        idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=idprep['alias'])
        try:
-            return open_url(idp_url, method='PUT', headers=self.restheaders,
+            return open_url(idp_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(idprep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update identity provider %s in realm %s: %s'
@@ -1517,7 +1573,7 @@ class KeycloakAPI(object):
        """
        idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
        try:
-            return open_url(idp_url, method='DELETE', headers=self.restheaders,
+            return open_url(idp_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Unable to delete identity provider %s in realm %s: %s'
@@ -1531,7 +1587,7 @@ class KeycloakAPI(object):
        """
        mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
        try:
-            return json.loads(to_native(open_url(mappers_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(mappers_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity provider mappers for idp %s in realm %s: %s'
@@ -1549,7 +1605,7 @@ class KeycloakAPI(object):
        """
        mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
        try:
-            return json.loads(to_native(open_url(mapper_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(mapper_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except HTTPError as e:
            if e.code == 404:
@@ -1570,7 +1626,7 @@ class KeycloakAPI(object):
        """
        mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
        try:
-            return open_url(mappers_url, method='POST', headers=self.restheaders,
+            return open_url(mappers_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(mapper), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not create identity provider mapper %s for idp %s in realm %s: %s'
@@ -1585,7 +1641,7 @@ class KeycloakAPI(object):
        """
        mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mapper['id'])
        try:
-            return open_url(mapper_url, method='PUT', headers=self.restheaders,
+            return open_url(mapper_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(mapper), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update mapper %s for identity provider %s in realm %s: %s'
@@ -1599,7 +1655,7 @@ class KeycloakAPI(object):
        """
        mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
        try:
-            return open_url(mapper_url, method='DELETE', headers=self.restheaders,
+            return open_url(mapper_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Unable to delete mapper %s for identity provider %s in realm %s: %s'
@@ -1616,7 +1672,7 @@ class KeycloakAPI(object):
            comps_url += '?%s' % filter

        try:
-            return json.loads(to_native(open_url(comps_url, method='GET', headers=self.restheaders,
+            return json.loads(to_native(open_url(comps_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except ValueError as e:
            self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of components for realm %s: %s'
@@ -1633,7 +1689,7 @@ class KeycloakAPI(object):
        """
        comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except HTTPError as e:
            if e.code == 404:
@@ -1653,13 +1709,13 @@ class KeycloakAPI(object):
        """
        comps_url = URL_COMPONENTS.format(url=self.baseurl, realm=realm)
        try:
-            resp = open_url(comps_url, method='POST', headers=self.restheaders,
+            resp = open_url(comps_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(comprep), validate_certs=self.validate_certs)
            comp_url = resp.getheader('Location')
            if comp_url is None:
                self.module.fail_json(msg='Could not create component in realm %s: %s'
                                          % (realm, 'unexpected response'))
-            return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders,
+            return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
                                                 validate_certs=self.validate_certs).read()))
        except Exception as e:
            self.module.fail_json(msg='Could not create component in realm %s: %s'
@@ -1676,7 +1732,7 @@ class KeycloakAPI(object):
            self.module.fail_json(msg='Cannot update component without id')
        comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return open_url(comp_url, method='PUT', headers=self.restheaders,
+            return open_url(comp_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
                            data=json.dumps(comprep), validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Could not update component %s in realm %s: %s'
@@ -1689,7 +1745,7 @@ class KeycloakAPI(object):
        """
        comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
        try:
-            return open_url(comp_url, method='DELETE', headers=self.restheaders,
+            return open_url(comp_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
                            validate_certs=self.validate_certs)
        except Exception as e:
            self.module.fail_json(msg='Unable to delete component %s in realm %s: %s'
--- a/plugins/module_utils/ilo_redfish_utils.py
+++ b/plugins/module_utils/ilo_redfish_utils.py
@@ -0,0 +1,232 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2021-2022 Hewlett Packard Enterprise, Inc. All rights reserved.
+# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+from ansible_collections.community.general.plugins.module_utils.redfish_utils import RedfishUtils
+
+
+class iLORedfishUtils(RedfishUtils):
+
+    def get_ilo_sessions(self):
+        result = {}
+        # listing all users has always been slower than other operations, why?
+        session_list = []
+        sessions_results = []
+        # Get these entries, but does not fail if not found
+        properties = ['Description', 'Id', 'Name', 'UserName']
+
+        # Changed self.sessions_uri to Hardcoded string.
+        response = self.get_request(
+            self.root_uri + self.service_root + "SessionService/Sessions/")
+        if not response['ret']:
+            return response
+        result['ret'] = True
+        data = response['data']
+
+        if 'Oem' in data:
+            if data["Oem"]["Hpe"]["Links"]["MySession"]["@odata.id"]:
+                current_session = data["Oem"]["Hpe"]["Links"]["MySession"]["@odata.id"]
+
+        for sessions in data[u'Members']:
+            # session_list[] are URIs
+            session_list.append(sessions[u'@odata.id'])
+        # for each session, get details
+        for uri in session_list:
+            session = {}
+            if uri != current_session:
+                response = self.get_request(self.root_uri + uri)
+                if not response['ret']:
+                    return response
+                data = response['data']
+                for property in properties:
+                    if property in data:
+                        session[property] = data[property]
+                sessions_results.append(session)
+        result["msg"] = sessions_results
+        result["ret"] = True
+        return result
+
+    def set_ntp_server(self, mgr_attributes):
+        result = {}
+        setkey = mgr_attributes['mgr_attr_name']
+
+        nic_info = self.get_manager_ethernet_uri()
+        ethuri = nic_info["nic_addr"]
+
+        response = self.get_request(self.root_uri + ethuri)
+        if not response['ret']:
+            return response
+        result['ret'] = True
+        data = response['data']
+        payload = {"DHCPv4": {
+            "UseNTPServers": ""
+        }}
+
+        if data["DHCPv4"]["UseNTPServers"]:
+            payload["DHCPv4"]["UseNTPServers"] = False
+            res_dhv4 = self.patch_request(self.root_uri + ethuri, payload)
+            if not res_dhv4['ret']:
+                return res_dhv4
+
+        payload = {"DHCPv6": {
+            "UseNTPServers": ""
+        }}
+
+        if data["DHCPv6"]["UseNTPServers"]:
+            payload["DHCPv6"]["UseNTPServers"] = False
+            res_dhv6 = self.patch_request(self.root_uri + ethuri, payload)
+            if not res_dhv6['ret']:
+                return res_dhv6
+
+        datetime_uri = self.manager_uri + "DateTime"
+
+        response = self.get_request(self.root_uri + datetime_uri)
+        if not response['ret']:
+            return response
+
+        data = response['data']
+
+        ntp_list = data[setkey]
+        if(len(ntp_list) == 2):
+            ntp_list.pop(0)
+
+        ntp_list.append(mgr_attributes['mgr_attr_value'])
+
+        payload = {setkey: ntp_list}
+
+        response1 = self.patch_request(self.root_uri + datetime_uri, payload)
+        if not response1['ret']:
+            return response1
+
+        return {'ret': True, 'changed': True, 'msg': "Modified %s" % mgr_attributes['mgr_attr_name']}
+
+    def set_time_zone(self, attr):
+        key = attr['mgr_attr_name']
+
+        uri = self.manager_uri + "DateTime/"
+        response = self.get_request(self.root_uri + uri)
+        if not response['ret']:
+            return response
+
+        data = response["data"]
+
+        if key not in data:
+            return {'ret': False, 'changed': False, 'msg': "Key %s not found" % key}
+
+        timezones = data["TimeZoneList"]
+        index = ""
+        for tz in timezones:
+            if attr['mgr_attr_value'] in tz["Name"]:
+                index = tz["Index"]
+                break
+
+        payload = {key: {"Index": index}}
+        response = self.patch_request(self.root_uri + uri, payload)
+        if not response['ret']:
+            return response
+
+        return {'ret': True, 'changed': True, 'msg': "Modified %s" % attr['mgr_attr_name']}
+
+    def set_dns_server(self, attr):
+        key = attr['mgr_attr_name']
+        nic_info = self.get_manager_ethernet_uri()
+        uri = nic_info["nic_addr"]
+
+        response = self.get_request(self.root_uri + uri)
+        if not response['ret']:
+            return response
+
+        data = response['data']
+
+        dns_list = data["Oem"]["Hpe"]["IPv4"][key]
+
+        if len(dns_list) == 3:
+            dns_list.pop(0)
+
+        dns_list.append(attr['mgr_attr_value'])
+
+        payload = {
+            "Oem": {
+                "Hpe": {
+                    "IPv4": {
+                        key: dns_list
+                    }
+                }
+            }
+        }
+
+        response = self.patch_request(self.root_uri + uri, payload)
+        if not response['ret']:
+            return response
+
+        return {'ret': True, 'changed': True, 'msg': "Modified %s" % attr['mgr_attr_name']}
+
+    def set_domain_name(self, attr):
+        key = attr['mgr_attr_name']
+
+        nic_info = self.get_manager_ethernet_uri()
+        ethuri = nic_info["nic_addr"]
+
+        response = self.get_request(self.root_uri + ethuri)
+        if not response['ret']:
+            return response
+
+        data = response['data']
+
+        payload = {"DHCPv4": {
+            "UseDomainName": ""
+        }}
+
+        if data["DHCPv4"]["UseDomainName"]:
+            payload["DHCPv4"]["UseDomainName"] = False
+            res_dhv4 = self.patch_request(self.root_uri + ethuri, payload)
+            if not res_dhv4['ret']:
+                return res_dhv4
+
+        payload = {"DHCPv6": {
+            "UseDomainName": ""
+        }}
+
+        if data["DHCPv6"]["UseDomainName"]:
+            payload["DHCPv6"]["UseDomainName"] = False
+            res_dhv6 = self.patch_request(self.root_uri + ethuri, payload)
+            if not res_dhv6['ret']:
+                return res_dhv6
+
+        domain_name = attr['mgr_attr_value']
+
+        payload = {"Oem": {
+            "Hpe": {
+                key: domain_name
+            }
+        }}
+
+        response = self.patch_request(self.root_uri + ethuri, payload)
+        if not response['ret']:
+            return response
+        return {'ret': True, 'changed': True, 'msg': "Modified %s" % attr['mgr_attr_name']}
+
+    def set_wins_registration(self, mgrattr):
+        Key = mgrattr['mgr_attr_name']
+
+        nic_info = self.get_manager_ethernet_uri()
+        ethuri = nic_info["nic_addr"]
+
+        payload = {
+            "Oem": {
+                "Hpe": {
+                    "IPv4": {
+                        Key: False
+                    }
+                }
+            }
+        }
+
+        response = self.patch_request(self.root_uri + ethuri, payload)
+        if not response['ret']:
+            return response
+        return {'ret': True, 'changed': True, 'msg': "Modified %s" % mgrattr['mgr_attr_name']}
--- a/plugins/module_utils/influxdb.py
+++ b/plugins/module_utils/influxdb.py
@@ -9,7 +9,8 @@ __metaclass__ = type
 import traceback

 from ansible.module_utils.basic import missing_required_lib
-from distutils.version import LooseVersion
+
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion

 REQUESTS_IMP_ERR = None
 try:
--- a/plugins/module_utils/lxd.py
+++ b/plugins/module_utils/lxd.py
@@ -75,11 +75,14 @@ class LXDClient(object):
        else:
            raise LXDClientException('URL scheme must be unix: or https:')

-    def do(self, method, url, body_json=None, ok_error_codes=None, timeout=None):
+    def do(self, method, url, body_json=None, ok_error_codes=None, timeout=None, wait_for_container=None):
        resp_json = self._send_request(method, url, body_json=body_json, ok_error_codes=ok_error_codes, timeout=timeout)
        if resp_json['type'] == 'async':
            url = '{0}/wait'.format(resp_json['operation'])
            resp_json = self._send_request('GET', url)
+            if wait_for_container:
+                while resp_json['metadata']['status'] == 'Running':
+                    resp_json = self._send_request('GET', url)
            if resp_json['metadata']['status'] != 'Success':
                self._raise_err_from_json(resp_json)
        return resp_json
--- a/plugins/module_utils/mh/deco.py
+++ b/plugins/module_utils/mh/deco.py
@@ -52,3 +52,36 @@ def module_fails_on_exception(func):
            self.module.fail_json(msg=msg, exception=traceback.format_exc(),
                                  output=self.output, vars=self.vars.output(), **self.output)
    return wrapper
+
+
+def check_mode_skip(func):
+    @wraps(func)
+    def wrapper(self, *args, **kwargs):
+        if not self.module.check_mode:
+            return func(self, *args, **kwargs)
+    return wrapper
+
+
+def check_mode_skip_returns(callable=None, value=None):
+
+    def deco(func):
+        if callable is not None:
+            @wraps(func)
+            def wrapper_callable(self, *args, **kwargs):
+                if self.module.check_mode:
+                    return callable(self, *args, **kwargs)
+                return func(self, *args, **kwargs)
+            return wrapper_callable
+
+        if value is not None:
+            @wraps(func)
+            def wrapper_value(self, *args, **kwargs):
+                if self.module.check_mode:
+                    return value
+                return func(self, *args, **kwargs)
+            return wrapper_value
+
+    if callable is None and value is None:
+        return check_mode_skip
+
+    return deco
--- a/plugins/module_utils/mh/mixins/deprecate_attrs.py
+++ b/plugins/module_utils/mh/mixins/deprecate_attrs.py
@@ -0,0 +1,61 @@
+# -*- coding: utf-8 -*-
+# (c) 2020, Alexei Znamensky <russoz@gmail.com>
+# Copyright: (c) 2020, Ansible Project
+# Simplified BSD License (see licenses/simplified_bsd.txt or https://opensource.org/licenses/BSD-2-Clause)
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+
+from ansible.module_utils.basic import AnsibleModule
+
+
+class DeprecateAttrsMixin(object):
+
+    def _deprecate_setup(self, attr, target, module):
+        if target is None:
+            target = self
+        if not hasattr(target, attr):
+            raise ValueError("Target {0} has no attribute {1}".format(target, attr))
+        if module is None:
+            if isinstance(target, AnsibleModule):
+                module = target
+            elif hasattr(target, "module") and isinstance(target.module, AnsibleModule):
+                module = target.module
+            else:
+                raise ValueError("Failed to automatically discover the AnsibleModule instance. Pass 'module' parameter explicitly.")
+
+        # setup internal state dicts
+        value_attr = "__deprecated_attr_value"
+        trigger_attr = "__deprecated_attr_trigger"
+        if not hasattr(target, value_attr):
+            setattr(target, value_attr, {})
+        if not hasattr(target, trigger_attr):
+            setattr(target, trigger_attr, {})
+        value_dict = getattr(target, value_attr)
+        trigger_dict = getattr(target, trigger_attr)
+        return target, module, value_dict, trigger_dict
+
+    def _deprecate_attr(self, attr, msg, version=None, date=None, collection_name=None, target=None, value=None, module=None):
+        target, module, value_dict, trigger_dict = self._deprecate_setup(attr, target, module)
+
+        value_dict[attr] = getattr(target, attr, value)
+        trigger_dict[attr] = False
+
+        def _trigger():
+            if not trigger_dict[attr]:
+                module.deprecate(msg, version=version, date=date, collection_name=collection_name)
+                trigger_dict[attr] = True
+
+        def _getter(_self):
+            _trigger()
+            return value_dict[attr]
+
+        def _setter(_self, new_value):
+            _trigger()
+            value_dict[attr] = new_value
+
+        # override attribute
+        prop = property(_getter)
+        setattr(target, attr, prop)
+        setattr(target, "_{0}_setter".format(attr), prop.setter(_setter))
--- a/plugins/module_utils/mh/module_helper.py
+++ b/plugins/module_utils/mh/module_helper.py
@@ -13,9 +13,10 @@ from ansible_collections.community.general.plugins.module_utils.mh.mixins.cmd im
 from ansible_collections.community.general.plugins.module_utils.mh.mixins.state import StateMixin
 from ansible_collections.community.general.plugins.module_utils.mh.mixins.deps import DependencyMixin
 from ansible_collections.community.general.plugins.module_utils.mh.mixins.vars import VarsMixin, VarDict as _VD
+from ansible_collections.community.general.plugins.module_utils.mh.mixins.deprecate_attrs import DeprecateAttrsMixin


-class ModuleHelper(VarsMixin, DependencyMixin, ModuleHelperBase):
+class ModuleHelper(DeprecateAttrsMixin, VarsMixin, DependencyMixin, ModuleHelperBase):
    _output_conflict_list = ('msg', 'exception', 'output', 'vars', 'changed')
    facts_name = None
    output_params = ()
@@ -36,6 +37,15 @@ class ModuleHelper(VarsMixin, DependencyMixin, ModuleHelperBase):
                fact=name in self.facts_params,
            )

+        self._deprecate_attr(
+            attr="VarDict",
+            msg="ModuleHelper.VarDict attribute is deprecated, use VarDict from "
+                "the ansible_collections.community.general.plugins.module_utils.mh.mixins.vars module instead",
+            version="6.0.0",
+            collection_name="community.general",
+            target=ModuleHelper,
+            module=self.module)
+
    def update_output(self, **kwargs):
        self.update_vars(meta={"output": True}, **kwargs)

--- a/plugins/module_utils/net_tools/pritunl/api.py
+++ b/plugins/module_utils/net_tools/pritunl/api.py
@@ -337,7 +337,6 @@ def pritunl_auth_request(

    auth_string = "&".join(
        [api_token, auth_timestamp, auth_nonce, method.upper(), path]
-        + ([data] if data else [])
    )

    auth_signature = base64.b64encode(
--- a/plugins/module_utils/proxmox.py
+++ b/plugins/module_utils/proxmox.py
@@ -21,6 +21,8 @@ except ImportError:


 from ansible.module_utils.basic import env_fallback, missing_required_lib
+from ansible.module_utils.common.text.converters import to_native
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion


 def proxmox_auth_argument_spec():
@@ -54,9 +56,23 @@ def proxmox_to_ansible_bool(value):
    return True if value == 1 else False


+def ansible_to_proxmox_bool(value):
+    '''Convert Ansible representation of a boolean to be proxmox-friendly'''
+    if value is None:
+        return None
+
+    if not isinstance(value, bool):
+        raise ValueError("%s must be of type bool not %s" % (value, type(value)))
+
+    return 1 if value else 0
+
+
 class ProxmoxAnsible(object):
    """Base class for Proxmox modules"""
    def __init__(self, module):
+        if not HAS_PROXMOXER:
+            module.fail_json(msg=missing_required_lib('proxmoxer'), exception=PROXMOXER_IMP_ERR)
+
        self.module = module
        self.proxmox_api = self._connect()
        # Test token validity
@@ -84,3 +100,46 @@ class ProxmoxAnsible(object):
            return ProxmoxAPI(api_host, verify_ssl=validate_certs, **auth_args)
        except Exception as e:
            self.module.fail_json(msg='%s' % e, exception=traceback.format_exc())
+
+    def version(self):
+        apireturn = self.proxmox_api.version.get()
+        return LooseVersion(apireturn['version'])
+
+    def get_node(self, node):
+        nodes = [n for n in self.proxmox_api.nodes.get() if n['node'] == node]
+        return nodes[0] if nodes else None
+
+    def get_nextvmid(self):
+        vmid = self.proxmox_api.cluster.nextid.get()
+        return vmid
+
+    def get_vmid(self, name, ignore_missing=False, choose_first_if_multiple=False):
+        vms = [vm['vmid'] for vm in self.proxmox_api.cluster.resources.get(type='vm') if vm.get('name') == name]
+
+        if not vms:
+            if ignore_missing:
+                return None
+
+            self.module.fail_json(msg='No VM with name %s found' % name)
+        elif len(vms) > 1:
+            if choose_first_if_multiple:
+                self.module.deprecate(
+                    'Multiple VMs with name %s found, choosing the first one. ' % name +
+                    'This will be an error in the future. To ensure the correct VM is used, ' +
+                    'also pass the vmid parameter.',
+                    version='5.0.0', collection_name='community.general')
+            else:
+                self.module.fail_json(msg='Multiple VMs with name %s found, provide vmid instead' % name)
+
+        return vms[0]
+
+    def get_vm(self, vmid, ignore_missing=False):
+        vms = [vm for vm in self.proxmox_api.cluster.resources.get(type='vm') if vm['vmid'] == int(vmid)]
+
+        if vms:
+            return vms[0]
+        else:
+            if ignore_missing:
+                return None
+
+            self.module.fail_json(msg='VM with vmid %s does not exist in cluster' % vmid)
--- a/plugins/module_utils/redfish_utils.py
+++ b/plugins/module_utils/redfish_utils.py
@@ -732,14 +732,22 @@ class RedfishUtils(object):
    def get_multi_volume_inventory(self):
        return self.aggregate_systems(self.get_volume_inventory)

-    def manage_indicator_led(self, command):
+    def manage_system_indicator_led(self, command):
+        return self.manage_indicator_led(command, self.systems_uri)
+
+    def manage_chassis_indicator_led(self, command):
+        return self.manage_indicator_led(command, self.chassis_uri)
+
+    def manage_indicator_led(self, command, resource_uri=None):
        result = {}
        key = 'IndicatorLED'
+        if resource_uri is None:
+            resource_uri = self.chassis_uri

        payloads = {'IndicatorLedOn': 'Lit', 'IndicatorLedOff': 'Off', "IndicatorLedBlink": 'Blinking'}

        result = {}
-        response = self.get_request(self.root_uri + self.chassis_uri)
+        response = self.get_request(self.root_uri + resource_uri)
        if response['ret'] is False:
            return response
        result['ret'] = True
@@ -749,7 +757,7 @@ class RedfishUtils(object):

        if command in payloads.keys():
            payload = {'IndicatorLED': payloads[command]}
-            response = self.patch_request(self.root_uri + self.chassis_uri, payload)
+            response = self.patch_request(self.root_uri + resource_uri, payload)
            if response['ret'] is False:
                return response
        else:
@@ -1834,12 +1842,16 @@ class RedfishUtils(object):
                result['ret'] = True
                data = response['data']

-                for device in data[u'Fans']:
-                    fan = {}
-                    for property in properties:
-                        if property in device:
-                            fan[property] = device[property]
-                    fan_results.append(fan)
+                # Checking if fans are present
+                if u'Fans' in data:
+                    for device in data[u'Fans']:
+                        fan = {}
+                        for property in properties:
+                            if property in device:
+                                fan[property] = device[property]
+                        fan_results.append(fan)
+                else:
+                    return {'ret': False, 'msg': "No Fans present"}
        result["entries"] = fan_results
        return result

@@ -2701,39 +2713,14 @@ class RedfishUtils(object):
        return self.aggregate_managers(self.get_manager_health_report)

    def set_manager_nic(self, nic_addr, nic_config):
-        # Get EthernetInterface collection
-        response = self.get_request(self.root_uri + self.manager_uri)
-        if response['ret'] is False:
-            return response
-        data = response['data']
-        if 'EthernetInterfaces' not in data:
-            return {'ret': False, 'msg': "EthernetInterfaces resource not found"}
-        ethernetinterfaces_uri = data["EthernetInterfaces"]["@odata.id"]
-        response = self.get_request(self.root_uri + ethernetinterfaces_uri)
-        if response['ret'] is False:
-            return response
-        data = response['data']
-        uris = [a.get('@odata.id') for a in data.get('Members', []) if
-                a.get('@odata.id')]
+        # Get the manager ethernet interface uri
+        nic_info = self.get_manager_ethernet_uri(nic_addr)

-        # Find target EthernetInterface
-        target_ethernet_uri = None
-        target_ethernet_current_setting = None
-        if nic_addr == 'null':
-            # Find root_uri matched EthernetInterface when nic_addr is not specified
-            nic_addr = (self.root_uri).split('/')[-1]
-            nic_addr = nic_addr.split(':')[0]  # split port if existing
-        for uri in uris:
-            response = self.get_request(self.root_uri + uri)
-            if response['ret'] is False:
-                return response
-            data = response['data']
-            if '"' + nic_addr.lower() + '"' in str(data).lower() or "'" + nic_addr.lower() + "'" in str(data).lower():
-                target_ethernet_uri = uri
-                target_ethernet_current_setting = data
-                break
-        if target_ethernet_uri is None:
-            return {'ret': False, 'msg': "No matched EthernetInterface found under Manager"}
+        if nic_info.get('nic_addr') is None:
+            return nic_info
+        else:
+            target_ethernet_uri = nic_info['nic_addr']
+            target_ethernet_current_setting = nic_info['ethernet_setting']

        # Convert input to payload and check validity
        payload = {}
@@ -2797,6 +2784,50 @@ class RedfishUtils(object):
            return response
        return {'ret': True, 'changed': True, 'msg': "Modified Manager NIC"}

+    # A helper function to get the EthernetInterface URI
+    def get_manager_ethernet_uri(self, nic_addr='null'):
+        # Get EthernetInterface collection
+        response = self.get_request(self.root_uri + self.manager_uri)
+        if not response['ret']:
+            return response
+        data = response['data']
+        if 'EthernetInterfaces' not in data:
+            return {'ret': False, 'msg': "EthernetInterfaces resource not found"}
+        ethernetinterfaces_uri = data["EthernetInterfaces"]["@odata.id"]
+        response = self.get_request(self.root_uri + ethernetinterfaces_uri)
+        if not response['ret']:
+            return response
+        data = response['data']
+        uris = [a.get('@odata.id') for a in data.get('Members', []) if
+                a.get('@odata.id')]
+
+        # Find target EthernetInterface
+        target_ethernet_uri = None
+        target_ethernet_current_setting = None
+        if nic_addr == 'null':
+            # Find root_uri matched EthernetInterface when nic_addr is not specified
+            nic_addr = (self.root_uri).split('/')[-1]
+            nic_addr = nic_addr.split(':')[0]  # split port if existing
+        for uri in uris:
+            response = self.get_request(self.root_uri + uri)
+            if not response['ret']:
+                return response
+            data = response['data']
+            data_string = json.dumps(data)
+            if nic_addr.lower() in data_string.lower():
+                target_ethernet_uri = uri
+                target_ethernet_current_setting = data
+                break
+
+        nic_info = {}
+        nic_info['nic_addr'] = target_ethernet_uri
+        nic_info['ethernet_setting'] = target_ethernet_current_setting
+
+        if target_ethernet_uri is None:
+            return {}
+        else:
+            return nic_info
+
    def set_hostinterface_attributes(self, hostinterface_config, hostinterface_id=None):
        response = self.get_request(self.root_uri + self.manager_uri)
        if response['ret'] is False:
--- a/plugins/module_utils/redis.py
+++ b/plugins/module_utils/redis.py
@@ -27,20 +27,20 @@ except ImportError:
    HAS_CERTIFI_PACKAGE = False


-def fail_imports(module):
+def fail_imports(module, needs_certifi=True):
    errors = []
    traceback = []
    if not HAS_REDIS_PACKAGE:
        errors.append(missing_required_lib('redis'))
        traceback.append(REDIS_IMP_ERR)
-    if not HAS_CERTIFI_PACKAGE:
+    if not HAS_CERTIFI_PACKAGE and needs_certifi:
        errors.append(missing_required_lib('certifi'))
        traceback.append(CERTIFI_IMPORT_ERROR)
    if errors:
        module.fail_json(errors=errors, traceback='\n'.join(traceback))


-def redis_auth_argument_spec():
+def redis_auth_argument_spec(tls_default=True):
    return dict(
        login_host=dict(type='str',
                        default='localhost',),
@@ -50,7 +50,7 @@ def redis_auth_argument_spec():
                            ),
        login_port=dict(type='int', default=6379),
        tls=dict(type='bool',
-                 default=True),
+                 default=tls_default),
        validate_certs=dict(type='bool',
                            default=True
                            ),
@@ -58,6 +58,30 @@ def redis_auth_argument_spec():
    )


+def redis_auth_params(module):
+    login_host = module.params['login_host']
+    login_user = module.params['login_user']
+    login_password = module.params['login_password']
+    login_port = module.params['login_port']
+    tls = module.params['tls']
+    validate_certs = 'required' if module.params['validate_certs'] else None
+    ca_certs = module.params['ca_certs']
+    if tls and ca_certs is None:
+        ca_certs = str(certifi.where())
+    if tuple(map(int, redis_version.split('.'))) < (3, 4, 0) and login_user is not None:
+        module.fail_json(
+            msg='The option `username` in only supported with redis >= 3.4.0.')
+    params = {'host': login_host,
+              'port': login_port,
+              'password': login_password,
+              'ssl_ca_certs': ca_certs,
+              'ssl_cert_reqs': validate_certs,
+              'ssl': tls}
+    if login_user is not None:
+        params['username'] = login_user
+    return params
+
+
 class RedisAnsible(object):
    '''Base class for Redis module'''

@@ -66,28 +90,8 @@ class RedisAnsible(object):
        self.connection = self._connect()

    def _connect(self):
-        login_host = self.module.params['login_host']
-        login_user = self.module.params['login_user']
-        login_password = self.module.params['login_password']
-        login_port = self.module.params['login_port']
-        tls = self.module.params['tls']
-        validate_certs = 'required' if self.module.params['validate_certs'] else None
-        ca_certs = self.module.params['ca_certs']
-        if tls and ca_certs is None:
-            ca_certs = str(certifi.where())
-        if tuple(map(int, redis_version.split('.'))) < (3, 4, 0) and login_user is not None:
-            self.module.fail_json(
-                msg='The option `username` in only supported with redis >= 3.4.0.')
-        params = {'host': login_host,
-                  'port': login_port,
-                  'password': login_password,
-                  'ssl_ca_certs': ca_certs,
-                  'ssl_cert_reqs': validate_certs,
-                  'ssl': tls}
-        if login_user is not None:
-            params['username'] = login_user
        try:
-            return Redis(**params)
+            return Redis(**redis_auth_params(self.module))
        except Exception as e:
            self.module.fail_json(msg='{0}'.format(str(e)))
        return None
--- a/Show More
+++ b/Show More