Release 5.8.5.

Fix changelog fragment types.
(cherry picked from commit 84dbb286eb)
2026-05-01 02:43:16 +00:00 · 2023-01-31 07:15:46 +01:00 · 2023-01-31 07:15:24 +01:00 · 2023-01-30 21:17:01 +01:00 · 2023-01-29 18:37:21 +01:00 · 2023-01-26 06:23:48 +01:00
82 changed files with 760 additions and 272 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@@ -200,12 +200,12 @@ stages:
              test: macos/12.0
            - name: RHEL 7.9
              test: rhel/7.9
-            - name: RHEL 9.0
-              test: rhel/9.0
-            - name: FreeBSD 12.3
-              test: freebsd/12.3
+            - name: RHEL 9.1
+              test: rhel/9.1
            - name: FreeBSD 13.1
              test: freebsd/13.1
+            - name: FreeBSD 12.4
+              test: freebsd/12.4
          groups:
            - 1
            - 2
@@ -220,8 +220,8 @@ stages:
          targets:
            - name: RHEL 9.0
              test: rhel/9.0
-            - name: FreeBSD 13.1
-              test: freebsd/13.1
+            - name: FreeBSD 12.3
+              test: freebsd/12.3
          groups:
            - 1
            - 2
@@ -288,8 +288,8 @@ stages:
          targets:
            - name: CentOS 7
              test: centos7
-            - name: Fedora 36
-              test: fedora36
+            - name: Fedora 37
+              test: fedora37
            - name: openSUSE 15
              test: opensuse15
            - name: Ubuntu 20.04
@@ -310,8 +310,8 @@ stages:
        parameters:
          testFormat: 2.14/linux/{0}
          targets:
-            - name: Ubuntu 20.04
-              test: ubuntu2004
+            - name: Fedora 36
+              test: fedora36
          groups:
            - 1
            - 2
@@ -385,7 +385,7 @@ stages:
            - name: ArchLinux
              test: archlinux/3.10
            - name: CentOS Stream 8
-              test: centos-stream8/3.8
+              test: centos-stream8/3.9
          groups:
            - 1
            - 2
@@ -469,10 +469,11 @@ stages:
      - Docker_2_13
      - Docker_2_14
      - Docker_community_devel
-      - Generic_devel
-      - Generic_2_11
-      - Generic_2_12
-      - Generic_2_13
-      - Generic_2_14
+# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
+#      - Generic_devel
+#      - Generic_2_11
+#      - Generic_2_12
+#      - Generic_2_13
+#      - Generic_2_14
    jobs:
      - template: templates/coverage.yml
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,58 @@ Community General Release Notes

 This changelog describes changes after version 4.0.0.

+v5.8.5
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- ModuleHelper - fix bug when adjusting the name of reserved output variables (https://github.com/ansible-collections/community.general/pull/5755).
+- alternatives - support subcommands on Fedora 37, which uses ``follower`` instead of ``slave`` (https://github.com/ansible-collections/community.general/pull/5794).
+- bitwarden lookup plugin - clarify what to do, if the bitwarden vault is not unlocked (https://github.com/ansible-collections/community.general/pull/5811).
+- dig lookup plugin - correctly handle DNSKEY record type's ``algorithm`` field (https://github.com/ansible-collections/community.general/pull/5914).
+- gem - fix hang due to interactive prompt for confirmation on specific version uninstall (https://github.com/ansible-collections/community.general/pull/5751).
+- gitlab_deploy_key - also update ``title`` and not just ``can_push`` (https://github.com/ansible-collections/community.general/pull/5888).
+- keycloak_user_federation - fixes federation creation issue. When a new federation was created and at the same time a default / standard mapper was also changed / updated the creation process failed as a bad None set variable led to a bad malformed url request (https://github.com/ansible-collections/community.general/pull/5750).
+- keycloak_user_federation - fixes idempotency detection issues. In some cases the module could fail to properly detect already existing user federations because of a buggy seemingly superflous extra query parameter (https://github.com/ansible-collections/community.general/pull/5732).
+- loganalytics callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- logdna callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- logstash callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- nsupdate - fix zone lookup. The SOA record for an existing zone is returned as an answer RR and not as an authority RR (https://github.com/ansible-collections/community.general/issues/5817, https://github.com/ansible-collections/community.general/pull/5818).
+- redfish_utils - removed basic auth HTTP header when performing a GET on the service root resource and when performing a POST to the session collection (https://github.com/ansible-collections/community.general/issues/5886).
+- splunk callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- sumologic callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- syslog_json callback plugin - adjust type of callback to ``notification``, it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+- terraform - fix ``current`` workspace never getting appended to the ``all`` key in the ``workspace_ctf`` object (https://github.com/ansible-collections/community.general/pull/5735).
+- terraform - fix ``terraform init`` failure when there are multiple workspaces on the remote backend and when ``default`` workspace is missing by setting ``TF_WORKSPACE`` environmental variable to the value of ``workspace`` when used (https://github.com/ansible-collections/community.general/pull/5735).
+- terraform module - disable ANSI escape sequences during validation phase (https://github.com/ansible-collections/community.general/pull/5843).
+- xml - fixed a bug where empty ``children`` list would not be set (https://github.com/ansible-collections/community.general/pull/5808).
+
+v5.8.4
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- gconftool2 - fix crash that prevents setting a key (https://github.com/ansible-collections/community.general/issues/5591, https://github.com/ansible-collections/community.general/pull/5687).
+- gitlab_group_variables - fix dropping variables accidentally when GitLab introduced new properties (https://github.com/ansible-collections/community.general/pull/5667).
+- gitlab_project_variables - fix dropping variables accidentally when GitLab introduced new properties (https://github.com/ansible-collections/community.general/pull/5667).
+- lxc_container - fix the arguments of the lxc command which broke the creation and cloning of containers (https://github.com/ansible-collections/community.general/issues/5578).
+- opkg - fix issue that ``force=reinstall`` would not reinstall an existing package (https://github.com/ansible-collections/community.general/pull/5705).
+- proxmox_disk - fixed possible issues with redundant ``vmid`` parameter (https://github.com/ansible-collections/community.general/issues/5492, https://github.com/ansible-collections/community.general/pull/5672).
+- proxmox_nic - fixed possible issues with redundant ``vmid`` parameter (https://github.com/ansible-collections/community.general/issues/5492, https://github.com/ansible-collections/community.general/pull/5672).
+- unixy callback plugin - fix typo introduced when updating to use Ansible's configuration manager for handling options (https://github.com/ansible-collections/community.general/issues/5600).
+
 v5.8.3
 ======

--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@@ -1391,3 +1391,99 @@ releases:
    - 5628-fix-vmadm-off-by-one.yml
    - 5632-vdo-Use-yaml-safe-load-instead-of-yaml-load.yml
    release_date: '2022-12-05'
+  5.8.4:
+    changes:
+      bugfixes:
+      - gconftool2 - fix crash that prevents setting a key (https://github.com/ansible-collections/community.general/issues/5591,
+        https://github.com/ansible-collections/community.general/pull/5687).
+      - gitlab_group_variables - fix dropping variables accidentally when GitLab introduced
+        new properties (https://github.com/ansible-collections/community.general/pull/5667).
+      - gitlab_project_variables - fix dropping variables accidentally when GitLab
+        introduced new properties (https://github.com/ansible-collections/community.general/pull/5667).
+      - lxc_container - fix the arguments of the lxc command which broke the creation
+        and cloning of containers (https://github.com/ansible-collections/community.general/issues/5578).
+      - opkg - fix issue that ``force=reinstall`` would not reinstall an existing
+        package (https://github.com/ansible-collections/community.general/pull/5705).
+      - proxmox_disk - fixed possible issues with redundant ``vmid`` parameter (https://github.com/ansible-collections/community.general/issues/5492,
+        https://github.com/ansible-collections/community.general/pull/5672).
+      - proxmox_nic - fixed possible issues with redundant ``vmid`` parameter (https://github.com/ansible-collections/community.general/issues/5492,
+        https://github.com/ansible-collections/community.general/pull/5672).
+      - unixy callback plugin - fix typo introduced when updating to use Ansible's
+        configuration manager for handling options (https://github.com/ansible-collections/community.general/issues/5600).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 5.8.4.yml
+    - 5659-fix-lxc_container-command.yml
+    - 5666-gitlab-variables.yml
+    - 5672-proxmox.yml
+    - 5687-gconftool2.yml
+    - 5705-opkg-fix-force-reinstall.yml
+    - 5744-unixy-callback-fix-config-manager-typo.yml
+    release_date: '2023-01-04'
+  5.8.5:
+    changes:
+      bugfixes:
+      - ModuleHelper - fix bug when adjusting the name of reserved output variables
+        (https://github.com/ansible-collections/community.general/pull/5755).
+      - alternatives - support subcommands on Fedora 37, which uses ``follower`` instead
+        of ``slave`` (https://github.com/ansible-collections/community.general/pull/5794).
+      - bitwarden lookup plugin - clarify what to do, if the bitwarden vault is not
+        unlocked (https://github.com/ansible-collections/community.general/pull/5811).
+      - dig lookup plugin - correctly handle DNSKEY record type's ``algorithm`` field
+        (https://github.com/ansible-collections/community.general/pull/5914).
+      - gem - fix hang due to interactive prompt for confirmation on specific version
+        uninstall (https://github.com/ansible-collections/community.general/pull/5751).
+      - gitlab_deploy_key - also update ``title`` and not just ``can_push`` (https://github.com/ansible-collections/community.general/pull/5888).
+      - keycloak_user_federation - fixes federation creation issue. When a new federation
+        was created and at the same time a default / standard mapper was also changed
+        / updated the creation process failed as a bad None set variable led to a
+        bad malformed url request (https://github.com/ansible-collections/community.general/pull/5750).
+      - 'keycloak_user_federation - fixes idempotency detection issues. In some cases
+        the module could fail to properly detect already existing user federations
+        because of a buggy seemingly superflous extra query parameter (https://github.com/ansible-collections/community.general/pull/5732).
+
+        '
+      - loganalytics callback plugin - adjust type of callback to ``notification``,
+        it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - logdna callback plugin - adjust type of callback to ``notification``, it was
+        incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - logstash callback plugin - adjust type of callback to ``notification``, it
+        was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - nsupdate - fix zone lookup. The SOA record for an existing zone is returned
+        as an answer RR and not as an authority RR (https://github.com/ansible-collections/community.general/issues/5817,
+        https://github.com/ansible-collections/community.general/pull/5818).
+      - redfish_utils - removed basic auth HTTP header when performing a GET on the
+        service root resource and when performing a POST to the session collection
+        (https://github.com/ansible-collections/community.general/issues/5886).
+      - splunk callback plugin - adjust type of callback to ``notification``, it was
+        incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - sumologic callback plugin - adjust type of callback to ``notification``, it
+        was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - syslog_json callback plugin - adjust type of callback to ``notification``,
+        it was incorrectly classified as ``aggregate`` before (https://github.com/ansible-collections/community.general/pull/5761).
+      - terraform - fix ``current`` workspace never getting appended to the ``all``
+        key in the ``workspace_ctf`` object (https://github.com/ansible-collections/community.general/pull/5735).
+      - terraform - fix ``terraform init`` failure when there are multiple workspaces
+        on the remote backend and when ``default`` workspace is missing by setting
+        ``TF_WORKSPACE`` environmental variable to the value of ``workspace`` when
+        used (https://github.com/ansible-collections/community.general/pull/5735).
+      - terraform module - disable ANSI escape sequences during validation phase (https://github.com/ansible-collections/community.general/pull/5843).
+      - xml - fixed a bug where empty ``children`` list would not be set (https://github.com/ansible-collections/community.general/pull/5808).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 5.8.5.yml
+    - 5732-bugfix-keycloak-userfed-idempotency.yml
+    - 5735-terraform-init-fix-when-default-workspace-doesnt-exists.yaml
+    - 5750-bugfixing-keycloak-usrfed-fail-when-update-default-mapper-simultaneously.yml
+    - 5751-gem-fix-uninstall-hang.yml
+    - 5755-mh-fix-output-conflict.yml
+    - 5761-callback-types.yml
+    - 5794-alternatives-fedora37.yml
+    - 5808-xml-children-parameter-does-not-exist.yml
+    - 5811-clarify-bitwarden-error.yml
+    - 5818-nsupdate-fix-zone-lookup.yml
+    - 5843-terraform-validate-no-color.yml
+    - 5886-redfish-correct-basic-auth-usage-on-session-creation.yml
+    - 5888-update-key-title.yml
+    - 5914-dig-dnskey.yml
+    release_date: '2023-01-31'
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -5,7 +5,7 @@

 namespace: community
 name: general
-version: 5.8.3
+version: 5.8.5
 readme: README.md
 authors:
  - Ansible (https://github.com/ansible)
--- a/plugins/callback/cgroup_memory_recap.py
+++ b/plugins/callback/cgroup_memory_recap.py
@@ -16,15 +16,15 @@ DOCUMENTATION = '''
      - cgroups
    short_description: Profiles maximum memory usage of tasks and full execution using cgroups
    description:
-        - This is an ansible callback plugin that profiles maximum memory usage of ansible and individual tasks, and displays a recap at the end using cgroups
+        - This is an ansible callback plugin that profiles maximum memory usage of ansible and individual tasks, and displays a recap at the end using cgroups.
    notes:
-        - Requires ansible to be run from within a cgroup, such as with C(cgexec -g memory:ansible_profile ansible-playbook ...)
-        - This cgroup should only be used by ansible to get accurate results
-        - To create the cgroup, first use a command such as C(sudo cgcreate -a ec2-user:ec2-user -t ec2-user:ec2-user -g memory:ansible_profile)
+        - Requires ansible to be run from within a cgroup, such as with C(cgexec -g memory:ansible_profile ansible-playbook ...).
+        - This cgroup should only be used by ansible to get accurate results.
+        - To create the cgroup, first use a command such as C(sudo cgcreate -a ec2-user:ec2-user -t ec2-user:ec2-user -g memory:ansible_profile).
    options:
      max_mem_file:
        required: true
-        description: Path to cgroups C(memory.max_usage_in_bytes) file. Example C(/sys/fs/cgroup/memory/ansible_profile/memory.max_usage_in_bytes)
+        description: Path to cgroups C(memory.max_usage_in_bytes) file. Example C(/sys/fs/cgroup/memory/ansible_profile/memory.max_usage_in_bytes).
        env:
          - name: CGROUP_MAX_MEM_FILE
        ini:
@@ -32,7 +32,7 @@ DOCUMENTATION = '''
            key: max_mem_file
      cur_mem_file:
        required: true
-        description: Path to C(memory.usage_in_bytes) file. Example C(/sys/fs/cgroup/memory/ansible_profile/memory.usage_in_bytes)
+        description: Path to C(memory.usage_in_bytes) file. Example C(/sys/fs/cgroup/memory/ansible_profile/memory.usage_in_bytes).
        env:
          - name: CGROUP_CUR_MEM_FILE
        ini:
--- a/plugins/callback/context_demo.py
+++ b/plugins/callback/context_demo.py
@@ -13,8 +13,8 @@ DOCUMENTATION = '''
    type: aggregate
    short_description: demo callback that adds play/task context
    description:
-      - Displays some play and task context along with normal output
-      - This is mostly for demo purposes
+      - Displays some play and task context along with normal output.
+      - This is mostly for demo purposes.
    requirements:
      - whitelist in configuration
 '''
--- a/plugins/callback/counter_enabled.py
+++ b/plugins/callback/counter_enabled.py
@@ -21,7 +21,7 @@ DOCUMENTATION = '''
    extends_documentation_fragment:
      - default_callback
    requirements:
-      - set as stdout callback in ansible.cfg  (stdout_callback = counter_enabled)
+      - set as stdout callback in C(ansible.cfg) (C(stdout_callback = counter_enabled))
 '''

 from ansible import constants as C
--- a/plugins/callback/dense.py
+++ b/plugins/callback/dense.py
@@ -14,7 +14,7 @@ short_description: minimal stdout output
 extends_documentation_fragment:
 - default_callback
 description:
- When in verbose mode it will act the same as the default callback
+- When in verbose mode it will act the same as the default callback.
 author:
 - Dag Wieers (@dagwieers)
 requirements:
--- a/plugins/callback/jabber.py
+++ b/plugins/callback/jabber.py
@@ -13,10 +13,10 @@ DOCUMENTATION = '''
    type: notification
    short_description: post task events to a jabber server
    description:
-      - The chatty part of ChatOps with a Hipchat server as a target
+      - The chatty part of ChatOps with a Hipchat server as a target.
      - This callback plugin sends status updates to a HipChat channel during playbook execution.
    requirements:
-      - xmpp (python lib https://github.com/ArchipelProject/xmpppy)
+      - xmpp (Python library U(https://github.com/ArchipelProject/xmpppy))
    options:
      server:
        description: connection info to jabber server
--- a/plugins/callback/log_plays.py
+++ b/plugins/callback/log_plays.py
@@ -13,10 +13,10 @@ DOCUMENTATION = '''
    type: notification
    short_description: write playbook output to log file
    description:
-      - This callback writes playbook output to a file per host in the C(/var/log/ansible/hosts) directory
+      - This callback writes playbook output to a file per host in the C(/var/log/ansible/hosts) directory.
    requirements:
     - Whitelist in configuration
-     - A writeable /var/log/ansible/hosts directory by the user executing Ansible on the controller
+     - A writeable C(/var/log/ansible/hosts) directory by the user executing Ansible on the controller
    options:
      log_folder:
        default: /var/log/ansible/hosts
--- a/plugins/callback/loganalytics.py
+++ b/plugins/callback/loganalytics.py
@@ -8,7 +8,7 @@ __metaclass__ = type

 DOCUMENTATION = '''
    name: loganalytics
-    type: aggregate
+    type: notification
    short_description: Posts task results to Azure Log Analytics
    author: "Cyrus Li (@zhcli) <cyrus1006@gmail.com>"
    description:
@@ -155,7 +155,7 @@ class AzureLogAnalyticsSource(object):

 class CallbackModule(CallbackBase):
    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'loganalytics'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/logdna.py
+++ b/plugins/callback/logdna.py
@@ -9,17 +9,17 @@ __metaclass__ = type
 DOCUMENTATION = '''
    author: Unknown (!UNKNOWN)
    name: logdna
-    type: aggregate
+    type: notification
    short_description: Sends playbook logs to LogDNA
    description:
-      - This callback will report logs from playbook actions, tasks, and events to LogDNA (https://app.logdna.com)
+      - This callback will report logs from playbook actions, tasks, and events to LogDNA (U(https://app.logdna.com)).
    requirements:
-      - LogDNA Python Library (https://github.com/logdna/python)
+      - LogDNA Python Library (U(https://github.com/logdna/python))
      - whitelisting in configuration
    options:
      conf_key:
        required: true
-        description: LogDNA Ingestion Key
+        description: LogDNA Ingestion Key.
        type: string
        env:
          - name: LOGDNA_INGESTION_KEY
@@ -28,7 +28,7 @@ DOCUMENTATION = '''
            key: conf_key
      plugin_ignore_errors:
        required: false
-        description: Whether to ignore errors on failing or not
+        description: Whether to ignore errors on failing or not.
        type: boolean
        env:
          - name: ANSIBLE_IGNORE_ERRORS
@@ -38,7 +38,7 @@ DOCUMENTATION = '''
        default: false
      conf_hostname:
        required: false
-        description: Alternative Host Name; the current host name by default
+        description: Alternative Host Name; the current host name by default.
        type: string
        env:
          - name: LOGDNA_HOSTNAME
@@ -47,7 +47,7 @@ DOCUMENTATION = '''
            key: conf_hostname
      conf_tags:
        required: false
-        description: Tags
+        description: Tags.
        type: string
        env:
          - name: LOGDNA_TAGS
@@ -111,7 +111,7 @@ def isJSONable(obj):
 class CallbackModule(CallbackBase):

    CALLBACK_VERSION = 0.1
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'community.general.logdna'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/logentries.py
+++ b/plugins/callback/logentries.py
@@ -13,15 +13,15 @@ DOCUMENTATION = '''
    short_description: Sends events to Logentries
    description:
      - This callback plugin will generate JSON objects and send them to Logentries via TCP for auditing/debugging purposes.
-      - Before 2.4, if you wanted to use an ini configuration, the file must be placed in the same directory as this plugin and named logentries.ini
+      - Before 2.4, if you wanted to use an ini configuration, the file must be placed in the same directory as this plugin and named C(logentries.ini).
      - In 2.4 and above you can just put it in the main Ansible configuration file.
    requirements:
      - whitelisting in configuration
-      - certifi (python library)
-      - flatdict (python library), if you want to use the 'flatten' option
+      - certifi (Python library)
+      - flatdict (Python library), if you want to use the 'flatten' option
    options:
      api:
-        description: URI to the Logentries API
+        description: URI to the Logentries API.
        env:
          - name: LOGENTRIES_API
        default: data.logentries.com
@@ -29,7 +29,7 @@ DOCUMENTATION = '''
          - section: callback_logentries
            key: api
      port:
-        description: HTTP port to use when connecting to the API
+        description: HTTP port to use when connecting to the API.
        env:
            - name: LOGENTRIES_PORT
        default: 80
@@ -37,7 +37,7 @@ DOCUMENTATION = '''
          - section: callback_logentries
            key: port
      tls_port:
-        description: Port to use when connecting to the API when TLS is enabled
+        description: Port to use when connecting to the API when TLS is enabled.
        env:
            - name: LOGENTRIES_TLS_PORT
        default: 443
@@ -45,7 +45,7 @@ DOCUMENTATION = '''
          - section: callback_logentries
            key: tls_port
      token:
-        description: The logentries "TCP token"
+        description: The logentries C(TCP token).
        env:
          - name: LOGENTRIES_ANSIBLE_TOKEN
        required: true
@@ -54,7 +54,7 @@ DOCUMENTATION = '''
            key: token
      use_tls:
        description:
-          - Toggle to decide whether to use TLS to encrypt the communications with the API server
+          - Toggle to decide whether to use TLS to encrypt the communications with the API server.
        env:
          - name: LOGENTRIES_USE_TLS
        default: false
@@ -63,7 +63,7 @@ DOCUMENTATION = '''
          - section: callback_logentries
            key: use_tls
      flatten:
-        description: flatten complex data structures into a single dictionary with complex keys
+        description: Flatten complex data structures into a single dictionary with complex keys.
        type: boolean
        default: false
        env:
--- a/plugins/callback/logstash.py
+++ b/plugins/callback/logstash.py
@@ -13,13 +13,13 @@ DOCUMENTATION = r'''
    type: notification
    short_description: Sends events to Logstash
    description:
-      - This callback will report facts and task events to Logstash https://www.elastic.co/products/logstash
+      - This callback will report facts and task events to Logstash U(https://www.elastic.co/products/logstash).
    requirements:
      - whitelisting in configuration
-      - logstash (python library)
+      - logstash (Python library)
    options:
      server:
-        description: Address of the Logstash server
+        description: Address of the Logstash server.
        env:
          - name: LOGSTASH_SERVER
        ini:
@@ -28,7 +28,7 @@ DOCUMENTATION = r'''
            version_added: 1.0.0
        default: localhost
      port:
-        description: Port on which logstash is listening
+        description: Port on which logstash is listening.
        env:
            - name: LOGSTASH_PORT
        ini:
@@ -37,7 +37,7 @@ DOCUMENTATION = r'''
            version_added: 1.0.0
        default: 5000
      type:
-        description: Message type
+        description: Message type.
        env:
          - name: LOGSTASH_TYPE
        ini:
@@ -54,7 +54,7 @@ DOCUMENTATION = r'''
        env:
          - name: LOGSTASH_PRE_COMMAND
      format_version:
-        description: Logging format
+        description: Logging format.
        type: str
        version_added: 2.0.0
        ini:
@@ -113,7 +113,7 @@ from ansible.plugins.callback import CallbackBase
 class CallbackModule(CallbackBase):

    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'community.general.logstash'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/null.py
+++ b/plugins/callback/null.py
@@ -15,7 +15,7 @@ DOCUMENTATION = '''
      - set as main display callback
    short_description: Don't display stuff to screen
    description:
-        - This callback prevents outputing events to screen
+        - This callback prevents outputing events to screen.
 '''

 from ansible.plugins.callback import CallbackBase
--- a/plugins/callback/say.py
+++ b/plugins/callback/say.py
@@ -14,12 +14,12 @@ DOCUMENTATION = '''
    type: notification
    requirements:
      - whitelisting in configuration
-      - the '/usr/bin/say' command line program (standard on macOS) or 'espeak' command line program
+      - the C(/usr/bin/say) command line program (standard on macOS) or C(espeak) command line program
    short_description: notify using software speech synthesizer
    description:
-      - This plugin will use the 'say' or 'espeak' program to "speak" about play events.
+      - This plugin will use the C(say) or C(espeak) program to "speak" about play events.
    notes:
-      - In 2.8, this callback has been renamed from C(osx_say) into M(community.general.say).
+      - In Ansible 2.8, this callback has been renamed from C(osx_say) into M(community.general.say).
 '''

 import platform
--- a/plugins/callback/selective.py
+++ b/plugins/callback/selective.py
@@ -22,7 +22,7 @@ DOCUMENTATION = '''
    options:
      nocolor:
        default: false
-        description: This setting allows suppressing colorizing output
+        description: This setting allows suppressing colorizing output.
        env:
          - name: ANSIBLE_NOCOLOR
          - name: ANSIBLE_SELECTIVE_DONT_COLORIZE
--- a/plugins/callback/slack.py
+++ b/plugins/callback/slack.py
@@ -18,11 +18,11 @@ DOCUMENTATION = '''
    short_description: Sends play events to a Slack channel
    description:
        - This is an ansible callback plugin that sends status updates to a Slack channel during playbook execution.
-        - Before 2.4 only environment variables were available for configuring this plugin
+        - Before Ansible 2.4 only environment variables were available for configuring this plugin.
    options:
      webhook_url:
        required: true
-        description: Slack Webhook URL
+        description: Slack Webhook URL.
        env:
          - name: SLACK_WEBHOOK_URL
        ini:
@@ -45,7 +45,7 @@ DOCUMENTATION = '''
          - section: callback_slack
            key: username
      validate_certs:
-        description: validate the SSL certificate of the Slack server. (For HTTPS URLs)
+        description: Validate the SSL certificate of the Slack server for HTTPS URLs.
        env:
          - name: SLACK_VALIDATE_CERTS
        ini:
--- a/plugins/callback/splunk.py
+++ b/plugins/callback/splunk.py
@@ -8,27 +8,27 @@ __metaclass__ = type

 DOCUMENTATION = '''
    name: splunk
-    type: aggregate
+    type: notification
    short_description: Sends task result events to Splunk HTTP Event Collector
    author: "Stuart Hirst (!UNKNOWN) <support@convergingdata.com>"
    description:
      - This callback plugin will send task results as JSON formatted events to a Splunk HTTP collector.
-      - The companion Splunk Monitoring & Diagnostics App is available here "https://splunkbase.splunk.com/app/4023/"
+      - The companion Splunk Monitoring & Diagnostics App is available here U(https://splunkbase.splunk.com/app/4023/).
      - Credit to "Ryan Currah (@ryancurrah)" for original source upon which this is based.
    requirements:
      - Whitelisting this callback plugin
      - 'Create a HTTP Event Collector in Splunk'
-      - 'Define the url and token in ansible.cfg'
+      - 'Define the URL and token in C(ansible.cfg)'
    options:
      url:
-        description: URL to the Splunk HTTP collector source
+        description: URL to the Splunk HTTP collector source.
        env:
          - name: SPLUNK_URL
        ini:
          - section: callback_splunk
            key: url
      authtoken:
-        description: Token to authenticate the connection to the Splunk HTTP collector
+        description: Token to authenticate the connection to the Splunk HTTP collector.
        env:
          - name: SPLUNK_AUTHTOKEN
        ini:
@@ -48,7 +48,7 @@ DOCUMENTATION = '''
        version_added: '1.0.0'
      include_milliseconds:
        description: Whether to include milliseconds as part of the generated timestamp field in the event
-                     sent to the Splunk HTTP collector
+                     sent to the Splunk HTTP collector.
        env:
          - name: SPLUNK_INCLUDE_MILLISECONDS
        ini:
@@ -165,7 +165,7 @@ class SplunkHTTPCollectorSource(object):

 class CallbackModule(CallbackBase):
    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'community.general.splunk'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/sumologic.py
+++ b/plugins/callback/sumologic.py
@@ -8,18 +8,18 @@ __metaclass__ = type

 DOCUMENTATION = '''
 name: sumologic
-type: aggregate
+type: notification
 short_description: Sends task result events to Sumologic
 author: "Ryan Currah (@ryancurrah)"
 description:
-  - This callback plugin will send task results as JSON formatted events to a Sumologic HTTP collector source
+  - This callback plugin will send task results as JSON formatted events to a Sumologic HTTP collector source.
 requirements:
  - Whitelisting this callback plugin
  - 'Create a HTTP collector source in Sumologic and specify a custom timestamp format of C(yyyy-MM-dd HH:mm:ss ZZZZ) and a custom timestamp locator
    of C("timestamp": "(.*)")'
 options:
  url:
-    description: URL to the Sumologic HTTP collector source
+    description: URL to the Sumologic HTTP collector source.
    env:
      - name: SUMOLOGIC_URL
    ini:
@@ -28,7 +28,7 @@ options:
 '''

 EXAMPLES = '''
-examples: >
+examples: |
  To enable, add this to your ansible.cfg file in the defaults block
    [defaults]
    callback_whitelist = community.general.sumologic
@@ -111,7 +111,7 @@ class SumologicHTTPCollectorSource(object):

 class CallbackModule(CallbackBase):
    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'community.general.sumologic'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/syslog_json.py
+++ b/plugins/callback/syslog_json.py
@@ -15,11 +15,11 @@ DOCUMENTATION = '''
      - whitelist in configuration
    short_description: sends JSON events to syslog
    description:
-      - This plugin logs ansible-playbook and ansible runs to a syslog server in JSON format
-      - Before Ansible 2.9 only environment variables were available for configuration
+      - This plugin logs ansible-playbook and ansible runs to a syslog server in JSON format.
+      - Before Ansible 2.9 only environment variables were available for configuration.
    options:
      server:
-        description: syslog server that will receive the event
+        description: Syslog server that will receive the event.
        env:
        - name: SYSLOG_SERVER
        default: localhost
@@ -27,7 +27,7 @@ DOCUMENTATION = '''
          - section: callback_syslog_json
            key: syslog_server
      port:
-        description: port on which the syslog server is listening
+        description: Port on which the syslog server is listening.
        env:
          - name: SYSLOG_PORT
        default: 514
@@ -35,7 +35,7 @@ DOCUMENTATION = '''
          - section: callback_syslog_json
            key: syslog_port
      facility:
-        description: syslog facility to log as
+        description: Syslog facility to log as.
        env:
          - name: SYSLOG_FACILITY
        default: user
@@ -71,7 +71,7 @@ class CallbackModule(CallbackBase):
    """

    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_TYPE = 'notification'
    CALLBACK_NAME = 'community.general.syslog_json'
    CALLBACK_NEEDS_WHITELIST = True

--- a/plugins/callback/unixy.py
+++ b/plugins/callback/unixy.py
@@ -142,7 +142,7 @@ class CallbackModule(CallbackModule_default):
            display_color = C.COLOR_CHANGED
            task_result = self._process_result_output(result, msg)
            self._display.display("  " + task_result, display_color)
-        elif self.get('display_ok_hosts'):
+        elif self.get_option('display_ok_hosts'):
            task_result = self._process_result_output(result, msg)
            self._display.display("  " + task_result, display_color)

--- a/plugins/callback/yaml.py
+++ b/plugins/callback/yaml.py
@@ -11,7 +11,7 @@ DOCUMENTATION = '''
    author: Unknown (!UNKNOWN)
    name: yaml
    type: stdout
-    short_description: yaml-ized Ansible screen output
+    short_description: YAML-ized Ansible screen output
    description:
        - Ansible output that can be quite a bit easier to read than the
          default JSON formatting.
--- a/plugins/doc_fragments/ldap.py
+++ b/plugins/doc_fragments/ldap.py
@@ -60,7 +60,7 @@ options:
  sasl_class:
    description:
      - The class to use for SASL authentication.
-      - possible choices are C(external), C(gssapi).
+      - Possible choices are C(external), C(gssapi).
    type: str
    choices: ['external', 'gssapi']
    default: external
--- a/plugins/lookup/bitwarden.py
+++ b/plugins/lookup/bitwarden.py
@@ -78,7 +78,7 @@ class Bitwarden(object):
        return self._cli_path

    @property
-    def logged_in(self):
+    def unlocked(self):
        out, err = self._run(['status'], stdin="")
        decoded = AnsibleJSONDecoder().raw_decode(out)[0]
        return decoded['status'] == 'unlocked'
@@ -121,8 +121,8 @@ class LookupModule(LookupBase):
        self.set_options(var_options=variables, direct=kwargs)
        field = self.get_option('field')
        search_field = self.get_option('search')
-        if not _bitwarden.logged_in:
-            raise AnsibleError("Not logged into Bitwarden. Run 'bw login'.")
+        if not _bitwarden.unlocked:
+            raise AnsibleError("Bitwarden Vault locked. Run 'bw unlock'.")

        return [_bitwarden.get_field(field, term, search_field) for term in terms]

--- a/plugins/lookup/dig.py
+++ b/plugins/lookup/dig.py
@@ -218,7 +218,7 @@ def make_rdata_dict(rdata):
        NSEC3PARAM: ['algorithm', 'flags', 'iterations', 'salt'],
        PTR: ['target'],
        RP: ['mbox', 'txt'],
-        # RRSIG: ['algorithm', 'labels', 'original_ttl', 'expiration', 'inception', 'signature'],
+        # RRSIG: ['type_covered', 'algorithm', 'labels', 'original_ttl', 'expiration', 'inception', 'key_tag', 'signer', 'signature'],
        SOA: ['mname', 'rname', 'serial', 'refresh', 'retry', 'expire', 'minimum'],
        SPF: ['strings'],
        SRV: ['priority', 'weight', 'port', 'target'],
@@ -241,6 +241,8 @@ def make_rdata_dict(rdata):
                val = dns.rdata._hexify(rdata.digest).replace(' ', '')
            if rdata.rdtype == DS and f == 'digest':
                val = dns.rdata._hexify(rdata.digest).replace(' ', '')
+            if rdata.rdtype == DNSKEY and f == 'algorithm':
+                val = int(val)
            if rdata.rdtype == DNSKEY and f == 'key':
                val = dns.rdata._base64ify(rdata.key).replace(' ', '')
            if rdata.rdtype == NSEC3PARAM and f == 'salt':
--- a/plugins/module_utils/gitlab.py
+++ b/plugins/module_utils/gitlab.py
@@ -110,3 +110,14 @@ def gitlab_authentication(module):
            GitLab remove Session API now that private tokens are removed from user API endpoints since version 10.2." % to_native(e))

    return gitlab_instance
+
+
+def filter_returned_variables(gitlab_variables):
+    # pop properties we don't know
+    existing_variables = [dict(x.attributes) for x in gitlab_variables]
+    KNOWN = ['key', 'value', 'masked', 'protected', 'variable_type', 'environment_scope']
+    for item in existing_variables:
+        for key in list(item.keys()):
+            if key not in KNOWN:
+                item.pop(key)
+    return existing_variables
--- a/plugins/module_utils/mh/module_helper.py
+++ b/plugins/module_utils/mh/module_helper.py
@@ -72,7 +72,7 @@ class ModuleHelper(DeprecateAttrsMixin, VarsMixin, DependencyMixin, ModuleHelper
            vars_diff = self.vars.diff() or {}
            result['diff'] = dict_merge(dict(diff), vars_diff)

-        for varname in result:
+        for varname in list(result):
            if varname in self._output_conflict_list:
                result["_" + varname] = result[varname]
                del result[varname]
--- a/plugins/module_utils/redfish_utils.py
+++ b/plugins/module_utils/redfish_utils.py
@@ -36,6 +36,8 @@ class RedfishUtils(object):
        self.timeout = timeout
        self.module = module
        self.service_root = '/redfish/v1/'
+        self.session_service_uri = '/redfish/v1/SessionService'
+        self.sessions_uri = '/redfish/v1/SessionService/Sessions'
        self.resource_id = resource_id
        self.data_modification = data_modification
        self.strip_etag_quotes = strip_etag_quotes
@@ -66,6 +68,10 @@ class RedfishUtils(object):
        req_headers = dict(GET_HEADERS)
        username, password, basic_auth = self._auth_params(req_headers)
        try:
+            # Service root is an unauthenticated resource; remove credentials
+            # in case the caller will be using sessions later.
+            if uri == (self.root_uri + self.service_root):
+                basic_auth = False
            resp = open_url(uri, method="GET", headers=req_headers,
                            url_username=username, url_password=password,
                            force_basic_auth=basic_auth, validate_certs=False,
@@ -92,6 +98,11 @@ class RedfishUtils(object):
        req_headers = dict(POST_HEADERS)
        username, password, basic_auth = self._auth_params(req_headers)
        try:
+            # When performing a POST to the session collection, credentials are
+            # provided in the request body.  Do not provide the basic auth
+            # header since this can cause conflicts with some services
+            if self.sessions_uri is not None and uri == (self.root_uri + self.sessions_uri):
+                basic_auth = False
            resp = open_url(uri, data=json.dumps(pyld),
                            headers=req_headers, method="POST",
                            url_username=username, url_password=password,
@@ -232,23 +243,23 @@ class RedfishUtils(object):
        return {'ret': True}

    def _find_sessionservice_resource(self):
+        # Get the service root
        response = self.get_request(self.root_uri + self.service_root)
        if response['ret'] is False:
            return response
        data = response['data']
-        if 'SessionService' not in data:
+
+        # Check for the session service and session collection.  Well-known
+        # defaults are provided in the constructor, but services that predate
+        # Redfish 1.6.0 might contain different values.
+        self.session_service_uri = data.get('SessionService', {}).get('@odata.id')
+        self.sessions_uri = data.get('Links', {}).get('Sessions', {}).get('@odata.id')
+
+        # If one isn't found, return an error
+        if self.session_service_uri is None:
            return {'ret': False, 'msg': "SessionService resource not found"}
-        else:
-            session_service = data["SessionService"]["@odata.id"]
-            self.session_service_uri = session_service
-            response = self.get_request(self.root_uri + session_service)
-            if response['ret'] is False:
-                return response
-            data = response['data']
-            sessions = data['Sessions']['@odata.id']
-            if sessions[-1:] == '/':
-                sessions = sessions[:-1]
-            self.sessions_uri = sessions
+        if self.sessions_uri is None:
+            return {'ret': False, 'msg': "SessionCollection resource not found"}
        return {'ret': True}

    def _get_resource_uri_by_id(self, uris, id_prop):
--- a/plugins/modules/cloud/lxc/lxc_container.py
+++ b/plugins/modules/cloud/lxc/lxc_container.py
@@ -677,7 +677,7 @@ class LxcContainerManagement(object):

        false_values = BOOLEANS_FALSE.union([None, ''])
        result = dict(
-            (k, v)
+            (v, self.module.params[k])
            for k, v in variables.items()
            if self.module.params[k] not in false_values
        )
--- a/plugins/modules/cloud/misc/proxmox_disk.py
+++ b/plugins/modules/cloud/misc/proxmox_disk.py
@@ -699,7 +699,7 @@ def main():
                module.exit_json(changed=False, vmid=vmid, msg='Disk %s already detached in VM %s' % (disk, vmid))
            if disk not in vm_config:
                module.exit_json(changed=False, vmid=vmid, msg="Disk %s not present in VM %s config" % (disk, vmid))
-            proxmox.proxmox_api.nodes(vm['node']).qemu(vmid).unlink.put(vmid=vmid, idlist=disk, force=0)
+            proxmox.proxmox_api.nodes(vm['node']).qemu(vmid).unlink.put(idlist=disk, force=0)
            module.exit_json(changed=True, vmid=vmid, msg="Disk %s detached from VM %s" % (disk, vmid))
        except Exception as e:
            module.fail_json(msg="Failed to detach disk %s from VM %s with exception: %s" % (disk, vmid, str(e)))
@@ -734,7 +734,7 @@ def main():
        try:
            if disk not in vm_config:
                module.exit_json(changed=False, vmid=vmid, msg="Disk %s is already absent in VM %s" % (disk, vmid))
-            proxmox.proxmox_api.nodes(vm['node']).qemu(vmid).unlink.put(vmid=vmid, idlist=disk, force=1)
+            proxmox.proxmox_api.nodes(vm['node']).qemu(vmid).unlink.put(idlist=disk, force=1)
            module.exit_json(changed=True, vmid=vmid, msg="Disk %s removed from VM %s" % (disk, vmid))
        except Exception as e:
            module.fail_json(vmid=vmid, msg='Unable to remove disk %s from VM %s: %s' % (disk, vmid, str(e)))
--- a/plugins/modules/cloud/misc/proxmox_nic.py
+++ b/plugins/modules/cloud/misc/proxmox_nic.py
@@ -223,7 +223,7 @@ class ProxmoxNicAnsible(ProxmoxAnsible):

        if interface in vminfo:
            if not self.module.check_mode:
-                self.proxmox_api.nodes(vm['node']).qemu(vmid).config.set(vmid=vmid, delete=interface)
+                self.proxmox_api.nodes(vm['node']).qemu(vmid).config.set(delete=interface)
            return True

        return False
--- a/plugins/modules/cloud/misc/terraform.py
+++ b/plugins/modules/cloud/misc/terraform.py
@@ -48,7 +48,9 @@ options:
    version_added: 3.0.0
  workspace:
    description:
-      - The terraform workspace to work with.
+      - The terraform workspace to work with. This sets the C(TF_WORKSPACE) environmental variable
+        that is used to override workspace selection. For more information about workspaces
+        have a look at U(https://developer.hashicorp.com/terraform/language/state/workspaces).
    type: str
    default: default
  purge_workspace:
@@ -297,9 +299,9 @@ def preflight_validation(bin_path, project_path, version, variables_args=None, p
    if not os.path.isdir(project_path):
        module.fail_json(msg="Path for Terraform project '{0}' doesn't exist on this host - check the path and try again please.".format(project_path))
    if LooseVersion(version) < LooseVersion('0.15.0'):
-        rc, out, err = module.run_command([bin_path, 'validate'] + variables_args, check_rc=True, cwd=project_path)
+        module.run_command([bin_path, 'validate', '-no-color'] + variables_args, check_rc=True, cwd=project_path)
    else:
-        rc, out, err = module.run_command([bin_path, 'validate'], check_rc=True, cwd=project_path)
+        module.run_command([bin_path, 'validate', '-no-color'], check_rc=True, cwd=project_path)


 def _state_args(state_file):
@@ -310,7 +312,7 @@ def _state_args(state_file):
    return []


-def init_plugins(bin_path, project_path, backend_config, backend_config_files, init_reconfigure, provider_upgrade, plugin_paths):
+def init_plugins(bin_path, project_path, backend_config, backend_config_files, init_reconfigure, provider_upgrade, plugin_paths, workspace):
    command = [bin_path, 'init', '-input=false', '-no-color']
    if backend_config:
        for key, val in backend_config.items():
@@ -328,7 +330,7 @@ def init_plugins(bin_path, project_path, backend_config, backend_config_files, i
    if plugin_paths:
        for plugin_path in plugin_paths:
            command.extend(['-plugin-dir', plugin_path])
-    rc, out, err = module.run_command(command, check_rc=True, cwd=project_path)
+    rc, out, err = module.run_command(command, check_rc=True, cwd=project_path, environ_update={"TF_WORKSPACE": workspace})


 def get_workspace_context(bin_path, project_path):
@@ -343,6 +345,7 @@ def get_workspace_context(bin_path, project_path):
            continue
        elif stripped_item.startswith('* '):
            workspace_ctx["current"] = stripped_item.replace('* ', '')
+            workspace_ctx["all"].append(stripped_item.replace('* ', ''))
        else:
            workspace_ctx["all"].append(stripped_item)
    return workspace_ctx
@@ -485,7 +488,7 @@ def main():

    if force_init:
        if overwrite_init or not os.path.isfile(os.path.join(project_path, ".terraform", "terraform.tfstate")):
-            init_plugins(command[0], project_path, backend_config, backend_config_files, init_reconfigure, provider_upgrade, plugin_paths)
+            init_plugins(command[0], project_path, backend_config, backend_config_files, init_reconfigure, provider_upgrade, plugin_paths, workspace)

    workspace_ctx = get_workspace_context(command[0], project_path)
    if workspace_ctx["current"] != workspace:
--- a/plugins/modules/cloud/scaleway/scaleway_compute_private_network.py
+++ b/plugins/modules/cloud/scaleway/scaleway_compute_private_network.py
@@ -92,7 +92,7 @@ EXAMPLES = '''
 RETURN = '''
 scaleway_compute_private_network:
    description: Information on the VPC.
-    returned: success when C(state=present)
+    returned: success when I(state=present)
    type: dict
    sample:
        {
--- a/plugins/modules/cloud/scaleway/scaleway_database_backup.py
+++ b/plugins/modules/cloud/scaleway/scaleway_database_backup.py
@@ -19,7 +19,7 @@ short_description: Scaleway database backups management module
 version_added: 1.2.0
 author: Guillaume Rodriguez (@guillaume_ro_fr)
 description:
-    - This module manages database backups on Scaleway account U(https://developer.scaleway.com).
+    - "This module manages database backups on Scaleway account U(https://developer.scaleway.com)."
 extends_documentation_fragment:
    - community.general.scaleway
 options:
@@ -58,7 +58,7 @@ options:
    description:
        - Name used to identify the database backup.
        - Required for C(present) state.
-        - Ignored when C(state=absent), C(state=exported) or C(state=restored).
+        - Ignored when I(state=absent), I(state=exported) or I(state=restored).
    type: str
    required: false

@@ -66,7 +66,7 @@ options:
    description:
        - Name used to identify the database.
        - Required for C(present) and C(restored) states.
-        - Ignored when C(state=absent) or C(state=exported).
+        - Ignored when I(state=absent) or I(state=exported).
    type: str
    required: false

@@ -74,14 +74,14 @@ options:
    description:
        - UUID of the instance associated to the database backup.
        - Required for C(present) and C(restored) states.
-        - Ignored when C(state=absent) or C(state=exported).
+        - Ignored when I(state=absent) or I(state=exported).
    type: str
    required: false

  expires_at:
    description:
        - Expiration datetime of the database backup (ISO 8601 format).
-        - Ignored when C(state=absent), C(state=exported) or C(state=restored).
+        - Ignored when I(state=absent), I(state=exported) or I(state=restored).
    type: str
    required: false

@@ -139,7 +139,7 @@ EXAMPLES = '''
 RETURN = '''
 metadata:
    description: Backup metadata.
-    returned: when C(state=present), C(state=exported) or C(state=restored)
+    returned: when I(state=present), I(state=exported) or I(state=restored)
    type: dict
    sample: {
        "metadata": {
--- a/plugins/modules/cloud/scaleway/scaleway_image_info.py
+++ b/plugins/modules/cloud/scaleway/scaleway_image_info.py
@@ -24,7 +24,7 @@ options:
  region:
    type: str
    description:
-      - Scaleway compute zone
+      - Scaleway compute zone.
    required: true
    choices:
      - ams1
--- a/plugins/modules/cloud/scaleway/scaleway_ip.py
+++ b/plugins/modules/cloud/scaleway/scaleway_ip.py
@@ -88,8 +88,8 @@ EXAMPLES = '''

 RETURN = '''
 data:
-    description: This is only present when C(state=present)
-    returned: when C(state=present)
+    description: This is only present when I(state=present).
+    returned: when I(state=present)
    type: dict
    sample: {
      "ips": [
--- a/plugins/modules/cloud/scaleway/scaleway_lb.py
+++ b/plugins/modules/cloud/scaleway/scaleway_lb.py
@@ -29,19 +29,19 @@ options:
  name:
    type: str
    description:
-      - Name of the load-balancer
+      - Name of the load-balancer.
    required: true

  description:
    type: str
    description:
-      - Description of the load-balancer
+      - Description of the load-balancer.
    required: true

  organization_id:
    type: str
    description:
-      - Organization identifier
+      - Organization identifier.
    required: true

  state:
@@ -56,7 +56,7 @@ options:
  region:
    type: str
    description:
-    - Scaleway zone
+    - Scaleway zone.
    required: true
    choices:
      - nl-ams
@@ -68,7 +68,7 @@ options:
    elements: str
    default: []
    description:
-    - List of tags to apply to the load-balancer
+    - List of tags to apply to the load-balancer.

  wait:
    description:
@@ -79,14 +79,14 @@ options:
  wait_timeout:
    type: int
    description:
-    - Time to wait for the load-balancer to reach the expected state
+    - Time to wait for the load-balancer to reach the expected state.
    required: false
    default: 300

  wait_sleep_time:
    type: int
    description:
-    - Time to wait before every attempt to check the state of the load-balancer
+    - Time to wait before every attempt to check the state of the load-balancer.
    required: false
    default: 3
 '''
--- a/plugins/modules/cloud/scaleway/scaleway_organization_info.py
+++ b/plugins/modules/cloud/scaleway/scaleway_organization_info.py
@@ -20,7 +20,7 @@ author:
 options:
  api_url:
    description:
-      - Scaleway API URL
+      - Scaleway API URL.
    default: 'https://account.scaleway.com'
    aliases: ['base_url']
 extends_documentation_fragment:
@@ -40,7 +40,7 @@ EXAMPLES = r'''
 RETURN = r'''
 ---
 scaleway_organization_info:
-  description: Response from Scaleway API
+  description: Response from Scaleway API.
  returned: success
  type: complex
  sample:
--- a/plugins/modules/cloud/scaleway/scaleway_private_network.py
+++ b/plugins/modules/cloud/scaleway/scaleway_private_network.py
@@ -18,8 +18,7 @@ short_description: Scaleway private network management
 version_added: 4.5.0
 author: Pascal MANGIN (@pastral)
 description:
-    - This module manages private network on Scaleway account
-      (U(https://developer.scaleway.com)).
+    - "This module manages private network on Scaleway account (U(https://developer.scaleway.com))."
 extends_documentation_fragment:
 - community.general.scaleway

@@ -88,7 +87,7 @@ EXAMPLES = '''
 RETURN = '''
 scaleway_private_network:
    description: Information on the VPC.
-    returned: success when C(state=present)
+    returned: success when I(state=present)
    type: dict
    sample:
        {
--- a/plugins/modules/cloud/scaleway/scaleway_security_group.py
+++ b/plugins/modules/cloud/scaleway/scaleway_security_group.py
@@ -18,8 +18,7 @@ module: scaleway_security_group
 short_description: Scaleway Security Group management module
 author: Antoine Barbare (@abarbare)
 description:
-    - This module manages Security Group on Scaleway account
-      U(https://developer.scaleway.com).
+    - "This module manages Security Group on Scaleway account U(https://developer.scaleway.com)."
 extends_documentation_fragment:
 - community.general.scaleway

@@ -105,8 +104,8 @@ EXAMPLES = '''

 RETURN = '''
 data:
-    description: This is only present when C(state=present)
-    returned: when C(state=present)
+    description: This is only present when I(state=present).
+    returned: when I(state=present)
    type: dict
    sample: {
        "scaleway_security_group": {
--- a/plugins/modules/cloud/scaleway/scaleway_security_group_rule.py
+++ b/plugins/modules/cloud/scaleway/scaleway_security_group_rule.py
@@ -18,8 +18,7 @@ module: scaleway_security_group_rule
 short_description: Scaleway Security Group Rule management module
 author: Antoine Barbare (@abarbare)
 description:
-  - This module manages Security Group Rule on Scaleway account
-    U(https://developer.scaleway.com)
+  - "This module manages Security Group Rule on Scaleway account U(https://developer.scaleway.com)."
 extends_documentation_fragment:
  - community.general.scaleway
 requirements:
@@ -53,7 +52,7 @@ options:
  protocol:
    type: str
    description:
-      - Network protocol to use
+      - Network protocol to use.
    choices:
      - TCP
      - UDP
@@ -62,20 +61,20 @@ options:

  port:
    description:
-      - Port related to the rule, null value for all the ports
+      - Port related to the rule, null value for all the ports.
    required: true
    type: int

  ip_range:
    type: str
    description:
-      - IPV4 CIDR notation to apply to the rule
+      - IPV4 CIDR notation to apply to the rule.
    default: 0.0.0.0/0

  direction:
    type: str
    description:
-      - Rule direction
+      - Rule direction.
    choices:
      - inbound
      - outbound
@@ -84,7 +83,7 @@ options:
  action:
    type: str
    description:
-      - Rule action
+      - Rule action.
    choices:
      - accept
      - drop
@@ -93,7 +92,7 @@ options:
  security_group:
    type: str
    description:
-      - Security Group unique identifier
+      - Security Group unique identifier.
    required: true
 '''

@@ -113,8 +112,8 @@ EXAMPLES = '''

 RETURN = '''
 data:
-    description: This is only present when C(state=present)
-    returned: when C(state=present)
+    description: This is only present when I(state=present).
+    returned: when I(state=present)
    type: dict
    sample: {
        "scaleway_security_group_rule": {
--- a/plugins/modules/cloud/scaleway/scaleway_sshkey.py
+++ b/plugins/modules/cloud/scaleway/scaleway_sshkey.py
@@ -19,8 +19,7 @@ module: scaleway_sshkey
 short_description: Scaleway SSH keys management module
 author: Remy Leone (@remyleone)
 description:
-    - This module manages SSH keys on Scaleway account
-      U(https://developer.scaleway.com)
+    - "This module manages SSH keys on Scaleway account U(https://developer.scaleway.com)."
 extends_documentation_fragment:
 - community.general.scaleway

@@ -42,7 +41,7 @@ options:
  api_url:
    type: str
    description:
-      - Scaleway API URL
+      - Scaleway API URL.
    default: 'https://account.scaleway.com'
    aliases: ['base_url']
 '''
@@ -67,8 +66,8 @@ EXAMPLES = '''

 RETURN = '''
 data:
-    description: This is only present when C(state=present)
-    returned: when C(state=present)
+    description: This is only present when I(state=present).
+    returned: when I(state=present)
    type: dict
    sample: {
        "ssh_public_keys": [
--- a/plugins/modules/cloud/scaleway/scaleway_user_data.py
+++ b/plugins/modules/cloud/scaleway/scaleway_user_data.py
@@ -19,8 +19,8 @@ module: scaleway_user_data
 short_description: Scaleway user_data management module
 author: Remy Leone (@remyleone)
 description:
-    - "This module manages user_data on compute instances on Scaleway."
-    - "It can be used to configure cloud-init for instance"
+    - This module manages user_data on compute instances on Scaleway.
+    - It can be used to configure cloud-init for instance.
 extends_documentation_fragment:
 - community.general.scaleway

@@ -30,20 +30,20 @@ options:
  server_id:
    type: str
    description:
-    - Scaleway Compute instance ID of the server
+    - Scaleway Compute instance ID of the server.
    required: true

  user_data:
    type: dict
    description:
    - User defined data. Typically used with C(cloud-init).
-    - Pass your cloud-init script here as a string
+    - Pass your C(cloud-init) script here as a string.
    required: false

  region:
    type: str
    description:
-    - Scaleway compute zone
+    - Scaleway compute zone.
    required: true
    choices:
      - ams1
--- a/plugins/modules/cloud/scaleway/scaleway_volume.py
+++ b/plugins/modules/cloud/scaleway/scaleway_volume.py
@@ -18,8 +18,7 @@ module: scaleway_volume
 short_description: Scaleway volumes management module
 author: Henryk Konsek (@hekonsek)
 description:
-    - This module manages volumes on Scaleway account
-      U(https://developer.scaleway.com)
+    - "This module manages volumes on Scaleway account U(https://developer.scaleway.com)."
 extends_documentation_fragment:
 - community.general.scaleway

@@ -28,7 +27,7 @@ options:
  state:
    type: str
    description:
-     - Indicate desired state of the volume.
+      - Indicate desired state of the volume.
    default: present
    choices:
      - present
@@ -36,7 +35,7 @@ options:
  region:
    type: str
    description:
-     - Scaleway region to use (for example par1).
+      - Scaleway region to use (for example par1).
    required: true
    choices:
      - ams1
@@ -50,25 +49,25 @@ options:
  name:
    type: str
    description:
-     - Name used to identify the volume.
+      - Name used to identify the volume.
    required: true
  project:
    type: str
    description:
-     - Scaleway project ID to which volume belongs.
+      - Scaleway project ID to which volume belongs.
    version_added: 4.3.0
  organization:
    type: str
    description:
-     - ScaleWay organization ID to which volume belongs.
+      - ScaleWay organization ID to which volume belongs.
  size:
    type: int
    description:
-     - Size of the volume in bytes.
+      - Size of the volume in bytes.
  volume_type:
    type: str
    description:
-     - Type of the volume (for example 'l_ssd').
+      - Type of the volume (for example 'l_ssd').
 '''

 EXAMPLES = '''
@@ -91,8 +90,8 @@ EXAMPLES = '''

 RETURN = '''
 data:
-    description: This is only present when C(state=present)
-    returned: when C(state=present)
+    description: This is only present when I(state=present).
+    returned: when I(state=present)
    type: dict
    sample: {
      "volume": {
@@ -100,9 +99,9 @@ data:
        "id": "c675f420-cfeb-48ff-ba2a-9d2a4dbe3fcd",
        "name": "volume-0-3",
        "project": "000a115d-2852-4b0a-9ce8-47f1134ba95a",
-         "server": null,
-         "size": 10000000000,
-         "volume_type": "l_ssd"
+        "server": null,
+        "size": 10000000000,
+        "volume_type": "l_ssd"
  }
 }
 '''
--- a/plugins/modules/clustering/consul/consul.py
+++ b/plugins/modules/clustering/consul/consul.py
@@ -23,7 +23,7 @@ description:
   by Consul from the Service name and id respectively by appending 'service:'
   Node level checks require a I(check_name) and optionally a I(check_id)."
 - Currently, there is no complete way to retrieve the script, interval or ttl
-   metadata for a registered check. Without this metadata it is  not possible to
+   metadata for a registered check. Without this metadata it is not possible to
   tell if the data supplied with ansible represents a change to a check. As a
   result this does not attempt to determine changes and will always report a
   changed occurred. An API method is planned to supply this metadata so at that
@@ -37,7 +37,7 @@ options:
    state:
        type: str
        description:
-          - register or deregister the consul service, defaults to present
+          - Register or deregister the consul service, defaults to present.
        default: present
        choices: ['present', 'absent']
    service_name:
@@ -45,30 +45,30 @@ options:
        description:
          - Unique name for the service on a node, must be unique per node,
            required if registering a service. May be omitted if registering
-            a node level check
+            a node level check.
    service_id:
        type: str
        description:
-          - the ID for the service, must be unique per node. If I(state=absent),
+          - The ID for the service, must be unique per node. If I(state=absent),
            defaults to the service name if supplied.
    host:
        type: str
        description:
-          - host of the consul agent defaults to localhost
+          - Host of the consul agent defaults to localhost.
        default: localhost
    port:
        type: int
        description:
-          - the port on which the consul agent is running
+          - The port on which the consul agent is running.
        default: 8500
    scheme:
        type: str
        description:
-          - the protocol scheme on which the consul agent is running
+          - The protocol scheme on which the consul agent is running.
        default: http
    validate_certs:
        description:
-          - whether to verify the TLS certificate of the consul agent
+          - Whether to verify the TLS certificate of the consul agent.
        type: bool
        default: true
    notes:
@@ -78,12 +78,12 @@ options:
    service_port:
        type: int
        description:
-          - the port on which the service is listening. Can optionally be supplied for
-            registration of a service, i.e. if I(service_name) or I(service_id) is set
+          - The port on which the service is listening. Can optionally be supplied for
+            registration of a service, i.e. if I(service_name) or I(service_id) is set.
    service_address:
        type: str
        description:
-          - the address to advertise that the service will be listening on.
+          - The address to advertise that the service will be listening on.
            This value will be passed as the I(address) parameter to Consul's
            C(/v1/agent/service/register) API method, so refer to the Consul API
            documentation for further details.
@@ -91,63 +91,64 @@ options:
        type: list
        elements: str
        description:
-          - tags that will be attached to the service registration.
+          - Tags that will be attached to the service registration.
    script:
        type: str
        description:
-          - the script/command that will be run periodically to check the health
-            of the service. Scripts require I(interval) and vice versa.
+          - The script/command that will be run periodically to check the health of the service.
+          - Requires I(interval) to be provided.
    interval:
        type: str
        description:
-          - the interval at which the service check will be run. This is a number
-            with a s or m suffix to signify the units of seconds or minutes e.g
-            C(15s) or C(1m). If no suffix is supplied, m will be used by default e.g.
-            C(1) will be C(1m). Required if the I(script) parameter is specified.
+          - The interval at which the service check will be run.
+            This is a number with a C(s) or C(m) suffix to signify the units of seconds or minutes e.g C(15s) or C(1m).
+            If no suffix is supplied C(s) will be used by default, e.g. C(10) will be C(10s).
+          - Required if one of the parameters I(script), I(http), or I(tcp) is specified.
    check_id:
        type: str
        description:
-          - an ID for the service check. If I(state=absent), defaults to
+          - An ID for the service check. If I(state=absent), defaults to
            I(check_name). Ignored if part of a service definition.
    check_name:
        type: str
        description:
-          - a name for the service check. Required if standalone, ignored if
+          - Name for the service check. Required if standalone, ignored if
            part of service definition.
    ttl:
        type: str
        description:
-          - checks can be registered with a ttl instead of a I(script) and I(interval)
+          - Checks can be registered with a ttl instead of a I(script) and I(interval)
            this means that the service will check in with the agent before the
            ttl expires. If it doesn't the check will be considered failed.
            Required if registering a check and the script an interval are missing
-            Similar to the interval this is a number with a s or m suffix to
-            signify the units of seconds or minutes e.g C(15s) or C(1m). If no suffix
-            is supplied, C(m) will be used by default e.g. C(1) will be C(1m)
+            Similar to the interval this is a number with a C(s) or C(m) suffix to
+            signify the units of seconds or minutes e.g C(15s) or C(1m).
+            If no suffix is supplied C(s) will be used by default, e.g. C(10) will be C(10s).
    tcp:
        type: str
        description:
          - Checks can be registered with a TCP port. This means that consul
            will check if the connection attempt to that port is successful (that is, the port is currently accepting connections).
            The format is C(host:port), for example C(localhost:80).
-            I(interval) must also be provided with this option.
+          - Requires I(interval) to be provided.
        version_added: '1.3.0'
    http:
        type: str
        description:
-          - checks can be registered with an HTTP endpoint. This means that consul
+          - Checks can be registered with an HTTP endpoint. This means that consul
            will check that the http endpoint returns a successful HTTP status.
-            I(interval) must also be provided with this option.
+          - Requires I(interval) to be provided.
    timeout:
        type: str
        description:
          - A custom HTTP check timeout. The consul default is 10 seconds.
            Similar to the interval this is a number with a C(s) or C(m) suffix to
            signify the units of seconds or minutes, e.g. C(15s) or C(1m).
+            If no suffix is supplied C(s) will be used by default, e.g. C(10) will be C(10s).
    token:
        type: str
        description:
-          - the token key identifying an ACL rule set. May be required to register services.
+          - The token key identifying an ACL rule set. May be required to register services.
 '''

 EXAMPLES = '''
--- a/plugins/modules/files/xml.py
+++ b/plugins/modules/files/xml.py
@@ -266,7 +266,7 @@ EXAMPLES = r'''
  community.general.xml:
    path: /foo/bar.xml
    xpath: /business/website
-    children: []
+    set_children: []

 # In case of namespaces, like in below XML, they have to be explicitly stated.
 #
@@ -961,7 +961,7 @@ def main():
    # add_children && set_children both set?: should have already aborted by now

    # set_children set?
-    if set_children:
+    if set_children is not None:
        set_target_children(module, doc, xpath, namespaces, set_children, input_type)

    # add_children set?
--- a/plugins/modules/identity/keycloak/keycloak_user_federation.py
+++ b/plugins/modules/identity/keycloak/keycloak_user_federation.py
@@ -24,7 +24,7 @@ description:
      to your needs and a user having the expected roles.

    - The names of module options are snake_cased versions of the camelCase ones found in the
-      Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/15.0/rest-api/index.html).
+      Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/20.0.2/rest-api/index.html).


 options:
@@ -835,7 +835,7 @@ def main():

    # See if it already exists in Keycloak
    if cid is None:
-        found = kc.get_components(urlencode(dict(type='org.keycloak.storage.UserStorageProvider', parent=realm, name=name)), realm)
+        found = kc.get_components(urlencode(dict(type='org.keycloak.storage.UserStorageProvider', name=name)), realm)
        if len(found) > 1:
            module.fail_json(msg='No ID given and found multiple user federations with name `{name}`. Cannot continue.'.format(name=name))
        before_comp = next(iter(found), None)
@@ -923,6 +923,8 @@ def main():
        updated_mappers = desired_comp.pop('mappers', [])
        after_comp = kc.create_component(desired_comp, realm)

+        cid = after_comp['id']
+
        for mapper in updated_mappers:
            found = kc.get_components(urlencode(dict(parent=cid, name=mapper['name'])), realm)
            if len(found) > 1:
--- a/plugins/modules/net_tools/nsupdate.py
+++ b/plugins/modules/net_tools/nsupdate.py
@@ -269,12 +269,16 @@ class RecordManager(object):
            if lookup.rcode() in [dns.rcode.SERVFAIL, dns.rcode.REFUSED]:
                self.module.fail_json(msg='Zone lookup failure: \'%s\' will not respond to queries regarding \'%s\'.' % (
                    self.module.params['server'], self.module.params['record']))
-            try:
-                zone = lookup.authority[0].name
-                if zone == name:
-                    return zone.to_text()
-            except IndexError:
-                pass
+            # If the response contains an Answer SOA RR whose name matches the queried name,
+            # this is the name of the zone in which the record needs to be inserted.
+            for rr in lookup.answer:
+                if rr.rdtype == dns.rdatatype.SOA and rr.name == name:
+                    return rr.name.to_text()
+            # If the response contains an Authority SOA RR whose name is a subdomain of the queried name,
+            # this SOA name is the zone in which the record needs to be inserted.
+            for rr in lookup.authority:
+                if rr.rdtype == dns.rdatatype.SOA and name.fullcompare(rr.name)[0] == dns.name.NAMERELN_SUBDOMAIN:
+                    return rr.name.to_text()
            try:
                name = name.parent()
            except dns.name.NoParent:
--- a/plugins/modules/packaging/language/gem.py
+++ b/plugins/modules/packaging/language/gem.py
@@ -235,7 +235,7 @@ def uninstall(module):
        cmd.extend(['--version', module.params['version']])
    else:
        cmd.append('--all')
-        cmd.append('--executable')
+    cmd.append('--executable')
    cmd.append(module.params['name'])
    module.run_command(cmd, environ_update=environ, check_rc=True)

--- a/plugins/modules/packaging/language/pipx.py
+++ b/plugins/modules/packaging/language/pipx.py
@@ -95,6 +95,9 @@ options:
 notes:
    - This module does not install the C(pipx) python package, however that can be easily done with the module M(ansible.builtin.pip).
    - This module does not require C(pipx) to be in the shell C(PATH), but it must be loadable by Python as a module.
+    - >
+      This module will honor C(pipx) environment variables such as but not limited to C(PIPX_HOME) and C(PIPX_BIN_DIR)
+      passed using the R(environment Ansible keyword, playbooks_environment).
    - Please note that C(pipx) requires Python 3.6 or above.
    - >
      This first implementation does not verify whether a specified version constraint has been installed or not.
--- a/plugins/modules/packaging/language/pipx_info.py
+++ b/plugins/modules/packaging/language/pipx_info.py
@@ -47,6 +47,9 @@ options:
 notes:
    - This module does not install the C(pipx) python package, however that can be easily done with the module M(ansible.builtin.pip).
    - This module does not require C(pipx) to be in the shell C(PATH), but it must be loadable by Python as a module.
+    - >
+      This module will honor C(pipx) environment variables such as but not limited to C(PIPX_HOME) and C(PIPX_BIN_DIR)
+      passed using the R(environment Ansible keyword, playbooks_environment).
    - Please note that C(pipx) requires Python 3.6 or above.
    - See also the C(pipx) documentation at U(https://pypa.github.io/pipx/).
 author:
--- a/plugins/modules/packaging/os/opkg.py
+++ b/plugins/modules/packaging/os/opkg.py
@@ -154,7 +154,7 @@ def install_packages(module, opkg_path, packages):
    install_c = 0

    for package in packages:
-        if query_package(module, opkg_path, package):
+        if query_package(module, opkg_path, package) and (force != '--force-reinstall'):
            continue

        rc, out, err = module.run_command("%s install %s %s" % (opkg_path, force, package))
--- a/plugins/modules/source_control/github/github_release.py
+++ b/plugins/modules/source_control/github/github_release.py
@@ -108,17 +108,8 @@ EXAMPLES = '''
 '''

 RETURN = '''
-create_release:
-    description:
-    - Version of the created release
-    - "For Ansible version 2.5 and later, if specified release version already exists, then State is unchanged"
-    - "For Ansible versions prior to 2.5, if specified release version already exists, then State is skipped"
-    type: str
-    returned: success
-    sample: 1.1.0
-
-latest_release:
-    description: Version of the latest release
+tag:
+    description: Version of the created/latest release.
    type: str
    returned: success
    sample: 1.1.0
--- a/plugins/modules/source_control/gitlab/gitlab_deploy_key.py
+++ b/plugins/modules/source_control/gitlab/gitlab_deploy_key.py
@@ -151,6 +151,7 @@ class GitLabDeployKey(object):
            changed = True
        else:
            changed, deploy_key = self.update_deploy_key(self.deploy_key_object, {
+                'title': key_title,
                'can_push': options['can_push']})

        self.deploy_key_object = deploy_key
--- a/plugins/modules/source_control/gitlab/gitlab_group_variable.py
+++ b/plugins/modules/source_control/gitlab/gitlab_group_variable.py
@@ -165,7 +165,7 @@ from ansible.module_utils.six import string_types
 from ansible.module_utils.six import integer_types

 from ansible_collections.community.general.plugins.module_utils.gitlab import (
-    auth_argument_spec, gitlab_authentication, ensure_gitlab_package
+    auth_argument_spec, gitlab_authentication, ensure_gitlab_package, filter_returned_variables
 )


@@ -296,11 +296,7 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
    before = [x.attributes for x in gitlab_keys]

    gitlab_keys = this_gitlab.list_all_group_variables()
-    existing_variables = [x.attributes for x in gitlab_keys]
-
-    # preprocessing:filter out and enrich before compare
-    for item in existing_variables:
-        item.pop('group_id')
+    existing_variables = filter_returned_variables(gitlab_keys)

    for item in requested_variables:
        item['key'] = item.pop('name')
@@ -331,9 +327,7 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
        if purge:
            # refetch and filter
            gitlab_keys = this_gitlab.list_all_group_variables()
-            existing_variables = [x.attributes for x in gitlab_keys]
-            for item in existing_variables:
-                item.pop('group_id')
+            existing_variables = filter_returned_variables(gitlab_keys)

            remove = [x for x in existing_variables if x not in requested_variables]
            for item in remove:
--- a/plugins/modules/source_control/gitlab/gitlab_project_variable.py
+++ b/plugins/modules/source_control/gitlab/gitlab_project_variable.py
@@ -189,7 +189,7 @@ except Exception:
    HAS_GITLAB_PACKAGE = False

 from ansible_collections.community.general.plugins.module_utils.gitlab import (
-    auth_argument_spec, gitlab_authentication, ensure_gitlab_package
+    auth_argument_spec, gitlab_authentication, ensure_gitlab_package, filter_returned_variables
 )


@@ -255,9 +255,11 @@ class GitlabProjectVariables(object):
            return True

        var = {
-            "key": var_obj.get('key'), "value": var_obj.get('value'),
-            "masked": var_obj.get('masked'), "protected": var_obj.get('protected'),
-            "variable_type": var_obj.get('variable_type')
+            "key": var_obj.get('key'),
+            "value": var_obj.get('value'),
+            "masked": var_obj.get('masked'),
+            "protected": var_obj.get('protected'),
+            "variable_type": var_obj.get('variable_type'),
        }

        if var_obj.get('environment_scope') is not None:
@@ -319,12 +321,9 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
    before = [x.attributes for x in gitlab_keys]

    gitlab_keys = this_gitlab.list_all_project_variables()
-    existing_variables = [x.attributes for x in gitlab_keys]
-
-    # preprocessing:filter out and enrich before compare
-    for item in existing_variables:
-        item.pop('project_id')
+    existing_variables = filter_returned_variables(gitlab_keys)

+    # filter out and enrich before compare
    for item in requested_variables:
        item['key'] = item.pop('name')
        item['value'] = str(item.get('value'))
@@ -354,9 +353,7 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
        if purge:
            # refetch and filter
            gitlab_keys = this_gitlab.list_all_project_variables()
-            existing_variables = [x.attributes for x in gitlab_keys]
-            for item in existing_variables:
-                item.pop('project_id')
+            existing_variables = filter_returned_variables(gitlab_keys)

            remove = [x for x in existing_variables if x not in requested_variables]
            for item in remove:
@@ -409,7 +406,7 @@ def main():
            masked=dict(type='bool', default=False),
            protected=dict(type='bool', default=False),
            environment_scope=dict(type='str', default='*'),
-            variable_type=dict(type='str', default='env_var', choices=["env_var", "file"])
+            variable_type=dict(type='str', default='env_var', choices=["env_var", "file"]),
        )),
        state=dict(type='str', default="present", choices=["absent", "present"]),
    )
--- a/plugins/modules/system/alternatives.py
+++ b/plugins/modules/system/alternatives.py
@@ -60,6 +60,8 @@ options:
    description:
      - A list of subcommands.
      - Each subcommand needs a name, a link and a path parameter.
+      - Subcommands are also named 'slaves' or 'followers', depending on the version
+        of alternatives.
    type: list
    elements: dict
    aliases: ['slaves']
@@ -310,10 +312,10 @@ class AlternativesModule(object):
        current_mode_regex = re.compile(r'\s-\s(?:status\sis\s)?(\w*)(?:\smode|.)$', re.MULTILINE)
        current_path_regex = re.compile(r'^\s*link currently points to (.*)$', re.MULTILINE)
        current_link_regex = re.compile(r'^\s*link \w+ is (.*)$', re.MULTILINE)
-        subcmd_path_link_regex = re.compile(r'^\s*slave (\S+) is (.*)$', re.MULTILINE)
+        subcmd_path_link_regex = re.compile(r'^\s*(?:slave|follower) (\S+) is (.*)$', re.MULTILINE)

-        alternative_regex = re.compile(r'^(\/.*)\s-\s(?:family\s\S+\s)?priority\s(\d+)((?:\s+slave.*)*)', re.MULTILINE)
-        subcmd_regex = re.compile(r'^\s+slave (.*): (.*)$', re.MULTILINE)
+        alternative_regex = re.compile(r'^(\/.*)\s-\s(?:family\s\S+\s)?priority\s(\d+)((?:\s+(?:slave|follower).*)*)', re.MULTILINE)
+        subcmd_regex = re.compile(r'^\s+(?:slave|follower) (.*): (.*)$', re.MULTILINE)

        match = current_mode_regex.search(display_output)
        if not match:
--- a/plugins/modules/system/gconftool2.py
+++ b/plugins/modules/system/gconftool2.py
@@ -125,7 +125,7 @@ class GConf2Preference(object):
            elif call_type == 'set':
                cmd.extend(direct)
                cmd.extend(config_source)
-                cmd.extend(["--type", self.value_type, "--{3}".format(call_type), self.key, self.value])
+                cmd.extend(["--type", self.value_type, "--{0}".format(call_type), self.key, self.value])
            elif call_type == 'unset':
                cmd.extend(["--unset", self.key])

--- a/plugins/modules/web_infrastructure/htpasswd.py
+++ b/plugins/modules/web_infrastructure/htpasswd.py
@@ -41,9 +41,12 @@ options:
    description:
      - Encryption scheme to be used.  As well as the four choices listed
        here, you can also use any other hash supported by passlib, such as
-        md5_crypt and sha256_crypt, which are linux passwd hashes.  If you
-        do so the password file will not be compatible with Apache or Nginx
-      - 'Some of the available choices might be: C(apr_md5_crypt), C(des_crypt), C(ldap_sha1), C(plaintext)'
+        C(portable_apache22) and C(host_apache24); or C(md5_crypt) and C(sha256_crypt),
+        which are Linux passwd hashes.  Only some schemes in addition to
+        the four choices below will be compatible with Apache or Nginx, and
+        supported schemes depend on passlib version and its dependencies.
+      - See U(https://passlib.readthedocs.io/en/stable/lib/passlib.apache.html#passlib.apache.HtpasswdFile) parameter C(default_scheme).
+      - 'Some of the available choices might be: C(apr_md5_crypt), C(des_crypt), C(ldap_sha1), C(plaintext).'
  state:
    type: str
    required: false
--- a/tests/integration/targets/cloud_init_data_facts/tasks/main.yml
+++ b/tests/integration/targets/cloud_init_data_facts/tasks/main.yml
@@ -29,6 +29,12 @@
      - cloud-init
      - udev

+  - name: Ensure systemd-network user exists
+    user:
+      name: systemd-network
+      state: present
+    when: ansible_distribution == 'Fedora' and ansible_distribution_major_version|int >= 37
+
  - name: setup run cloud-init
    service:
      name: cloud-init-local
--- a/tests/integration/targets/django_manage/aliases
+++ b/tests/integration/targets/django_manage/aliases
@@ -12,3 +12,4 @@ skip/rhel8.3
 skip/rhel8.4
 skip/rhel8.5
 skip/rhel9.0
+skip/rhel9.1
--- a/tests/integration/targets/homectl/aliases
+++ b/tests/integration/targets/homectl/aliases
@@ -8,3 +8,4 @@ skip/freebsd
 skip/osx
 skip/macos
 skip/rhel9.0  # See https://www.reddit.com/r/Fedora/comments/si7nzk/homectl/
+skip/rhel9.1  # See https://www.reddit.com/r/Fedora/comments/si7nzk/homectl/
--- a/tests/integration/targets/iso_extract/aliases
+++ b/tests/integration/targets/iso_extract/aliases
@@ -8,3 +8,5 @@ destructive
 skip/aix
 skip/osx  # FIXME
 skip/rhel9.0  # FIXME
+skip/rhel9.1  # FIXME
+skip/freebsd12.4  # FIXME
--- a/tests/integration/targets/keycloak_user_federation/tasks/main.yml
+++ b/tests/integration/targets/keycloak_user_federation/tasks/main.yml
@@ -66,6 +66,59 @@
      - result.existing == {}
      - result.end_state.name == "{{ federation }}"

+- name: Create new user federation in admin realm
+  community.general.keycloak_user_federation:
+    auth_keycloak_url: "{{ url }}"
+    auth_realm: "{{ admin_realm }}"
+    auth_username: "{{ admin_user }}"
+    auth_password: "{{ admin_password }}"
+    realm: "{{ admin_realm }}"
+    name: "{{ federation }}"
+    state: present
+    provider_id: ldap
+    provider_type: org.keycloak.storage.UserStorageProvider
+    config:
+      enabled: true
+      priority: 0
+      fullSyncPeriod: -1
+      changedSyncPeriod: -1
+      cachePolicy: DEFAULT
+      batchSizeForSync: 1000
+      editMode: READ_ONLY
+      importEnabled: true
+      syncRegistrations: false
+      vendor: other
+      usernameLDAPAttribute: uid
+      rdnLDAPAttribute: uid
+      uuidLDAPAttribute: entryUUID
+      userObjectClasses: "inetOrgPerson, organizationalPerson"
+      connectionUrl: "ldaps://ldap.example.com:636"
+      usersDn: "ou=Users,dc=example,dc=com"
+      authType: simple
+      bindDn: cn=directory reader
+      bindCredential: secret
+      searchScope: 1
+      validatePasswordPolicy: false
+      trustEmail: false
+      useTruststoreSpi: "ldapsOnly"
+      connectionPooling: true
+      pagination: true
+      allowKerberosAuthentication: false
+      useKerberosForPasswordAuthentication: false
+      debug: false
+  register: result
+
+- name: Debug
+  debug:
+    var: result
+
+- name: Assert user federation created (admin realm)
+  assert:
+    that:
+      - result is changed
+      - result.existing == {}
+      - result.end_state.name == "{{ federation }}"
+
 - name: Update existing user federation (no change)
  community.general.keycloak_user_federation:
    auth_keycloak_url: "{{ url }}"
@@ -121,6 +174,61 @@
      - result.end_state != {}
      - result.end_state.name == "{{ federation }}"

+- name: Update existing user federation (no change, admin realm)
+  community.general.keycloak_user_federation:
+    auth_keycloak_url: "{{ url }}"
+    auth_realm: "{{ admin_realm }}"
+    auth_username: "{{ admin_user }}"
+    auth_password: "{{ admin_password }}"
+    realm: "{{ admin_realm }}"
+    name: "{{ federation }}"
+    state: present
+    provider_id: ldap
+    provider_type: org.keycloak.storage.UserStorageProvider
+    config:
+      enabled: true
+      priority: 0
+      fullSyncPeriod: -1
+      changedSyncPeriod: -1
+      cachePolicy: DEFAULT
+      batchSizeForSync: 1000
+      editMode: READ_ONLY
+      importEnabled: true
+      syncRegistrations: false
+      vendor: other
+      usernameLDAPAttribute: uid
+      rdnLDAPAttribute: uid
+      uuidLDAPAttribute: entryUUID
+      userObjectClasses: "inetOrgPerson, organizationalPerson"
+      connectionUrl: "ldaps://ldap.example.com:636"
+      usersDn: "ou=Users,dc=example,dc=com"
+      authType: simple
+      bindDn: cn=directory reader
+      bindCredential: "**********"
+      searchScope: 1
+      validatePasswordPolicy: false
+      trustEmail: false
+      useTruststoreSpi: "ldapsOnly"
+      connectionPooling: true
+      pagination: true
+      allowKerberosAuthentication: false
+      useKerberosForPasswordAuthentication: false
+      debug: false
+  register: result
+
+- name: Debug
+  debug:
+    var: result
+
+- name: Assert user federation unchanged (admin realm)
+  assert:
+    that:
+      - result is not changed
+      - result.existing != {}
+      - result.existing.name == "{{ federation }}"
+      - result.end_state != {}
+      - result.end_state.name == "{{ federation }}"
+
 - name: Update existing user federation (with change)
  community.general.keycloak_user_federation:
    auth_keycloak_url: "{{ url }}"
@@ -162,6 +270,14 @@
      useKerberosForPasswordAuthentication: false
      debug: false
    mappers:
+      # overwrite / update pre existing default mapper
+      - name: "username"
+        providerId: "user-attribute-ldap-mapper"
+        config:
+          ldap.attribute: ldap_user
+          user.model.attribute: usr
+          read.only: true
+      # create new mapper
      - name: "full name"
        providerId: "full-name-ldap-mapper"
        providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
@@ -227,3 +343,83 @@
      - result is not changed
      - result.existing == {}
      - result.end_state == {}
+
+- name: Create new user federation together with mappers
+  community.general.keycloak_user_federation:
+    auth_keycloak_url: "{{ url }}"
+    auth_realm: "{{ admin_realm }}"
+    auth_username: "{{ admin_user }}"
+    auth_password: "{{ admin_password }}"
+    realm: "{{ realm }}"
+    name: "{{ federation }}"
+    state: present
+    provider_id: ldap
+    provider_type: org.keycloak.storage.UserStorageProvider
+    config:
+      enabled: true
+      priority: 0
+      fullSyncPeriod: -1
+      changedSyncPeriod: -1
+      cachePolicy: DEFAULT
+      batchSizeForSync: 1000
+      editMode: READ_ONLY
+      importEnabled: true
+      syncRegistrations: false
+      vendor: other
+      usernameLDAPAttribute: uid
+      rdnLDAPAttribute: uid
+      uuidLDAPAttribute: entryUUID
+      userObjectClasses: "inetOrgPerson, organizationalPerson"
+      connectionUrl: "ldaps://ldap.example.com:636"
+      usersDn: "ou=Users,dc=example,dc=com"
+      authType: simple
+      bindDn: cn=directory reader
+      bindCredential: secret
+      searchScope: 1
+      validatePasswordPolicy: false
+      trustEmail: false
+      useTruststoreSpi: "ldapsOnly"
+      connectionPooling: true
+      pagination: true
+      allowKerberosAuthentication: false
+      useKerberosForPasswordAuthentication: false
+      debug: false
+    mappers:
+      # overwrite / update pre existing default mapper
+      - name: "username"
+        providerId: "user-attribute-ldap-mapper"
+        config:
+          ldap.attribute: ldap_user
+          user.model.attribute: usr
+          read.only: true
+      # create new mapper
+      - name: "full name"
+        providerId: "full-name-ldap-mapper"
+        providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
+        config:
+          ldap.full.name.attribute: cn
+          read.only: true
+          write.only: false
+  register: result
+
+- name: Debug
+  debug:
+    var: result
+
+- name: Assert user federation created
+  assert:
+    that:
+      - result is changed
+      - result.existing == {}
+      - result.end_state.name == "{{ federation }}"
+
+## no point in retesting this, just doing it to clean up introduced server changes
+- name: Delete absent user federation
+  community.general.keycloak_user_federation:
+    auth_keycloak_url: "{{ url }}"
+    auth_realm: "{{ admin_realm }}"
+    auth_username: "{{ admin_user }}"
+    auth_password: "{{ admin_password }}"
+    realm: "{{ realm }}"
+    name: "{{ federation }}"
+    state: absent
--- a/tests/integration/targets/module_helper/library/msimple.py
+++ b/tests/integration/targets/module_helper/library/msimple.py
@@ -35,12 +35,13 @@ from ansible_collections.community.general.plugins.module_utils.mh.deco import c


 class MSimple(ModuleHelper):
-    output_params = ('a', 'b', 'c')
+    output_params = ('a', 'b', 'c', 'm')
    module = dict(
        argument_spec=dict(
            a=dict(type='int', default=0),
            b=dict(type='str'),
            c=dict(type='str'),
+            m=dict(type='str'),
        ),
        supports_check_mode=True,
    )
@@ -65,6 +66,9 @@ class MSimple(ModuleHelper):
            self.vars['c'] = str(self.vars.c) * 2
        self.process_a3_bc()

+        if self.vars.m:
+            self.vars.msg = self.vars.m
+

 def main():
    msimple = MSimple()
--- a/tests/integration/targets/module_helper/tasks/main.yml
+++ b/tests/integration/targets/module_helper/tasks/main.yml
@@ -3,6 +3,7 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 - include_tasks: msimple.yml
+- include_tasks: msimple_output_conflict.yml
 - include_tasks: mdepfail.yml
 - include_tasks: mstate.yml
 - include_tasks: msimpleda.yml
--- a/tests/integration/targets/module_helper/tasks/msimple_output_conflict.yml
+++ b/tests/integration/targets/module_helper/tasks/msimple_output_conflict.yml
@@ -0,0 +1,31 @@
+# Copyright (c) 2023, Alexei Znamensky
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: test msimple (set a=80)
+  msimple:
+    a: 80
+  register: simple1
+
+- name: assert simple1
+  assert:
+    that:
+      - simple1.a == 80
+      - simple1.abc == "abc"
+      - simple1 is not changed
+      - simple1.value is none
+
+- name: test msimple 2
+  msimple:
+    a: 80
+    m: a message in a bottle
+  register: simple2
+
+- name: assert simple2
+  assert:
+    that:
+      - simple1.a == 80
+      - simple1.abc == "abc"
+      - simple1 is not changed
+      - simple1.value is none
+      - 'simple2._msg == "a message in a bottle"'
--- a/tests/integration/targets/odbc/aliases
+++ b/tests/integration/targets/odbc/aliases
@@ -8,4 +8,5 @@ skip/osx
 skip/macos
 skip/rhel8.0
 skip/rhel9.0
+skip/rhel9.1
 skip/freebsd
--- a/tests/integration/targets/one_host/aliases
+++ b/tests/integration/targets/one_host/aliases
@@ -4,4 +4,4 @@

 azp/generic/1
 cloud/opennebula
-disabled  # FIXME
+disabled  # FIXME  - when this is fixed, also re-enable the generic tests in CI!
--- a/tests/integration/targets/one_template/aliases
+++ b/tests/integration/targets/one_template/aliases
@@ -4,4 +4,4 @@

 azp/generic/1
 cloud/opennebula
-disabled  # FIXME
+disabled  # FIXME  - when this is fixed, also re-enable the generic tests in CI!
--- a/tests/integration/targets/pipx/tasks/main.yml
+++ b/tests/integration/targets/pipx/tasks/main.yml
@@ -230,3 +230,30 @@
        that:
          - install_jupyter is changed
          - '"ipython" in install_jupyter.stdout'
+
+##############################################################################
+- name: ensure /opt/pipx
+  ansible.builtin.file:
+    path: /opt/pipx
+    state: directory
+    mode: 0755
+
+- name: install tox site-wide
+  community.general.pipx:
+    name: tox
+    state: latest
+  register: install_tox_sitewide
+  environment:
+    PIPX_HOME: /opt/pipx
+    PIPX_BIN_DIR: /usr/local/bin
+
+- name: stat /usr/local/bin/tox
+  ansible.builtin.stat:
+    path: /usr/local/bin/tox
+  register: usrlocaltox
+
+- name: check assertions
+  ansible.builtin.assert:
+    that:
+      - install_tox_sitewide is changed
+      - usrlocaltox.stat.exists
--- a/tests/integration/targets/pipx_info/tasks/main.yml
+++ b/tests/integration/targets/pipx_info/tasks/main.yml
@@ -56,7 +56,8 @@
      - info_all_deps.application|length == 1
      - info_all_deps.application[0].name == "tox"
      - "'version' in info_all_deps.application[0]"
-      - info_all_deps.application[0].dependencies == ["virtualenv"]
+      - info_all_deps.application[0].dependencies == ["chardet", "virtualenv"]
+        or info_all_deps.application[0].dependencies == ["virtualenv"]
      - "'injected' not in info_all.application[0]"

      - info_tox.application == info_all_deps.application
--- a/tests/integration/targets/pkgng/tasks/freebsd.yml
+++ b/tests/integration/targets/pkgng/tasks/freebsd.yml
@@ -501,14 +501,19 @@
  # NOTE: FreeBSD 12.0 test runner receives a "connection reset by peer" after ~20% downloaded so we are
  #       only running this on 12.1 or higher
  #
+  # NOTE: FreeBSD 12.4 fails to update repositories because it cannot load certificates from /usr/share/keys/pkg/trusted
+  #       knowledge has to take a look)
+  #
  # NOTE: FreeBSD 13.0 fails to update the package catalogue for unknown reasons (someone with FreeBSD
  #       knowledge has to take a look)
  #
  # NOTE: FreeBSD 13.1 fails to update the package catalogue for unknown reasons (someone with FreeBSD
  #       knowledge has to take a look)
  #
+  # See also
+  # https://github.com/ansible-collections/community.general/issues/5795
  when: >-
-    (ansible_distribution_version is version('12.01', '>=') and ansible_distribution_version is version('13.0', '<'))
+    (ansible_distribution_version is version('12.01', '>=') and ansible_distribution_version is version('12.4', '<'))
    or ansible_distribution_version is version('13.2', '>=')
  block:
    - name: Setup testjail
--- a/tests/integration/targets/setup_snap/tasks/D-RedHat-9.1.yml
+++ b/tests/integration/targets/setup_snap/tasks/D-RedHat-9.1.yml
@@ -0,0 +1,6 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# Do nothing
--- a/tests/integration/targets/ssh_config/tasks/main.yml
+++ b/tests/integration/targets/ssh_config/tasks/main.yml
@@ -5,7 +5,9 @@

 - name: Install required libs
  pip:
-    name: stormssh
+    name:
+      - stormssh
+      - 'paramiko<3.0.0'
    state: present
    extra_args: "-c {{ remote_constraints }}"

--- a/tests/integration/targets/ufw/aliases
+++ b/tests/integration/targets/ufw/aliases
@@ -9,6 +9,7 @@ skip/macos
 skip/freebsd
 skip/rhel8.0  # FIXME
 skip/rhel9.0  # FIXME
+skip/rhel9.1  # FIXME
 skip/docker
 needs/root
 needs/target/setup_epel
--- a/tests/integration/targets/xml/results/test-set-children-elements-empty-list.xml
+++ b/tests/integration/targets/xml/results/test-set-children-elements-empty-list.xml
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<business type="bar">
+  <name>Tasty Beverage Co.</name>
+  <beers>
+    </beers>
+  <rating subjective="true">10</rating>
+  <website>
+    <mobilefriendly/>
+    <address>http://tastybeverageco.com</address>
+  </website>
+</business>
--- a/tests/integration/targets/xml/results/test-set-children-elements-empty-list.xml.license
+++ b/tests/integration/targets/xml/results/test-set-children-elements-empty-list.xml.license
@@ -0,0 +1,3 @@
+GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+SPDX-License-Identifier: GPL-3.0-or-later
+SPDX-FileCopyrightText: Ansible Project
--- a/tests/integration/targets/xml/tasks/test-set-children-elements.yml
+++ b/tests/integration/targets/xml/tasks/test-set-children-elements.yml
@@ -8,6 +8,32 @@
      src: fixtures/ansible-xml-beers.xml
      dest: /tmp/ansible-xml-beers.xml

+  - name: Set child elements - empty list
+    xml:
+      path: /tmp/ansible-xml-beers.xml
+      xpath: /business/beers
+      set_children: []
+    register: set_children_elements
+
+  - name: Compare to expected result
+    copy:
+      src: results/test-set-children-elements-empty-list.xml
+      dest: /tmp/ansible-xml-beers.xml
+    check_mode: yes
+    diff: yes
+    register: comparison
+
+  - name: Test expected result
+    assert:
+      that:
+      - set_children_elements is changed
+      - comparison is not changed  # identical
+    #command: diff -u {{ role_path }}/results/test-set-children-elements.xml /tmp/ansible-xml-beers.xml
+
+  - name: Setup test fixture
+    copy:
+      src: fixtures/ansible-xml-beers.xml
+      dest: /tmp/ansible-xml-beers.xml

  - name: Set child elements
    xml:
--- a/tests/unit/plugins/lookup/test_bitwarden.py
+++ b/tests/unit/plugins/lookup/test_bitwarden.py
@@ -111,7 +111,7 @@ MOCK_RECORDS = [

 class MockBitwarden(Bitwarden):

-    logged_in = True
+    unlocked = True

    def _get_matches(self, search_value, search_field="name"):
        return list(filter(lambda record: record[search_field] == search_value, MOCK_RECORDS))
@@ -119,7 +119,7 @@ class MockBitwarden(Bitwarden):

 class LoggedOutMockBitwarden(MockBitwarden):

-    logged_in = False
+    unlocked = False


 class TestLookupModule(unittest.TestCase):
@@ -155,7 +155,7 @@ class TestLookupModule(unittest.TestCase):
                         self.lookup.run(['a_test'])[0])

    @patch('ansible_collections.community.general.plugins.lookup.bitwarden._bitwarden', LoggedOutMockBitwarden())
-    def test_bitwarden_plugin_logged_out(self):
+    def test_bitwarden_plugin_unlocked(self):
        record = MOCK_RECORDS[0]
        record_name = record['name']
        with self.assertRaises(AnsibleError):
--- a/tests/utils/constraints.txt
+++ b/tests/utils/constraints.txt
@@ -7,7 +7,7 @@ coverage >= 4.2, < 5.0.0, != 4.3.2 ; python_version <= '3.7' # features in 4.2+
 coverage >= 4.5.4, < 5.0.0 ; python_version > '3.7' # coverage had a bug in < 4.5.4 that would cause unit tests to hang in Python 3.8, coverage 5.0+ incompatible
 cryptography < 2.2 ; python_version < '2.7' # cryptography 2.2 drops support for python 2.6
 cryptography >= 3.0, < 3.4 ; python_version < '3.6' and python_version >= '2.7' # cryptography 3.4 drops support for python 2.7
-cryptography >= 3.3, < 3.4 ; python_version >= '2.7' # FIXME: the upper limit is needed for RHEL8.2, CentOS 8, Ubuntu 18.04, and OpenSuSE 15
+cryptography >= 3.3, < 3.4 ; python_version >= '2.7' and python_version < '3.9' # FIXME: the upper limit is needed for RHEL8.2, CentOS 8, Ubuntu 18.04, and OpenSuSE 15
 deepdiff < 4.0.0 ; python_version < '3' # deepdiff 4.0.0 and later require python 3
 jinja2 < 2.11 ; python_version < '2.7' # jinja2 2.11 and later require python 2.7 or later
 urllib3 < 1.24 ; python_version < '2.7' # urllib3 1.24 and later require python 2.7 or later
@@ -56,12 +56,3 @@ redis ; python_version >= '3.6'
 pycdlib < 1.13.0 ; python_version < '3'  # 1.13.0 does not work with Python 2, while not declaring that
 python-daemon <= 2.3.0 ; python_version < '3'
 bcrypt < 4.0.0  # TEMP: restrict to < 4.0.0 since installing 4.0.0 fails on RHEL 8
-
-# freeze pylint and its requirements for consistent test results
-astroid == 2.2.5
-isort == 4.3.15
-lazy-object-proxy == 1.3.1
-mccabe == 0.6.1
-pylint == 2.3.1
-typed-ast == 1.4.0  # 1.4.0 is required to compile on Python 3.8
-wrapt == 1.11.1
Author	SHA1	Message	Date
Felix Fontein	7c76d92ed0	Release 5.8.5.	2023-01-31 07:15:46 +01:00
Felix Fontein	74c7cee446	Fix changelog fragment types. (cherry picked from commit `84dbb286eb`)	2023-01-31 07:15:24 +01:00
patchback[bot]	7b532be10d	[PR #5903/ea5cbe25 backport][stable-5] Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5923 ) Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5903) * Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection * Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `ea5cbe2553`) Co-authored-by: Mike Raineri <mraineri@gmail.com>	2023-01-30 21:17:01 +01:00
patchback[bot]	38616e43f9	[PR #5914/3da24d50 backport][stable-5] dig lookup: fix DNSKEY's algorithm handling (#5915 ) dig lookup: fix DNSKEY's algorithm handling (#5914) Fix DNSKEY's algorithm handling. (cherry picked from commit `3da24d50cd`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-29 18:37:21 +01:00
patchback[bot]	dfac632d25	[PR #5888/855cbd67 backport][stable-5] Update gitlab_deploy_key.py (#5895 ) Update gitlab_deploy_key.py (#5888) * Update gitlab_deploy_key.py Change key title on key update * Create 5888-update-key-title Add changelog fragment for key title change * Update changelogs/fragments/5888-update-key-title Co-authored-by: Felix Fontein <felix@fontein.de> * Rename 5888-update-key-title to 5888-update-key-title.yml Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `855cbd67ae`) Co-authored-by: lapete <github@lapete.de>	2023-01-26 06:23:48 +01:00
patchback[bot]	270754dc10	[PR #5868/098912c2 backport][stable-5] stormssh tests: do not install newer cryptography (#5871 ) stormssh tests: do not install newer cryptography (#5868) Do not install newer cryptography. ci_complete (cherry picked from commit `098912c229`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-22 18:16:50 +01:00
patchback[bot]	fef77b3c9c	[PR #5811/bf117c83 backport][stable-5] Clarify Error message when bitwarden vault not unlocked (#5877 ) Clarify Error message when bitwarden vault not unlocked (#5811) * Clarify Error message when vault not unlocked You can be logged into the Bitwarden-CLI, but it can still be locked. This took me several hours to debug, since every time I ran 'bw login' it told me, that I am already logged in. If you run 'bw unlock' without being logged in, you are prompted to log in. This clarifies the Error occurring and can drastically reduce debugging time, since you don't have to look into the source code to get an understanding of whats wrong. * RM: negation Nobody needs negation * Update function name * FIX: tests * ADD: changelog * Update changelogs/fragments/5811-clarify-bitwarden-error.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `bf117c839c`) Co-authored-by: Christoph <29735603+Chr1s70ph@users.noreply.github.com>	2023-01-22 17:46:41 +01:00
patchback[bot]	b022b87362	[PR #5750/6781dd19 backport][stable-5] bugfixing keycloak user federation failing when updating default mapper simultaneously (#5875 ) bugfixing keycloak user federation failing when updating default mapper simultaneously (#5750) * fix(modules/keycloak_user_federation): fixes ... ... user federation creation failing when also updating/changing default mappers at the same time * add changelog fragment for pr Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de> (cherry picked from commit `6781dd1918`) Co-authored-by: morco <thegreatwiper@web.de>	2023-01-22 17:44:49 +01:00
patchback[bot]	2c92db98d5	[PR #5732/0ca41ded backport][stable-5] Bugfix/keycloak userfed idempotency (#5873 ) Bugfix/keycloak userfed idempotency (#5732) * fix(modules/keycloak_user_federation): fixes ... ... federation read call not finding already existing federations properly because of bad parametrisation * fix(modules/keycloak_user_federation): added ... ... new integration test for module idempotency bugfix * added changelog fragment for pr Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de> (cherry picked from commit `0ca41dedce`) Co-authored-by: morco <thegreatwiper@web.de>	2023-01-22 17:44:39 +01:00
patchback[bot]	b66df6932e	[PR #5845/1430ed00 backport][stable-5] pipx: add testcase w/ env vars PIPX_xxxx (#5858 ) pipx: add testcase w/ env vars PIPX_xxxx (#5845) * pipx: add testcase w/ env vars PIPX_xxxx * add note to the docs about env vars * add note to the docs about env vars * Apply suggestions from code review * Update plugins/modules/pipx.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/pipx_info.py Co-authored-by: Felix Fontein <felix@fontein.de> * break long lines into smaller ones Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `1430ed000c`) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>	2023-01-18 21:43:11 +01:00
Felix Fontein	5060f19a05	Prepare 5.8.5 release.	2023-01-18 08:19:30 +01:00
patchback[bot]	99652cb06d	[PR #5818/5ad703ac backport][stable-5] nsupdate: fix zone lookup (#5852 ) nsupdate: fix zone lookup (#5818) The SOA record for an existing zone is returned as an answer RR and not as an authority RR. It can be returned as an authority RR for subdomains of a zone. $ dig -t SOA example.com ;; ANSWER SECTION: example.com. 3530 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600 $ dig -t SOA www.example.com ;; AUTHORITY SECTION: example.com. 3600 IN SOA ns.icann.org. noc.dns.icann.org. 2022091184 7200 3600 1209600 3600 (cherry picked from commit `5ad703ac64`) Co-authored-by: n0p90 <36303164+n0p90@users.noreply.github.com>	2023-01-17 21:32:08 +01:00
patchback[bot]	6aeeab18c2	[PR #5843/44172dda backport][stable-5] Add -no-color argument to terraform validation (#5846 ) Add -no-color argument to terraform validation (#5843) (cherry picked from commit `44172ddaa6`) Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>	2023-01-16 23:11:10 +01:00
patchback[bot]	2a2bfb6c5b	[PR #5808/6ec04973 backport][stable-5] xml children module parameter does not exist (#5838 ) xml children module parameter does not exist (#5808) * Add changelog * Add integration tests * Rename children to set_children * Add PR information * Update changelogs/fragments/5808-xml-children-parameter-does-not-exist.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `6ec049734e`) Co-authored-by: Cédric Servais <cedric.servais@outlook.com>	2023-01-14 18:34:45 +01:00
patchback[bot]	773ab9ba25	[PR #5833/08b0ea70 backport][stable-5] ldap.py: capitalize one letter (#5835 ) ldap.py: capitalize one letter (#5833) (cherry picked from commit `08b0ea700d`) Co-authored-by: bluikko <14869000+bluikko@users.noreply.github.com>	2023-01-14 18:30:16 +01:00
patchback[bot]	4fde0617c8	[PR #5766/317f79ff backport][stable-5] multiple scaleway modules: fixed markups in doc (#5826 ) multiple scaleway modules: fixed markups in doc (#5766) * multiple scaleway modules: fixed markups in doc * Update plugins/modules/scaleway_ip.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/scaleway_volume.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/scaleway_private_network.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/scaleway_security_group.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/scaleway_security_group_rule.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/scaleway_sshkey.py Co-authored-by: Felix Fontein <felix@fontein.de> * further docs adjustments Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `317f79ff1f`) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>	2023-01-12 21:56:21 +01:00
Felix Fontein	8cc343110f	[stable-5] Update CI matrix (#5799 ) Update CI matrix (#5782) * Update CI matrix. * Disable RHEL 9.1 for tests where RHEL 9.0 was disabled as well. * Skip iso_extract on FreeBSD 12.4. * Fix cloud_init_data_facts test for Fedora 37. * Do not try to install snap on RHEL 9.1. * Skip pkgng jail tests on FreeBSD 12.4 as well. (cherry picked from commit `6fb212b104`)	2023-01-07 18:17:15 +01:00
patchback[bot]	37feac8f68	[PR #5794/3b73e7ed backport][stable-5] alternatives: make work with Fedora 37 (#5796 ) alternatives: make work with Fedora 37 (#5794) * alternatives in Fedora 37 uses follower instead of slave. * Add changelog fragment. (cherry picked from commit `3b73e7ed2a`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-07 16:55:41 +01:00
patchback[bot]	7392a8e52c	[PR #5786/759ca9a0 backport][stable-5] Remove currently unneeded generic tests from CI (#5790 ) Remove currently unneeded generic tests from CI (#5786) Remove currently unneeded generic tests from CI. (cherry picked from commit `759ca9a0ab`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-07 15:24:43 +01:00
patchback[bot]	bfebc93f15	[PR #5785/0ff003d3 backport][stable-5] Fix CI (#5788 ) Fix CI (#5785) Try to fix CI. (cherry picked from commit `0ff003d312`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-07 15:20:27 +01:00
patchback[bot]	b6e822aad2	[PR #5760/9e3a729d backport][stable-5] Improve callback docs (#5783 ) Improve callback docs (#5760) * Improve callback docs. * Apply suggestions from code review Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * Update plugins/callback/logentries.py Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * More improvements. Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> (cherry picked from commit `9e3a729da9`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-07 11:45:09 +00:00
patchback[bot]	2a6f91b4e4	[PR #5751/2670215c backport][stable-5] Fix gem.py, hang on uninstall specific gem version (#5779 ) Fix gem.py, hang on uninstall specific gem version (#5751) * Update gem.py move 'cmd.append('--executable')' to all uninstalls rather than only all versions * Create 5751-gem-fix-uninstall-hang * Rename 5751-gem-fix-uninstall-hang to 5751-gem-fix-uninstall-hang.yml (cherry picked from commit `2670215c8a`) Co-authored-by: rietvelde <99407273+rietvelde@users.noreply.github.com>	2023-01-07 10:53:25 +01:00
patchback[bot]	8d94d16eec	[PR #5735/fc2b1aac backport][stable-5] terraform: bugfix: init command when default workspace doesn't exists (#5776 ) terraform: bugfix: init command when default workspace doesn't exists (#5735) * feat: init when default workspace doesn't exists * doc: add changelogs fragment and docs update * fix: changelog formating fix (cherry picked from commit `fc2b1aac4a`) Co-authored-by: Teodor Janez Podobnik <48418580+dorkamotorka@users.noreply.github.com>	2023-01-07 10:53:05 +01:00
patchback[bot]	f2c08bebd6	[PR #5767/217a62ac backport][stable-5] consul: minor fixes in docs (#5770 ) consul: minor fixes in docs (#5767) * consul: minor fixes in docs * additional docs fixes * adjustments from review (cherry picked from commit `217a62aca2`) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>	2023-01-06 15:17:43 +01:00
patchback[bot]	e7f66d9bc1	[PR #5761/84ebda65 backport][stable-5] Fix callback plugin types (#5763 ) Fix callback plugin types (#5761) Fix callback types. (cherry picked from commit `84ebda65f1`) Co-authored-by: Felix Fontein <felix@fontein.de>	2023-01-04 23:46:28 +01:00
patchback[bot]	21e402e2bb	[PR #5755/b49bf081 backport][stable-5] ModuleHelper - fix bug when adjusting conflicting output (#5757 ) ModuleHelper - fix bug when adjusting conflicting output (#5755) * ModuleHelper - fix bug when adjusting conflicting output * add changelog fragment * remove commented test code (cherry picked from commit `b49bf081f8`) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>	2023-01-04 21:40:53 +01:00
Felix Fontein	6d4c5b76a4	Next expected release is 5.8.5.	2023-01-04 07:58:15 +01:00
Felix Fontein	a1fd642008	Release 5.8.4.	2023-01-04 07:28:44 +01:00
Felix Fontein	8298b2c7c1	Prepare 5.8.4 release.	2023-01-03 23:54:28 +01:00
patchback[bot]	25ff8d4179	[PR #5741/06d72dfe backport][stable-5] htpasswd: improve documentation on crypt_scheme (#5748 ) htpasswd: improve documentation on crypt_scheme (#5741) * htpasswd: improve documentation on crypt_scheme * htpasswd: formatting in documentation Co-authored-by: Felix Fontein <felix@fontein.de> * htpasswd: formatting in documentation Co-authored-by: Felix Fontein <felix@fontein.de> * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `06d72dfed9`) Co-authored-by: bluikko <14869000+bluikko@users.noreply.github.com>	2022-12-31 08:14:57 +01:00
patchback[bot]	145ceb693b	[PR #5744/568e1880 backport][stable-5] unixy Callback: Fix typo using ansibles config manager (#5746 ) unixy Callback: Fix typo using ansibles config manager (#5744) Fixes typo introduced in `53da86c`. Signed-off-by: Fabian P. Schmidt <kerel@mailbox.org> Signed-off-by: Fabian P. Schmidt <kerel@mailbox.org> (cherry picked from commit `568e18809c`) Co-authored-by: Fabian P. Schmidt <kerel@mailbox.org>	2022-12-31 07:54:05 +01:00
patchback[bot]	40d094e63a	[PR #5672/fab73a1d backport][stable-5] Bugfix: Remove redundant VMID parameters (#5708 ) Bugfix: Remove redundant VMID parameters (#5672) * Remove redundant parameters VMID * Add changelog fragment (cherry picked from commit `fab73a1d1e`) Co-authored-by: castorsky <csky57@gmail.com>	2022-12-19 20:43:16 +01:00
patchback[bot]	6988ea052d	[PR #5705/2b39470a backport][stable-5] opkg: fix issue that force=reinstall would not reinstall an existing package (#5710 ) opkg: fix issue that force=reinstall would not reinstall an existing package (#5705) * opkg: fix issue that force=reinstall would not reinstall an existing package Signed-off-by: Joerg Hofrichter <joerg.hofrichter@ni.com> * changelog fragment Signed-off-by: Joerg Hofrichter <joerg.hofrichter@ni.com> (cherry picked from commit `2b39470a77`) Co-authored-by: joergho <48011876+joergho@users.noreply.github.com>	2022-12-19 20:42:57 +01:00
patchback[bot]	f26883f45f	[PR #5699/25be366c backport][stable-5] Fixed `github_release` docs: only module-specific returned key is `tag` (#5700 ) Fixed `github_release` docs: only module-specific returned key is `tag` (#5699) * Fixed github_release docs: only module-specific returned key is "tag" * Update plugins/modules/github_release.py - added a dot Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `25be366cc3`) Co-authored-by: Or Bin <orbin50@gmail.com>	2022-12-18 09:25:50 +01:00
patchback[bot]	03b312c0ae	[PR #5659/af53271c backport][stable-5] lxc_container: fix lxc argument when executing lxc command (#5697 ) lxc_container: fix lxc argument when executing lxc command (#5659) lxc_container fails when executing the lxc command (e.g. when creating a new container) because PR#5358 broke the module argument parsing. The resulting argument dict contained only the module argument name and the argument flag but not the value. E.g. ``` - lxc_container: template: debian ``` would result in lxc command arguments `lxc template --template` instead of `lxc --template debian`. Fixes: `6f88426cf1` ("lxc_container: minor refactor (#5358)") Fixes #5578 Signed-off-by: Alexander Couzens <lynxis@fe80.eu> Signed-off-by: Alexander Couzens <lynxis@fe80.eu> (cherry picked from commit `af53271c41`) Co-authored-by: Alexander Couzens <lynxis@fe80.eu>	2022-12-17 12:22:27 +01:00
Felix Fontein	a634cc2928	[stable-5] gconftool2: fix index error (#5687 ) Fix index error.	2022-12-15 06:48:33 +01:00
patchback[bot]	14f23fbebe	[PR #5667/c3bc172b backport][stable-5] respect new variable property in gitlab_group_variable and gitlab_project_variable (#5678 ) respect new variable property in gitlab_group_variable and gitlab_project_variable (#5667) * draft * add changelog fragment * rework * rework group variables * add new line at end of file * Update plugins/module_utils/gitlab.py Co-authored-by: Nejc Habjan <hab.nejc@gmail.com> * rename * revert * return a copy * Update plugins/modules/gitlab_project_variable.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Nejc Habjan <hab.nejc@gmail.com> Co-authored-by: Felix Fontein <felix@fontein.de> (cherry picked from commit `c3bc172bf6`) Co-authored-by: Markus Bergholz <git@osuv.de>	2022-12-10 22:42:16 +01:00
patchback[bot]	77aabcd8f5	[PR #5674/b5e58a3b backport][stable-5] CI: Bump CentOS Stream 8 Python from 3.8 to 3.9 (#5676 ) CI: Bump CentOS Stream 8 Python from 3.8 to 3.9 (#5674) Bump CentOS Stream 8 Python from 3.8 to 3.9. (cherry picked from commit `b5e58a3bcc`) Co-authored-by: Felix Fontein <felix@fontein.de>	2022-12-09 15:52:34 +00:00
patchback[bot]	3a1f23323c	[PR #5668/50021d6b backport][stable-5] Fix pipx_info tests (#5669 ) Fix pipx_info tests (#5668) Update dependencies. (cherry picked from commit `50021d6bfb`) Co-authored-by: Felix Fontein <felix@fontein.de>	2022-12-08 22:25:09 +01:00
Felix Fontein	6ccb9a9813	Next expected release is 5.8.4.	2022-12-05 22:08:58 +01:00