Remove all CI scripts since this branch is now End of Life.

[stable-9] docs: add notes that dnf_* modules do not work with dnf5 (#10238) (#10248)

docs: add notes that dnf_* modules do not work with dnf5 (#10238)

* Add notes that dnf_* modules do not work with dnf5.

* Apply suggestions from code review.

---------

(cherry picked from commit 1956815884)


(cherry picked from commit cb26c50d65)

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>

.azure-pipelines/README.md

@@ -1,9 +0,0 @@
-<!--
-Copyright (c) Ansible Project
-GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-SPDX-License-Identifier: GPL-3.0-or-later
--->
-
-## Azure Pipelines Configuration
-
-Please see the [Documentation](https://github.com/ansible/community/wiki/Testing:-Azure-Pipelines) for more information.

.azure-pipelines/azure-pipelines.yml

@@ -1,360 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-trigger:
-  batch: true
-  branches:
-    include:
-      - main
-      - stable-*
-
-pr:
-  autoCancel: true
-  branches:
-    include:
-      - main
-      - stable-*
-
-schedules:
-  - cron: 0 8 * * *
-    displayName: Nightly (main)
-    always: true
-    branches:
-      include:
-        - main
-  - cron: 0 10 * * *
-    displayName: Nightly (active stable branches)
-    always: true
-    branches:
-      include:
-        - stable-9
-        - stable-8
-  - cron: 0 11 * * 0
-    displayName: Weekly (old stable branches)
-    always: true
-    branches:
-      include:
-        - stable-7
-
-variables:
-  - name: checkoutPath
-    value: ansible_collections/community/general
-  - name: coverageBranches
-    value: main
-  - name: pipelinesCoverage
-    value: coverage
-  - name: entryPoint
-    value: tests/utils/shippable/shippable.sh
-  - name: fetchDepth
-    value: 0
-
-resources:
-  containers:
-    - container: default
-      image: quay.io/ansible/azure-pipelines-test-container:6.0.0
-
-pool: Standard
-
-stages:
-### Sanity
-  - stage: Sanity_2_18
-    displayName: Sanity 2.18
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.18/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
-            - test: extra
-  - stage: Sanity_2_17
-    displayName: Sanity 2.17
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.17/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
-  - stage: Sanity_2_16
-    displayName: Sanity 2.16
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.16/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
-### Units
-  - stage: Units_2_18
-    displayName: Units 2.18
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.18/units/{0}/1
-          targets:
-            - test: 3.8
-            - test: 3.9
-            - test: '3.10'
-            - test: '3.11'
-            - test: '3.12'
-            - test: '3.13'
-  - stage: Units_2_17
-    displayName: Units 2.17
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.17/units/{0}/1
-          targets:
-            - test: 3.7
-            - test: "3.12"
-  - stage: Units_2_16
-    displayName: Units 2.16
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.16/units/{0}/1
-          targets:
-            - test: 2.7
-            - test: 3.6
-            - test: "3.11"
-
-## Remote
-  - stage: Remote_2_18_extra_vms
-    displayName: Remote 2.18 extra VMs
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.18/{0}
-          targets:
-            - name: Alpine 3.20
-              test: alpine/3.20
-            # - name: Fedora 40
-            #   test: fedora/40
-            - name: Ubuntu 22.04
-              test: ubuntu/22.04
-            - name: Ubuntu 24.04
-              test: ubuntu/24.04
-          groups:
-            - vm
-  - stage: Remote_2_18
-    displayName: Remote 2.18
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.18/{0}
-          targets:
-            - name: macOS 14.3
-              test: macos/14.3
-            - name: RHEL 9.4
-              test: rhel/9.4
-            - name: FreeBSD 14.1
-              test: freebsd/14.1
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Remote_2_17
-    displayName: Remote 2.17
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.17/{0}
-          targets:
-            - name: FreeBSD 13.3
-              test: freebsd/13.3
-            - name: RHEL 9.3
-              test: rhel/9.3
-            - name: FreeBSD 14.0
-              test: freebsd/14.0
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Remote_2_16
-    displayName: Remote 2.16
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.16/{0}
-          targets:
-            - name: macOS 13.2
-              test: macos/13.2
-            - name: RHEL 9.2
-              test: rhel/9.2
-            - name: RHEL 8.8
-              test: rhel/8.8
-            - name: RHEL 7.9
-              test: rhel/7.9
-            # - name: FreeBSD 13.2
-            #   test: freebsd/13.2
-          groups:
-            - 1
-            - 2
-            - 3
-
-### Docker
-  - stage: Docker_2_18
-    displayName: Docker 2.18
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.18/linux/{0}
-          targets:
-            - name: Fedora 40
-              test: fedora40
-            - name: Alpine 3.20
-              test: alpine320
-            - name: Ubuntu 22.04
-              test: ubuntu2204
-            - name: Ubuntu 24.04
-              test: ubuntu2404
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Docker_2_17
-    displayName: Docker 2.17
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.17/linux/{0}
-          targets:
-            - name: Fedora 39
-              test: fedora39
-            - name: Alpine 3.19
-              test: alpine319
-            - name: Ubuntu 20.04
-              test: ubuntu2004
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Docker_2_16
-    displayName: Docker 2.16
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.16/linux/{0}
-          targets:
-            - name: Fedora 38
-              test: fedora38
-            - name: openSUSE 15
-              test: opensuse15
-            - name: Alpine 3
-              test: alpine3
-            - name: CentOS 7
-              test: centos7
-          groups:
-            - 1
-            - 2
-            - 3
-
-### Community Docker
-  - stage: Docker_community_2_18
-    displayName: Docker (community images) 2.18
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.18/linux-community/{0}
-          targets:
-            - name: Debian Bullseye
-              test: debian-bullseye/3.9
-            - name: Debian Bookworm
-              test: debian-bookworm/3.11
-            - name: ArchLinux
-              test: archlinux/3.12
-          groups:
-            - 1
-            - 2
-            - 3
-
-### Generic
-# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
-#  - stage: Generic_2_18
-#    displayName: Generic 2.18
-#    dependsOn: []
-#    jobs:
-#      - template: templates/matrix.yml
-#        parameters:
-#          nameFormat: Python {0}
-#          testFormat: 2.18/generic/{0}/1
-#          targets:
-#            - test: '3.8'
-#            - test: '3.11'
-#            - test: '3.13'
-#  - stage: Generic_2_17
-#    displayName: Generic 2.17
-#    dependsOn: []
-#    jobs:
-#      - template: templates/matrix.yml
-#        parameters:
-#          nameFormat: Python {0}
-#          testFormat: 2.17/generic/{0}/1
-#          targets:
-#            - test: '3.7'
-#            - test: '3.12'
-#  - stage: Generic_2_16
-#    displayName: Generic 2.16
-#    dependsOn: []
-#    jobs:
-#      - template: templates/matrix.yml
-#        parameters:
-#          nameFormat: Python {0}
-#          testFormat: 2.16/generic/{0}/1
-#          targets:
-#            - test: '2.7'
-#            - test: '3.6'
-#            - test: '3.11'
-
-  - stage: Summary
-    condition: succeededOrFailed()
-    dependsOn:
-      - Sanity_2_18
-      - Sanity_2_17
-      - Sanity_2_16
-      - Units_2_18
-      - Units_2_17
-      - Units_2_16
-      - Remote_2_18_extra_vms
-      - Remote_2_18
-      - Remote_2_17
-      - Remote_2_16
-      - Docker_2_18
-      - Docker_2_17
-      - Docker_2_16
-      - Docker_community_2_18
-# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
-#      - Generic_2_18
-#      - Generic_2_17
-#      - Generic_2_16
-    jobs:
-      - template: templates/coverage.yml

.azure-pipelines/scripts/aggregate-coverage.sh

@@ -1,24 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# Aggregate code coverage results for later processing.
-
-set -o pipefail -eu
-
-agent_temp_directory="$1"
-
-PATH="${PWD}/bin:${PATH}"
-
-mkdir "${agent_temp_directory}/coverage/"
-
-options=(--venv --venv-system-site-packages --color -v)
-
-ansible-test coverage combine --group-by command --export "${agent_temp_directory}/coverage/" "${options[@]}"
-
-if ansible-test coverage analyze targets generate --help >/dev/null 2>&1; then
-    # Only analyze coverage if the installed version of ansible-test supports it.
-    # Doing so allows this script to work unmodified for multiple Ansible versions.
-    ansible-test coverage analyze targets generate "${agent_temp_directory}/coverage/coverage-analyze-targets.json" "${options[@]}"
-fi

.azure-pipelines/scripts/combine-coverage.py

@@ -1,64 +0,0 @@
-#!/usr/bin/env python
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-"""
-Combine coverage data from multiple jobs, keeping the data only from the most recent attempt from each job.
-Coverage artifacts must be named using the format: "Coverage $(System.JobAttempt) {StableUniqueNameForEachJob}"
-The recommended coverage artifact name format is: Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)
-Keep in mind that Azure Pipelines does not enforce unique job display names (only names).
-It is up to pipeline authors to avoid name collisions when deviating from the recommended format.
-"""
-
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
-
-import os
-import re
-import shutil
-import sys
-
-
-def main():
-    """Main program entry point."""
-    source_directory = sys.argv[1]
-
-    if '/ansible_collections/' in os.getcwd():
-        output_path = "tests/output"
-    else:
-        output_path = "test/results"
-
-    destination_directory = os.path.join(output_path, 'coverage')
-
-    if not os.path.exists(destination_directory):
-        os.makedirs(destination_directory)
-
-    jobs = {}
-    count = 0
-
-    for name in os.listdir(source_directory):
-        match = re.search('^Coverage (?P<attempt>[0-9]+) (?P<label>.+)$', name)
-        label = match.group('label')
-        attempt = int(match.group('attempt'))
-        jobs[label] = max(attempt, jobs.get(label, 0))
-
-    for label, attempt in jobs.items():
-        name = 'Coverage {attempt} {label}'.format(label=label, attempt=attempt)
-        source = os.path.join(source_directory, name)
-        source_files = os.listdir(source)
-
-        for source_file in source_files:
-            source_path = os.path.join(source, source_file)
-            destination_path = os.path.join(destination_directory, source_file + '.' + label)
-            print('"%s" -> "%s"' % (source_path, destination_path))
-            shutil.copyfile(source_path, destination_path)
-            count += 1
-
-    print('Coverage file count: %d' % count)
-    print('##vso[task.setVariable variable=coverageFileCount]%d' % count)
-    print('##vso[task.setVariable variable=outputPath]%s' % output_path)
-
-
-if __name__ == '__main__':
-    main()

.azure-pipelines/scripts/process-results.sh

@@ -1,28 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# Check the test results and set variables for use in later steps.
-
-set -o pipefail -eu
-
-if [[ "$PWD" =~ /ansible_collections/ ]]; then
-    output_path="tests/output"
-else
-    output_path="test/results"
-fi
-
-echo "##vso[task.setVariable variable=outputPath]${output_path}"
-
-if compgen -G "${output_path}"'/junit/*.xml' > /dev/null; then
-    echo "##vso[task.setVariable variable=haveTestResults]true"
-fi
-
-if compgen -G "${output_path}"'/bot/ansible-test-*' > /dev/null; then
-    echo "##vso[task.setVariable variable=haveBotResults]true"
-fi
-
-if compgen -G "${output_path}"'/coverage/*' > /dev/null; then
-    echo "##vso[task.setVariable variable=haveCoverageData]true"
-fi

.azure-pipelines/scripts/publish-codecov.py

@@ -1,105 +0,0 @@
-#!/usr/bin/env python
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-"""
-Upload code coverage reports to codecov.io.
-Multiple coverage files from multiple languages are accepted and aggregated after upload.
-Python coverage, as well as PowerShell and Python stubs can all be uploaded.
-"""
-
-import argparse
-import dataclasses
-import pathlib
-import shutil
-import subprocess
-import tempfile
-import typing as t
-import urllib.request
-
-
-@dataclasses.dataclass(frozen=True)
-class CoverageFile:
-    name: str
-    path: pathlib.Path
-    flags: t.List[str]
-
-
-@dataclasses.dataclass(frozen=True)
-class Args:
-    dry_run: bool
-    path: pathlib.Path
-
-
-def parse_args() -> Args:
-    parser = argparse.ArgumentParser()
-    parser.add_argument('-n', '--dry-run', action='store_true')
-    parser.add_argument('path', type=pathlib.Path)
-
-    args = parser.parse_args()
-
-    # Store arguments in a typed dataclass
-    fields = dataclasses.fields(Args)
-    kwargs = {field.name: getattr(args, field.name) for field in fields}
-
-    return Args(**kwargs)
-
-
-def process_files(directory: pathlib.Path) -> t.Tuple[CoverageFile, ...]:
-    processed = []
-    for file in directory.joinpath('reports').glob('coverage*.xml'):
-        name = file.stem.replace('coverage=', '')
-
-        # Get flags from name
-        flags = name.replace('-powershell', '').split('=')  # Drop '-powershell' suffix
-        flags = [flag if not flag.startswith('stub') else flag.split('-')[0] for flag in flags]  # Remove "-01" from stub files
-
-        processed.append(CoverageFile(name, file, flags))
-
-    return tuple(processed)
-
-
-def upload_files(codecov_bin: pathlib.Path, files: t.Tuple[CoverageFile, ...], dry_run: bool = False) -> None:
-    for file in files:
-        cmd = [
-            str(codecov_bin),
-            '--name', file.name,
-            '--file', str(file.path),
-        ]
-        for flag in file.flags:
-            cmd.extend(['--flags', flag])
-
-        if dry_run:
-            print(f'DRY-RUN: Would run command: {cmd}')
-            continue
-
-        subprocess.run(cmd, check=True)
-
-
-def download_file(url: str, dest: pathlib.Path, flags: int, dry_run: bool = False) -> None:
-    if dry_run:
-        print(f'DRY-RUN: Would download {url} to {dest} and set mode to {flags:o}')
-        return
-
-    with urllib.request.urlopen(url) as resp:
-        with dest.open('w+b') as f:
-            # Read data in chunks rather than all at once
-            shutil.copyfileobj(resp, f, 64 * 1024)
-
-    dest.chmod(flags)
-
-
-def main():
-    args = parse_args()
-    url = 'https://ansible-ci-files.s3.amazonaws.com/codecov/linux/codecov'
-    with tempfile.TemporaryDirectory(prefix='codecov-') as tmpdir:
-        codecov_bin = pathlib.Path(tmpdir) / 'codecov'
-        download_file(url, codecov_bin, 0o755, args.dry_run)
-
-        files = process_files(args.path)
-        upload_files(codecov_bin, files, args.dry_run)
-
-
-if __name__ == '__main__':
-    main()

.azure-pipelines/scripts/report-coverage.sh

@@ -1,19 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# Generate code coverage reports for uploading to Azure Pipelines and codecov.io.
-
-set -o pipefail -eu
-
-PATH="${PWD}/bin:${PATH}"
-
-if ! ansible-test --help >/dev/null 2>&1; then
-    # Install the devel version of ansible-test for generating code coverage reports.
-    # This is only used by Ansible Collections, which are typically tested against multiple Ansible versions (in separate jobs).
-    # Since a version of ansible-test is required that can work the output from multiple older releases, the devel version is used.
-    pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
-fi
-
-ansible-test coverage xml --group-by command --stub --venv --venv-system-site-packages --color -v

.azure-pipelines/scripts/run-tests.sh

@@ -1,38 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# Configure the test environment and run the tests.
-
-set -o pipefail -eu
-
-entry_point="$1"
-test="$2"
-read -r -a coverage_branches <<< "$3"  # space separated list of branches to run code coverage on for scheduled builds
-
-export COMMIT_MESSAGE
-export COMPLETE
-export COVERAGE
-export IS_PULL_REQUEST
-
-if [ "${SYSTEM_PULLREQUEST_TARGETBRANCH:-}" ]; then
-    IS_PULL_REQUEST=true
-    COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD^2)
-else
-    IS_PULL_REQUEST=
-    COMMIT_MESSAGE=$(git log --format=%B -n 1 HEAD)
-fi
-
-COMPLETE=
-COVERAGE=
-
-if [ "${BUILD_REASON}" = "Schedule" ]; then
-    COMPLETE=yes
-
-    if printf '%s\n' "${coverage_branches[@]}" | grep -q "^${BUILD_SOURCEBRANCHNAME}$"; then
-        COVERAGE=yes
-    fi
-fi
-
-"${entry_point}" "${test}" 2>&1 | "$(dirname "$0")/time-command.py"

.azure-pipelines/scripts/time-command.py

@@ -1,29 +0,0 @@
-#!/usr/bin/env python
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-"""Prepends a relative timestamp to each input line from stdin and writes it to stdout."""
-
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
-
-import sys
-import time
-
-
-def main():
-    """Main program entry point."""
-    start = time.time()
-
-    sys.stdin.reconfigure(errors='surrogateescape')
-    sys.stdout.reconfigure(errors='surrogateescape')
-
-    for line in sys.stdin:
-        seconds = time.time() - start
-        sys.stdout.write('%02d:%02d %s' % (seconds // 60, seconds % 60, line))
-        sys.stdout.flush()
-
-
-if __name__ == '__main__':
-    main()

.azure-pipelines/templates/coverage.yml

@@ -1,44 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# This template adds a job for processing code coverage data.
-# It will upload results to Azure Pipelines and codecov.io.
-# Use it from a job stage that completes after all other jobs have completed.
-# This can be done by placing it in a separate summary stage that runs after the test stage(s) have completed.
-
-jobs:
-  - job: Coverage
-    displayName: Code Coverage
-    container: default
-    workspace:
-      clean: all
-    steps:
-      - checkout: self
-        fetchDepth: $(fetchDepth)
-        path: $(checkoutPath)
-      - task: DownloadPipelineArtifact@2
-        displayName: Download Coverage Data
-        inputs:
-          path: coverage/
-          patterns: "Coverage */*=coverage.combined"
-      - bash: .azure-pipelines/scripts/combine-coverage.py coverage/
-        displayName: Combine Coverage Data
-      - bash: .azure-pipelines/scripts/report-coverage.sh
-        displayName: Generate Coverage Report
-        condition: gt(variables.coverageFileCount, 0)
-      - task: PublishCodeCoverageResults@1
-        inputs:
-          codeCoverageTool: Cobertura
-          # Azure Pipelines only accepts a single coverage data file.
-          # That means only Python or PowerShell coverage can be uploaded, but not both.
-          # Set the "pipelinesCoverage" variable to determine which type is uploaded.
-          # Use "coverage" for Python and "coverage-powershell" for PowerShell.
-          summaryFileLocation: "$(outputPath)/reports/$(pipelinesCoverage).xml"
-        displayName: Publish to Azure Pipelines
-        condition: gt(variables.coverageFileCount, 0)
-      - bash: .azure-pipelines/scripts/publish-codecov.py "$(outputPath)"
-        displayName: Publish to codecov.io
-        condition: gt(variables.coverageFileCount, 0)
-        continueOnError: true

.azure-pipelines/templates/matrix.yml

@@ -1,60 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# This template uses the provided targets and optional groups to generate a matrix which is then passed to the test template.
-# If this matrix template does not provide the required functionality, consider using the test template directly instead.
-
-parameters:
-  # A required list of dictionaries, one per test target.
-  # Each item in the list must contain a "test" or "name" key.
-  # Both may be provided. If one is omitted, the other will be used.
-  - name: targets
-    type: object
-
-  # An optional list of values which will be used to multiply the targets list into a matrix.
-  # Values can be strings or numbers.
-  - name: groups
-    type: object
-    default: []
-
-  # An optional format string used to generate the job name.
-  # - {0} is the name of an item in the targets list.
-  - name: nameFormat
-    type: string
-    default: "{0}"
-
-  # An optional format string used to generate the test name.
-  # - {0} is the name of an item in the targets list.
-  - name: testFormat
-    type: string
-    default: "{0}"
-
-  # An optional format string used to add the group to the job name.
-  # {0} is the formatted name of an item in the targets list.
-  # {{1}} is the group -- be sure to include the double "{{" and "}}".
-  - name: nameGroupFormat
-    type: string
-    default: "{0} - {{1}}"
-
-  # An optional format string used to add the group to the test name.
-  # {0} is the formatted test of an item in the targets list.
-  # {{1}} is the group -- be sure to include the double "{{" and "}}".
-  - name: testGroupFormat
-    type: string
-    default: "{0}/{{1}}"
-
-jobs:
-  - template: test.yml
-    parameters:
-      jobs:
-        - ${{ if eq(length(parameters.groups), 0) }}:
-          - ${{ each target in parameters.targets }}:
-            - name: ${{ format(parameters.nameFormat, coalesce(target.name, target.test)) }}
-              test: ${{ format(parameters.testFormat, coalesce(target.test, target.name)) }}
-        - ${{ if not(eq(length(parameters.groups), 0)) }}:
-          - ${{ each group in parameters.groups }}:
-            - ${{ each target in parameters.targets }}:
-              - name: ${{ format(format(parameters.nameGroupFormat, parameters.nameFormat), coalesce(target.name, target.test), group) }}
-                test: ${{ format(format(parameters.testGroupFormat, parameters.testFormat), coalesce(target.test, target.name), group) }}

.azure-pipelines/templates/test.yml

@@ -1,50 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# This template uses the provided list of jobs to create test one or more test jobs.
-# It can be used directly if needed, or through the matrix template.
-
-parameters:
-  # A required list of dictionaries, one per test job.
-  # Each item in the list must contain a "job" and "name" key.
-  - name: jobs
-    type: object
-
-jobs:
-  - ${{ each job in parameters.jobs }}:
-    - job: test_${{ replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_') }}
-      displayName: ${{ job.name }}
-      container: default
-      workspace:
-        clean: all
-      steps:
-        - checkout: self
-          fetchDepth: $(fetchDepth)
-          path: $(checkoutPath)
-        - bash: .azure-pipelines/scripts/run-tests.sh "$(entryPoint)" "${{ job.test }}" "$(coverageBranches)"
-          displayName: Run Tests
-        - bash: .azure-pipelines/scripts/process-results.sh
-          condition: succeededOrFailed()
-          displayName: Process Results
-        - bash: .azure-pipelines/scripts/aggregate-coverage.sh "$(Agent.TempDirectory)"
-          condition: eq(variables.haveCoverageData, 'true')
-          displayName: Aggregate Coverage Data
-        - task: PublishTestResults@2
-          condition: eq(variables.haveTestResults, 'true')
-          inputs:
-            testResultsFiles: "$(outputPath)/junit/*.xml"
-          displayName: Publish Test Results
-        - task: PublishPipelineArtifact@1
-          condition: eq(variables.haveBotResults, 'true')
-          displayName: Publish Bot Results
-          inputs:
-            targetPath: "$(outputPath)/bot/"
-            artifactName: "Bot $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
-        - task: PublishPipelineArtifact@1
-          condition: eq(variables.haveCoverageData, 'true')
-          displayName: Publish Coverage Data
-          inputs:
-            targetPath: "$(Agent.TempDirectory)/coverage/"
-            artifactName: "Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"

.github/BOTMETA.yml

@@ -425,7 +425,7 @@ files:
   $modules/bearychat.py:
     maintainers: tonyseek
   $modules/bigpanda.py:
-    maintainers: hkariti
+    ignore: hkariti
   $modules/bitbucket_:
     maintainers: catcombo
   $modules/bower.py:
@@ -1362,16 +1362,19 @@ files:
     keywords: sophos utm
     maintainers: $team_e_spirit
   $modules/utm_ca_host_key_cert.py:
-    maintainers: stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
   $modules/utm_ca_host_key_cert_info.py:
-    maintainers: stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
   $modules/utm_network_interface_address.py:
     maintainers: steamx
   $modules/utm_network_interface_address_info.py:
     maintainers: steamx
   $modules/utm_proxy_auth_profile.py:
     keywords: sophos utm
-    maintainers: $team_e_spirit stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
   $modules/utm_proxy_exception.py:
     keywords: sophos utm
     maintainers: $team_e_spirit RickS-C137
@@ -1539,6 +1542,6 @@ macros:
   team_rhsm: cnsnyder ptoscano
   team_scaleway: remyleone abarbare
   team_solaris: bcoca fishman jasperla jpdasma mator scathatheworm troy2914 xen0l
-  team_suse: commel evrardjp lrupp toabctl AnderEnder alxgu andytom sealor
+  team_suse: commel evrardjp lrupp AnderEnder alxgu andytom sealor
   team_virt: joshainglis karmab Thulium-Drake Ajpantuso
   team_wdc: mikemoerk

.github/workflows/ansible-test.yml

@@ -1,226 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-# For the comprehensive list of the inputs supported by the ansible-community/ansible-test-gh-action GitHub Action, see
-# https://github.com/marketplace/actions/ansible-test
-
-name: EOL CI
-on:
-  # Run EOL CI against all pushes (direct commits, also merged PRs), Pull Requests
-  push:
-    branches:
-      - main
-      - stable-*
-  pull_request:
-  # Run EOL CI once per day (at 08:00 UTC)
-  schedule:
-    - cron: '0 8 * * *'
-
-concurrency:
-  # Make sure there is at most one active run per PR, but do not cancel any non-PR runs
-  group: ${{ github.workflow }}-${{ (github.head_ref && github.event.number) || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  sanity:
-    name: EOL Sanity (Ⓐ${{ matrix.ansible }})
-    strategy:
-      matrix:
-        ansible:
-          - '2.13'
-          - '2.14'
-          - '2.15'
-    # Ansible-test on various stable branches does not yet work well with cgroups v2.
-    # Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
-    # image for these stable branches. The list of branches where this is necessary will
-    # shrink over time, check out https://github.com/ansible-collections/news-for-maintainers/issues/28
-    # for the latest list.
-    runs-on: ubuntu-latest
-    steps:
-      - name: Perform sanity testing
-        uses: felixfontein/ansible-test-gh-action@main
-        with:
-          ansible-core-version: stable-${{ matrix.ansible }}
-          codecov-token: ${{ secrets.CODECOV_TOKEN }}
-          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
-          pull-request-change-detection: 'true'
-          testing-type: sanity
-
-  units:
-    # Ansible-test on various stable branches does not yet work well with cgroups v2.
-    # Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
-    # image for these stable branches. The list of branches where this is necessary will
-    # shrink over time, check out https://github.com/ansible-collections/news-for-maintainers/issues/28
-    # for the latest list.
-    runs-on: ubuntu-latest
-    name: EOL Units (Ⓐ${{ matrix.ansible }}+py${{ matrix.python }})
-    strategy:
-      # As soon as the first unit test fails, cancel the others to free up the CI queue
-      fail-fast: true
-      matrix:
-        ansible:
-          - ''
-        python:
-          - ''
-        exclude:
-          - ansible: ''
-        include:
-          - ansible: '2.13'
-            python: '2.7'
-          - ansible: '2.13'
-            python: '3.8'
-          - ansible: '2.13'
-            python: '2.7'
-          - ansible: '2.13'
-            python: '3.8'
-          - ansible: '2.14'
-            python: '3.9'
-          - ansible: '2.15'
-            python: '3.5'
-          - ansible: '2.15'
-            python: '3.10'
-
-    steps:
-      - name: >-
-          Perform unit testing against
-          Ansible version ${{ matrix.ansible }}
-        uses: felixfontein/ansible-test-gh-action@main
-        with:
-          ansible-core-version: stable-${{ matrix.ansible }}
-          codecov-token: ${{ secrets.CODECOV_TOKEN }}
-          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
-          pre-test-cmd: >-
-            mkdir -p ../../ansible
-            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git ../../community/internal_test_tools
-          pull-request-change-detection: 'true'
-          target-python-version: ${{ matrix.python }}
-          testing-type: units
-
-  integration:
-    # Ansible-test on various stable branches does not yet work well with cgroups v2.
-    # Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
-    # image for these stable branches. The list of branches where this is necessary will
-    # shrink over time, check out https://github.com/ansible-collections/news-for-maintainers/issues/28
-    # for the latest list.
-    runs-on: ubuntu-latest
-    name: EOL I (Ⓐ${{ matrix.ansible }}+${{ matrix.docker }}+py${{ matrix.python }}:${{ matrix.target }})
-    strategy:
-      fail-fast: false
-      matrix:
-        ansible:
-          - ''
-        docker:
-          - ''
-        python:
-          - ''
-        target:
-          - ''
-        exclude:
-          - ansible: ''
-        include:
-          # 2.13
-          - ansible: '2.13'
-            docker: fedora35
-            python: ''
-            target: azp/posix/1/
-          - ansible: '2.13'
-            docker: fedora35
-            python: ''
-            target: azp/posix/2/
-          - ansible: '2.13'
-            docker: fedora35
-            python: ''
-            target: azp/posix/3/
-          - ansible: '2.13'
-            docker: opensuse15py2
-            python: ''
-            target: azp/posix/1/
-          - ansible: '2.13'
-            docker: opensuse15py2
-            python: ''
-            target: azp/posix/2/
-          - ansible: '2.13'
-            docker: opensuse15py2
-            python: ''
-            target: azp/posix/3/
-          - ansible: '2.13'
-            docker: alpine3
-            python: ''
-            target: azp/posix/1/
-          - ansible: '2.13'
-            docker: alpine3
-            python: ''
-            target: azp/posix/2/
-          - ansible: '2.13'
-            docker: alpine3
-            python: ''
-            target: azp/posix/3/
-          # 2.14
-          - ansible: '2.14'
-            docker: alpine3
-            python: ''
-            target: azp/posix/1/
-          - ansible: '2.14'
-            docker: alpine3
-            python: ''
-            target: azp/posix/2/
-          - ansible: '2.14'
-            docker: alpine3
-            python: ''
-            target: azp/posix/3/
-          # 2.15
-          - ansible: '2.15'
-            docker: fedora37
-            python: ''
-            target: azp/posix/1/
-          - ansible: '2.15'
-            docker: fedora37
-            python: ''
-            target: azp/posix/2/
-          - ansible: '2.15'
-            docker: fedora37
-            python: ''
-            target: azp/posix/3/
-          # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
-          # - ansible: '2.13'
-          #   docker: default
-          #   python: '3.9'
-          #   target: azp/generic/1/
-          # - ansible: '2.14'
-          #   docker: default
-          #   python: '3.10'
-          #   target: azp/generic/1/
-          # - ansible: '2.15'
-          #   docker: default
-          #   python: '3.9'
-          #   target: azp/generic/1/
-
-    steps:
-      - name: >-
-          Perform integration testing against
-          Ansible version ${{ matrix.ansible }}
-          under Python ${{ matrix.python }}
-        uses: felixfontein/ansible-test-gh-action@main
-        with:
-          ansible-core-version: stable-${{ matrix.ansible }}
-          codecov-token: ${{ secrets.CODECOV_TOKEN }}
-          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
-          docker-image: ${{ matrix.docker }}
-          integration-continue-on-error: 'false'
-          integration-diff: 'false'
-          integration-retry-on-error: 'true'
-          pre-test-cmd: >-
-            mkdir -p ../../ansible
-            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/ansible.posix.git ../../ansible/posix
-            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.crypto.git ../../community/crypto
-            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git ../../community/internal_test_tools
-          pull-request-change-detection: 'true'
-          target: ${{ matrix.target }}
-          target-python-version: ${{ matrix.python }}
-          testing-type: integration

.github/workflows/codeql-analysis.yml

@@ -1,36 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-name: "Code scanning - action"
-
-on:
-  schedule:
-    - cron: '26 19 * * 1'
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  CodeQL-Build:
-
-    permissions:
-      actions: read  # for github/codeql-action/init to get workflow details
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/autobuild to send a status report
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: python
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3

.github/workflows/import-galaxy.yml

@@ -1,20 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-name: import-galaxy
-'on':
-  # Run CI against all pushes (direct commits, also merged PRs) to main, and all Pull Requests
-  push:
-    branches:
-      - main
-      - stable-*
-  pull_request:
-
-jobs:
-  import-galaxy:
-    permissions:
-      contents: read
-    name: Test to import built collection artifact with Galaxy importer
-    uses: ansible-community/github-action-test-galaxy-import/.github/workflows/test-galaxy-import.yml@main

.github/workflows/reuse.yml

@@ -1,34 +0,0 @@
----
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-name: Verify REUSE
-
-on:
-  push:
-    branches:
-      - main
-      - stable-*
-  pull_request:
-    types: [opened, synchronize, reopened]
-    branches:
-      - main
-      - stable-*
-  # Run CI once per day (at 07:30 UTC)
-  schedule:
-    - cron: '30 7 * * *'
-
-jobs:
-  check:
-    permissions:
-      contents: read
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha || '' }}
-
-      - name: REUSE Compliance Check
-        uses: fsfe/reuse-action@v4

.reuse/dep5

@@ -1,5 +0,0 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-
-Files: changelogs/fragments/*
-Copyright: Ansible Project
-License: GPL-3.0-or-later

CHANGELOG.md

@@ -2,112 +2,174 @@
 
 **Topics**
 
-- <a href="#v8-6-7">v8\.6\.7</a>
+- <a href="#v8-6-11">v8\.6\.11</a>
     - <a href="#release-summary">Release Summary</a>
-    - <a href="#bugfixes">Bugfixes</a>
-- <a href="#v8-6-6">v8\.6\.6</a>
+- <a href="#v8-6-10">v8\.6\.10</a>
     - <a href="#release-summary-1">Release Summary</a>
-    - <a href="#minor-changes">Minor Changes</a>
-    - <a href="#bugfixes-1">Bugfixes</a>
-- <a href="#v8-6-5">v8\.6\.5</a>
+    - <a href="#security-fixes">Security Fixes</a>
+- <a href="#v8-6-9">v8\.6\.9</a>
     - <a href="#release-summary-2">Release Summary</a>
-    - <a href="#bugfixes-2">Bugfixes</a>
-- <a href="#v8-6-4">v8\.6\.4</a>
+    - <a href="#security-fixes-1">Security Fixes</a>
+- <a href="#v8-6-8">v8\.6\.8</a>
     - <a href="#release-summary-3">Release Summary</a>
-    - <a href="#minor-changes-1">Minor Changes</a>
-    - <a href="#bugfixes-3">Bugfixes</a>
-- <a href="#v8-6-3">v8\.6\.3</a>
+    - <a href="#bugfixes">Bugfixes</a>
+- <a href="#v8-6-7">v8\.6\.7</a>
     - <a href="#release-summary-4">Release Summary</a>
-    - <a href="#minor-changes-2">Minor Changes</a>
-    - <a href="#bugfixes-4">Bugfixes</a>
-- <a href="#v8-6-2">v8\.6\.2</a>
+    - <a href="#bugfixes-1">Bugfixes</a>
+- <a href="#v8-6-6">v8\.6\.6</a>
     - <a href="#release-summary-5">Release Summary</a>
+    - <a href="#minor-changes">Minor Changes</a>
+    - <a href="#bugfixes-2">Bugfixes</a>
+- <a href="#v8-6-5">v8\.6\.5</a>
+    - <a href="#release-summary-6">Release Summary</a>
+    - <a href="#bugfixes-3">Bugfixes</a>
+- <a href="#v8-6-4">v8\.6\.4</a>
+    - <a href="#release-summary-7">Release Summary</a>
+    - <a href="#minor-changes-1">Minor Changes</a>
+    - <a href="#bugfixes-4">Bugfixes</a>
+- <a href="#v8-6-3">v8\.6\.3</a>
+    - <a href="#release-summary-8">Release Summary</a>
+    - <a href="#minor-changes-2">Minor Changes</a>
     - <a href="#bugfixes-5">Bugfixes</a>
+- <a href="#v8-6-2">v8\.6\.2</a>
+    - <a href="#release-summary-9">Release Summary</a>
+    - <a href="#bugfixes-6">Bugfixes</a>
     - <a href="#known-issues">Known Issues</a>
 - <a href="#v8-6-1">v8\.6\.1</a>
-    - <a href="#release-summary-6">Release Summary</a>
-    - <a href="#security-fixes">Security Fixes</a>
-    - <a href="#bugfixes-6">Bugfixes</a>
+    - <a href="#release-summary-10">Release Summary</a>
+    - <a href="#security-fixes-2">Security Fixes</a>
+    - <a href="#bugfixes-7">Bugfixes</a>
 - <a href="#v8-6-0">v8\.6\.0</a>
-    - <a href="#release-summary-7">Release Summary</a>
+    - <a href="#release-summary-11">Release Summary</a>
     - <a href="#minor-changes-3">Minor Changes</a>
     - <a href="#deprecated-features">Deprecated Features</a>
-    - <a href="#bugfixes-7">Bugfixes</a>
+    - <a href="#bugfixes-8">Bugfixes</a>
     - <a href="#new-modules">New Modules</a>
 - <a href="#v8-5-0">v8\.5\.0</a>
-    - <a href="#release-summary-8">Release Summary</a>
+    - <a href="#release-summary-12">Release Summary</a>
     - <a href="#minor-changes-4">Minor Changes</a>
-    - <a href="#security-fixes-1">Security Fixes</a>
-    - <a href="#bugfixes-8">Bugfixes</a>
+    - <a href="#security-fixes-3">Security Fixes</a>
+    - <a href="#bugfixes-9">Bugfixes</a>
     - <a href="#new-modules-1">New Modules</a>
 - <a href="#v8-4-0">v8\.4\.0</a>
-    - <a href="#release-summary-9">Release Summary</a>
+    - <a href="#release-summary-13">Release Summary</a>
     - <a href="#minor-changes-5">Minor Changes</a>
-    - <a href="#bugfixes-9">Bugfixes</a>
+    - <a href="#bugfixes-10">Bugfixes</a>
     - <a href="#new-plugins">New Plugins</a>
         - <a href="#callback">Callback</a>
         - <a href="#filter">Filter</a>
     - <a href="#new-modules-2">New Modules</a>
 - <a href="#v8-3-0">v8\.3\.0</a>
-    - <a href="#release-summary-10">Release Summary</a>
+    - <a href="#release-summary-14">Release Summary</a>
     - <a href="#minor-changes-6">Minor Changes</a>
     - <a href="#deprecated-features-1">Deprecated Features</a>
-    - <a href="#bugfixes-10">Bugfixes</a>
+    - <a href="#bugfixes-11">Bugfixes</a>
     - <a href="#new-modules-3">New Modules</a>
 - <a href="#v8-2-0">v8\.2\.0</a>
-    - <a href="#release-summary-11">Release Summary</a>
+    - <a href="#release-summary-15">Release Summary</a>
     - <a href="#minor-changes-7">Minor Changes</a>
-    - <a href="#bugfixes-11">Bugfixes</a>
+    - <a href="#bugfixes-12">Bugfixes</a>
     - <a href="#new-plugins-1">New Plugins</a>
         - <a href="#connection">Connection</a>
         - <a href="#filter-1">Filter</a>
         - <a href="#lookup">Lookup</a>
     - <a href="#new-modules-4">New Modules</a>
 - <a href="#v8-1-0">v8\.1\.0</a>
-    - <a href="#release-summary-12">Release Summary</a>
+    - <a href="#release-summary-16">Release Summary</a>
     - <a href="#minor-changes-8">Minor Changes</a>
-    - <a href="#bugfixes-12">Bugfixes</a>
+    - <a href="#bugfixes-13">Bugfixes</a>
     - <a href="#new-plugins-2">New Plugins</a>
         - <a href="#lookup-1">Lookup</a>
         - <a href="#test">Test</a>
     - <a href="#new-modules-5">New Modules</a>
 - <a href="#v8-0-2">v8\.0\.2</a>
-    - <a href="#release-summary-13">Release Summary</a>
-    - <a href="#bugfixes-13">Bugfixes</a>
-- <a href="#v8-0-1">v8\.0\.1</a>
-    - <a href="#release-summary-14">Release Summary</a>
+    - <a href="#release-summary-17">Release Summary</a>
     - <a href="#bugfixes-14">Bugfixes</a>
+- <a href="#v8-0-1">v8\.0\.1</a>
+    - <a href="#release-summary-18">Release Summary</a>
+    - <a href="#bugfixes-15">Bugfixes</a>
 - <a href="#v8-0-0">v8\.0\.0</a>
-    - <a href="#release-summary-15">Release Summary</a>
+    - <a href="#release-summary-19">Release Summary</a>
     - <a href="#minor-changes-9">Minor Changes</a>
     - <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
     - <a href="#deprecated-features-2">Deprecated Features</a>
     - <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
-    - <a href="#bugfixes-15">Bugfixes</a>
+    - <a href="#bugfixes-16">Bugfixes</a>
     - <a href="#known-issues-1">Known Issues</a>
     - <a href="#new-plugins-3">New Plugins</a>
         - <a href="#lookup-2">Lookup</a>
     - <a href="#new-modules-6">New Modules</a>
 This changelog describes changes after version 7\.0\.0\.
 
-<a id="v8-6-7"></a>
-## v8\.6\.7
+<a id="v8-6-11"></a>
+## v8\.6\.11
 
 <a id="release-summary"></a>
 ### Release Summary
 
-Bugfix release\.
+Maintenance release\.
+
+This is the last 8\.x\.y release\. The 8\.x\.y release train is now effectively End of Life\.
+
+Thanks to everyone who contributed to the community\.general 8\.x\.y releases\!
+
+<a id="v8-6-10"></a>
+## v8\.6\.10
+
+<a id="release-summary-1"></a>
+### Release Summary
+
+Maintenance release with a security fix\.
+
+<a id="security-fixes"></a>
+### Security Fixes
+
+* keycloak\_client \- Sanitize <code>saml\.encryption\.private\.key</code> so it does not show in the logs \([https\://github\.com/ansible\-collections/community\.general/pull/9621](https\://github\.com/ansible\-collections/community\.general/pull/9621)\)\.
+
+<a id="v8-6-9"></a>
+## v8\.6\.9
+
+<a id="release-summary-2"></a>
+### Release Summary
+
+Maintenance release with a security fix\.
+
+<a id="security-fixes-1"></a>
+### Security Fixes
+
+* keycloak\_authentication \- API calls did not properly set the <code>priority</code> during update resulting in incorrectly sorted authentication flows\. This apparently only affects Keycloak 25 or newer \([https\://github\.com/ansible\-collections/community\.general/pull/9263](https\://github\.com/ansible\-collections/community\.general/pull/9263)\)\.
+
+<a id="v8-6-8"></a>
+## v8\.6\.8
+
+<a id="release-summary-3"></a>
+### Release Summary
+
+Maintenance release for inclusion in Ansible 9\.13\.0\.
 
 <a id="bugfixes"></a>
 ### Bugfixes
 
+* github\_key \- in check mode\, a faulty call to <code>\`datetime\.strftime\(\.\.\.\)\`</code> was being made which generated an exception \([https\://github\.com/ansible\-collections/community\.general/issues/9185](https\://github\.com/ansible\-collections/community\.general/issues/9185)\)\.
+
+<a id="v8-6-7"></a>
+## v8\.6\.7
+
+<a id="release-summary-4"></a>
+### Release Summary
+
+Bugfix release\.
+
+<a id="bugfixes-1"></a>
+### Bugfixes
+
 * collection\_version lookup plugin \- use <code>importlib</code> directly instead of the deprecated and in ansible\-core 2\.19 removed <code>ansible\.module\_utils\.compat\.importlib</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9084](https\://github\.com/ansible\-collections/community\.general/pull/9084)\)\.
 * modprobe \- fix check mode not being honored for <code>persistent</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/9051](https\://github\.com/ansible\-collections/community\.general/issues/9051)\, [https\://github\.com/ansible\-collections/community\.general/pull/9052](https\://github\.com/ansible\-collections/community\.general/pull/9052)\)\.
 
 <a id="v8-6-6"></a>
 ## v8\.6\.6
 
-<a id="release-summary-1"></a>
+<a id="release-summary-5"></a>
 ### Release Summary
 
 Regular bugfix release\.
@@ -121,7 +183,7 @@ security fixes\.
 
 * redfish\_confg \- remove <code>CapacityBytes</code> from required paramaters of the <code>CreateVolume</code> command \([https\://github\.com/ansible\-collections/community\.general/pull/8956](https\://github\.com/ansible\-collections/community\.general/pull/8956)\)\.
 
-<a id="bugfixes-1"></a>
+<a id="bugfixes-2"></a>
 ### Bugfixes
 
 * cloudflare\_dns \- fix changing Cloudflare SRV records \([https\://github\.com/ansible\-collections/community\.general/issues/8679](https\://github\.com/ansible\-collections/community\.general/issues/8679)\, [https\://github\.com/ansible\-collections/community\.general/pull/8948](https\://github\.com/ansible\-collections/community\.general/pull/8948)\)\.
@@ -142,12 +204,12 @@ security fixes\.
 <a id="v8-6-5"></a>
 ## v8\.6\.5
 
-<a id="release-summary-2"></a>
+<a id="release-summary-6"></a>
 ### Release Summary
 
 Regular bugfix release\.
 
-<a id="bugfixes-2"></a>
+<a id="bugfixes-3"></a>
 ### Bugfixes
 
 * gitlab\_group\_access\_token \- fix crash in check mode caused by attempted access to a newly created access token \([https\://github\.com/ansible\-collections/community\.general/pull/8796](https\://github\.com/ansible\-collections/community\.general/pull/8796)\)\.
@@ -161,7 +223,7 @@ Regular bugfix release\.
 <a id="v8-6-4"></a>
 ## v8\.6\.4
 
-<a id="release-summary-3"></a>
+<a id="release-summary-7"></a>
 ### Release Summary
 
 Regular bugfix release\.
@@ -171,7 +233,7 @@ Regular bugfix release\.
 
 * passwordstore lookup plugin \- add the current user to the lockfile file name to address issues on multi\-user systems \([https\://github\.com/ansible\-collections/community\.general/pull/8689](https\://github\.com/ansible\-collections/community\.general/pull/8689)\)\.
 
-<a id="bugfixes-3"></a>
+<a id="bugfixes-4"></a>
 ### Bugfixes
 
 * gitlab\_runner \- fix <code>paused</code> parameter being ignored \([https\://github\.com/ansible\-collections/community\.general/pull/8648](https\://github\.com/ansible\-collections/community\.general/pull/8648)\)\.
@@ -182,7 +244,7 @@ Regular bugfix release\.
 <a id="v8-6-3"></a>
 ## v8\.6\.3
 
-<a id="release-summary-4"></a>
+<a id="release-summary-8"></a>
 ### Release Summary
 
 Regular bugfix release\.
@@ -192,7 +254,7 @@ Regular bugfix release\.
 
 * wdc\_redfish\_command \- minor change to handle upgrade file for Redfish WD platforms \([https\://github\.com/ansible\-collections/community\.general/pull/8444](https\://github\.com/ansible\-collections/community\.general/pull/8444)\)\.
 
-<a id="bugfixes-4"></a>
+<a id="bugfixes-5"></a>
 ### Bugfixes
 
 * bitwarden lookup plugin \- fix <code>KeyError</code> in <code>search\_field</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8549](https\://github\.com/ansible\-collections/community\.general/issues/8549)\, [https\://github\.com/ansible\-collections/community\.general/pull/8557](https\://github\.com/ansible\-collections/community\.general/pull/8557)\)\.
@@ -203,12 +265,12 @@ Regular bugfix release\.
 <a id="v8-6-2"></a>
 ## v8\.6\.2
 
-<a id="release-summary-5"></a>
+<a id="release-summary-9"></a>
 ### Release Summary
 
 Regular bugfix release\.
 
-<a id="bugfixes-5"></a>
+<a id="bugfixes-6"></a>
 ### Bugfixes
 
 * git\_config \- fix behavior of <code>state\=absent</code> if <code>value</code> is present \([https\://github\.com/ansible\-collections/community\.general/issues/8436](https\://github\.com/ansible\-collections/community\.general/issues/8436)\, [https\://github\.com/ansible\-collections/community\.general/pull/8452](https\://github\.com/ansible\-collections/community\.general/pull/8452)\)\.
@@ -230,17 +292,17 @@ Regular bugfix release\.
 <a id="v8-6-1"></a>
 ## v8\.6\.1
 
-<a id="release-summary-6"></a>
+<a id="release-summary-10"></a>
 ### Release Summary
 
 Regular bugfix release\.
 
-<a id="security-fixes"></a>
+<a id="security-fixes-2"></a>
 ### Security Fixes
 
 * keycloak\_identity\_provider \- the client secret was not correctly sanitized by the module\. The return values <code>proposed</code>\, <code>existing</code>\, and <code>end\_state</code>\, as well as the diff\, did contain the client secret unmasked \([https\://github\.com/ansible\-collections/community\.general/pull/8355](https\://github\.com/ansible\-collections/community\.general/pull/8355)\)\.
 
-<a id="bugfixes-6"></a>
+<a id="bugfixes-7"></a>
 ### Bugfixes
 
 * keycloak\_user\_federation \- fix diff of empty <code>krbPrincipalAttribute</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8320](https\://github\.com/ansible\-collections/community\.general/pull/8320)\)\.
@@ -251,7 +313,7 @@ Regular bugfix release\.
 <a id="v8-6-0"></a>
 ## v8\.6\.0
 
-<a id="release-summary-7"></a>
+<a id="release-summary-11"></a>
 ### Release Summary
 
 Regular bugfix and features release\.
@@ -279,7 +341,7 @@ Regular bugfix and features release\.
 
 * hipchat callback plugin \- the hipchat service has been discontinued and the self\-hosted variant has been End of Life since 2020\. The callback plugin is therefore deprecated and will be removed from community\.general 10\.0\.0 if nobody provides compelling reasons to still keep it \([https\://github\.com/ansible\-collections/community\.general/issues/8184](https\://github\.com/ansible\-collections/community\.general/issues/8184)\, [https\://github\.com/ansible\-collections/community\.general/pull/8189](https\://github\.com/ansible\-collections/community\.general/pull/8189)\)\.
 
-<a id="bugfixes-7"></a>
+<a id="bugfixes-8"></a>
 ### Bugfixes
 
 * aix\_filesystem \- fix <code>\_validate\_vg</code> not passing VG name to <code>lsvg\_cmd</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8151](https\://github\.com/ansible\-collections/community\.general/issues/8151)\)\.
@@ -305,7 +367,7 @@ Regular bugfix and features release\.
 <a id="v8-5-0"></a>
 ## v8\.5\.0
 
-<a id="release-summary-8"></a>
+<a id="release-summary-12"></a>
 ### Release Summary
 
 Regular feature and bugfix release with security fixes\.
@@ -323,12 +385,12 @@ Regular feature and bugfix release with security fixes\.
 * proxmox \- adds <code>startup</code> parameters to configure startup order\, startup delay and shutdown delay \([https\://github\.com/ansible\-collections/community\.general/pull/8038](https\://github\.com/ansible\-collections/community\.general/pull/8038)\)\.
 * revbitspss lookup plugin \- removed a redundant unicode prefix\. The prefix was not necessary for Python 3 and has been cleaned up to streamline the code \([https\://github\.com/ansible\-collections/community\.general/pull/8087](https\://github\.com/ansible\-collections/community\.general/pull/8087)\)\.
 
-<a id="security-fixes-1"></a>
+<a id="security-fixes-3"></a>
 ### Security Fixes
 
 * cobbler\, gitlab\_runners\, icinga2\, linode\, lxd\, nmap\, online\, opennebula\, proxmox\, scaleway\, stackpath\_compute\, virtualbox\, and xen\_orchestra inventory plugin \- make sure all data received from the remote servers is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.general/pull/8098](https\://github\.com/ansible\-collections/community\.general/pull/8098)\)\.
 
-<a id="bugfixes-8"></a>
+<a id="bugfixes-9"></a>
 ### Bugfixes
 
 * aix\_filesystem \- fix issue with empty list items in crfs logic and option order \([https\://github\.com/ansible\-collections/community\.general/pull/8052](https\://github\.com/ansible\-collections/community\.general/pull/8052)\)\.
@@ -350,7 +412,7 @@ Regular feature and bugfix release with security fixes\.
 <a id="v8-4-0"></a>
 ## v8\.4\.0
 
-<a id="release-summary-9"></a>
+<a id="release-summary-13"></a>
 ### Release Summary
 
 Regular bugfix and feature release\.
@@ -368,7 +430,7 @@ Regular bugfix and feature release\.
 * sudoers \- add support for the <code>NOEXEC</code> tag in sudoers rules \([https\://github\.com/ansible\-collections/community\.general/pull/7983](https\://github\.com/ansible\-collections/community\.general/pull/7983)\)\.
 * terraform \- fix <code>diff\_mode</code> in state <code>absent</code> and when terraform <code>resource\_changes</code> does not exist \([https\://github\.com/ansible\-collections/community\.general/pull/7963](https\://github\.com/ansible\-collections/community\.general/pull/7963)\)\.
 
-<a id="bugfixes-9"></a>
+<a id="bugfixes-10"></a>
 ### Bugfixes
 
 * cargo \- fix idempotency issues when using a custom installation path for packages \(using the <code>\-\-path</code> parameter\)\. The initial installation runs fine\, but subsequent runs use the <code>get\_installed\(\)</code> function which did not check the given installation location\, before running <code>cargo install</code>\. This resulted in a false <code>changed</code> state\. Also the removal of packeges using <code>state\: absent</code> failed\, as the installation check did not use the given parameter \([https\://github\.com/ansible\-collections/community\.general/pull/7970](https\://github\.com/ansible\-collections/community\.general/pull/7970)\)\.
@@ -406,7 +468,7 @@ Regular bugfix and feature release\.
 <a id="v8-3-0"></a>
 ## v8\.3\.0
 
-<a id="release-summary-10"></a>
+<a id="release-summary-14"></a>
 ### Release Summary
 
 Regular bugfix and feature release\.
@@ -429,7 +491,7 @@ Regular bugfix and feature release\.
 
 * consul\_acl \- the module has been deprecated and will be removed in community\.general 10\.0\.0\. <code>consul\_token</code> and <code>consul\_policy</code> can be used instead \([https\://github\.com/ansible\-collections/community\.general/pull/7901](https\://github\.com/ansible\-collections/community\.general/pull/7901)\)\.
 
-<a id="bugfixes-10"></a>
+<a id="bugfixes-11"></a>
 ### Bugfixes
 
 * homebrew \- detect already installed formulae and casks using JSON output from <code>brew info</code> \([https\://github\.com/ansible\-collections/community\.general/issues/864](https\://github\.com/ansible\-collections/community\.general/issues/864)\)\.
@@ -453,7 +515,7 @@ Regular bugfix and feature release\.
 <a id="v8-2-0"></a>
 ## v8\.2\.0
 
-<a id="release-summary-11"></a>
+<a id="release-summary-15"></a>
 ### Release Summary
 
 Regular bugfix and feature release\.
@@ -474,7 +536,7 @@ Regular bugfix and feature release\.
 * ssh\_config \- new feature to set <code>IdentitiesOnly</code> option to <code>yes</code> or <code>no</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7704](https\://github\.com/ansible\-collections/community\.general/pull/7704)\)\.
 * xcc\_redfish\_command \- added support for raw POSTs \(<code>command\=PostResource</code> in <code>category\=Raw</code>\) without a specific action info \([https\://github\.com/ansible\-collections/community\.general/pull/7746](https\://github\.com/ansible\-collections/community\.general/pull/7746)\)\.
 
-<a id="bugfixes-11"></a>
+<a id="bugfixes-12"></a>
 ### Bugfixes
 
 * keycloak\_identity\_provider \- <code>mappers</code> processing was not idempotent if the mappers configuration list had not been sorted by name \(in ascending order\)\. Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
@@ -514,7 +576,7 @@ Regular bugfix and feature release\.
 <a id="v8-1-0"></a>
 ## v8\.1\.0
 
-<a id="release-summary-12"></a>
+<a id="release-summary-16"></a>
 ### Release Summary
 
 Regular bugfix and feature release\.
@@ -556,7 +618,7 @@ Regular bugfix and feature release\.
 * redfish\_info \- adding the <code>BootProgress</code> property when getting <code>Systems</code> info \([https\://github\.com/ansible\-collections/community\.general/pull/7626](https\://github\.com/ansible\-collections/community\.general/pull/7626)\)\.
 * ssh\_config \- adds <code>controlmaster</code>\, <code>controlpath</code> and <code>controlpersist</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7456](https\://github\.com/ansible\-collections/community\.general/pull/7456)\)\.
 
-<a id="bugfixes-12"></a>
+<a id="bugfixes-13"></a>
 ### Bugfixes
 
 * apt\-rpm \- the module did not upgrade packages if a newer version exists\. Now the package will be reinstalled if the candidate is newer than the installed version \([https\://github\.com/ansible\-collections/community\.general/issues/7414](https\://github\.com/ansible\-collections/community\.general/issues/7414)\)\.
@@ -597,12 +659,12 @@ Regular bugfix and feature release\.
 <a id="v8-0-2"></a>
 ## v8\.0\.2
 
-<a id="release-summary-13"></a>
+<a id="release-summary-17"></a>
 ### Release Summary
 
 Bugfix release for inclusion in Ansible 9\.0\.0rc1\.
 
-<a id="bugfixes-13"></a>
+<a id="bugfixes-14"></a>
 ### Bugfixes
 
 * ocapi\_utils\, oci\_utils\, redfish\_utils module utils \- replace <code>type\(\)</code> calls with <code>isinstance\(\)</code> calls \([https\://github\.com/ansible\-collections/community\.general/pull/7501](https\://github\.com/ansible\-collections/community\.general/pull/7501)\)\.
@@ -611,12 +673,12 @@ Bugfix release for inclusion in Ansible 9\.0\.0rc1\.
 <a id="v8-0-1"></a>
 ## v8\.0\.1
 
-<a id="release-summary-14"></a>
+<a id="release-summary-18"></a>
 ### Release Summary
 
 Bugfix release for inclusion in Ansible 9\.0\.0b1\.
 
-<a id="bugfixes-14"></a>
+<a id="bugfixes-15"></a>
 ### Bugfixes
 
 * gitlab\_group\_members \- fix gitlab constants call in <code>gitlab\_group\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
@@ -629,7 +691,7 @@ Bugfix release for inclusion in Ansible 9\.0\.0b1\.
 <a id="v8-0-0"></a>
 ## v8\.0\.0
 
-<a id="release-summary-15"></a>
+<a id="release-summary-19"></a>
 ### Release Summary
 
 This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-11\-01\.
@@ -833,7 +895,7 @@ This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-1
 * proxmox module utils \- removed unused imports \([https\://github\.com/ansible\-collections/community\.general/pull/6873](https\://github\.com/ansible\-collections/community\.general/pull/6873)\)\.
 * xfconf \- the deprecated <code>disable\_facts</code> option was removed \([https\://github\.com/ansible\-collections/community\.general/pull/7358](https\://github\.com/ansible\-collections/community\.general/pull/7358)\)\.
 
-<a id="bugfixes-15"></a>
+<a id="bugfixes-16"></a>
 ### Bugfixes
 
 * CmdRunner module utils \- does not attempt to resolve path if executable is a relative or absolute path \([https\://github\.com/ansible\-collections/community\.general/pull/7200](https\://github\.com/ansible\-collections/community\.general/pull/7200)\)\.

CHANGELOG.rst

@@ -6,6 +6,57 @@ Community General Release Notes
 
 This changelog describes changes after version 7.0.0.
 
+v8.6.11
+=======
+
+Release Summary
+---------------
+
+Maintenance release.
+
+This is the last 8.x.y release. The 8.x.y release train is now effectively End of Life.
+
+Thanks to everyone who contributed to the community.general 8.x.y releases!
+
+v8.6.10
+=======
+
+Release Summary
+---------------
+
+Maintenance release with a security fix.
+
+Security Fixes
+--------------
+
+- keycloak_client - Sanitize ``saml.encryption.private.key`` so it does not show in the logs (https://github.com/ansible-collections/community.general/pull/9621).
+
+v8.6.9
+======
+
+Release Summary
+---------------
+
+Maintenance release with a security fix.
+
+Security Fixes
+--------------
+
+- keycloak_authentication - API calls did not properly set the ``priority`` during update resulting in incorrectly sorted authentication flows. This apparently only affects Keycloak 25 or newer (https://github.com/ansible-collections/community.general/pull/9263).
+
+v8.6.8
+======
+
+Release Summary
+---------------
+
+Maintenance release for inclusion in Ansible 9.13.0.
+
+Bugfixes
+--------
+
+- github_key - in check mode, a faulty call to ```datetime.strftime(...)``` was being made which generated an exception (https://github.com/ansible-collections/community.general/issues/9185).
+
 v8.6.7
 ======
 

README.md

@@ -6,8 +6,9 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 # Community General Collection
 
+[![Documentation](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/ansible/devel/collections/community/general/)
 [![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-8)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
-[![EOL CI](https://github.com/ansible-collections/community.general/workflows/EOL%20CI/badge.svg?event=push)](https://github.com/ansible-collections/community.general/actions)
+[![EOL CI](https://github.com/ansible-collections/community.general/actions/workflows/ansible-test.yml/badge.svg?branch=stable-8)](https://github.com/ansible-collections/community.general/actions)
 [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.general)](https://codecov.io/gh/ansible-collections/community.general)
 [![REUSE status](https://api.reuse.software/badge/github.com/ansible-collections/community.general)](https://api.reuse.software/info/github.com/ansible-collections/community.general)
 
@@ -139,4 +140,4 @@ See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/commu
 
 Parts of the collection are licensed under the [BSD 2-Clause license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/BSD-2-Clause.txt), the [MIT license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/MIT.txt), and the [PSF 2.0 license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/PSF-2.0.txt).
 
-All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. This conforms to the [REUSE specification](https://reuse.software/spec/).
+All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `REUSE.toml`. This conforms to the [REUSE specification](https://reuse.software/spec/).

REUSE.toml

@@ -0,0 +1,11 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+version = 1
+
+[[annotations]]
+path = "changelogs/fragments/**"
+precedence = "aggregate"
+SPDX-FileCopyrightText = "Ansible Project"
+SPDX-License-Identifier = "GPL-3.0-or-later"

changelogs/changelog.yaml

@@ -1664,3 +1664,49 @@ releases:
       - 9052-modprobe-bugfix.yml
       - 9084-collection_version-importlib.yml
     release_date: '2024-11-03'
+  8.6.8:
+    changes:
+      bugfixes:
+        - github_key - in check mode, a faulty call to ```datetime.strftime(...)```
+          was being made which generated an exception (https://github.com/ansible-collections/community.general/issues/9185).
+      release_summary: Maintenance release for inclusion in Ansible 9.13.0.
+    fragments:
+      - 8.6.8.yml
+      - 9186-fix-broken-check-mode-in-github-key.yml
+    release_date: '2024-12-02'
+  8.6.9:
+    changes:
+      release_summary: Maintenance release with a security fix.
+      security_fixes:
+        - keycloak_authentication - API calls did not properly set the ``priority``
+          during update resulting in incorrectly sorted authentication flows. This
+          apparently only affects Keycloak 25 or newer (https://github.com/ansible-collections/community.general/pull/9263).
+    fragments:
+      - 8.6.9.yml
+      - 9263-kc_authentication-api-priority.yaml
+    release_date: '2024-12-31'
+  8.6.10:
+    changes:
+      release_summary: Maintenance release with a security fix.
+      security_fixes:
+        - keycloak_client - Sanitize ``saml.encryption.private.key`` so it does not
+          show in the logs (https://github.com/ansible-collections/community.general/pull/9621).
+    fragments:
+      - 8.6.10.yml
+      - 9621-keycloak_client-sanitize-saml-encryption-key.yml
+    release_date: '2025-01-27'
+  8.6.11:
+    changes:
+      release_summary: 'Maintenance release.
+
+
+        This is the last 8.x.y release. The 8.x.y release train is now effectively
+        End of Life.
+
+
+        Thanks to everyone who contributed to the community.general 8.x.y releases!
+
+        '
+    fragments:
+      - 8.6.11.yml
+    release_date: '2025-06-15'

docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst

@@ -65,7 +65,7 @@ All three statements are equivalent and give:
 
 .. note:: Be aware that in most cases, filter calls without any argument require ``flatten=true``, otherwise the input is returned as result. The reason for this is, that the input is considered as a variable argument and is wrapped by an additional outer list. ``flatten=true`` ensures that this list is removed before the input is processed by the filter logic.
 
-The filters ansplugin:`community.general.lists_difference#filter` or :ansplugin:`community.general.lists_symmetric_difference#filter` can be used in the same way as the filters in the examples above. They calculate the difference or the symmetric difference between two or more lists and preserve the item order.
+The filters :ansplugin:`community.general.lists_difference#filter` or :ansplugin:`community.general.lists_symmetric_difference#filter` can be used in the same way as the filters in the examples above. They calculate the difference or the symmetric difference between two or more lists and preserve the item order.
 
 For example, the symmetric difference of ``A``, ``B`` and ``C`` may be written as:
 

docs/docsite/rst/filter_guide_selecting_json_data.rst

@@ -124,7 +124,7 @@ To get a hash map with all ports and names of a cluster:
         var: item
       loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
       vars:
-        server_name_cluster1_query: "domain.server[?cluster=='cluster2'].{name: name, port: port}"
+        server_name_cluster1_query: "domain.server[?cluster=='cluster1'].{name: name, port: port}"
 
 To extract ports from all clusters with name starting with 'server1':
 

galaxy.yml

@@ -5,7 +5,7 @@
 
 namespace: community
 name: general
-version: 8.6.7
+version: 8.6.11
 readme: README.md
 authors:
   - Ansible (https://github.com/ansible)

plugins/filter/dict.py

@@ -57,8 +57,8 @@ EXAMPLES = '''
 
 RETURN = '''
   _value:
-    description: The dictionary having the provided key-value pairs.
-    type: boolean
+    description: A dictionary with the provided key-value pairs.
+    type: dictionary
 '''
 
 

plugins/filter/to_days.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_days
-  short_description: Converte a duration string to days
+  short_description: Converts a duration string to days
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to days.

plugins/filter/to_hours.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_hours
-  short_description: Converte a duration string to hours
+  short_description: Converts a duration string to hours
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to hours.

plugins/filter/to_milliseconds.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_milliseconds
-  short_description: Converte a duration string to milliseconds
+  short_description: Converts a duration string to milliseconds
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to milliseconds.

plugins/filter/to_minutes.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_minutes
-  short_description: Converte a duration string to minutes
+  short_description: Converts a duration string to minutes
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to minutes.

plugins/filter/to_months.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_months
-  short_description: Converte a duration string to months
+  short_description: Convert a duration string to months
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to months.

plugins/filter/to_seconds.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_seconds
-  short_description: Converte a duration string to seconds
+  short_description: Converts a duration string to seconds
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to seconds.

plugins/filter/to_time_unit.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_time_unit
-  short_description: Converte a duration string to the given time unit
+  short_description: Converts a duration string to the given time unit
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to the given time unit.

plugins/filter/to_weeks.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_weeks
-  short_description: Converte a duration string to weeks
+  short_description: Converts a duration string to weeks
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to weeks.

plugins/filter/to_years.yml

@@ -5,7 +5,7 @@
 
 DOCUMENTATION:
   name: to_years
-  short_description: Converte a duration string to years
+  short_description: Converts a duration string to years
   version_added: 0.2.0
   description:
     - Parse a human readable time duration string and convert to years.

plugins/lookup/github_app_access_token.py

@@ -49,8 +49,8 @@ EXAMPLES = '''
     dest: /srv/checkout
   vars:
     github_token: >-
-      lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
-             app_id='123456', installation_id='64209')
+      {{ lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
+                app_id='123456', installation_id='64209') }}
 '''
 
 RETURN = '''

plugins/modules/crypttab.py

@@ -77,7 +77,7 @@ EXAMPLES = r'''
     state: opts_present
     opts: discard
   loop: '{{ ansible_mounts }}'
-  when: "'/dev/mapper/luks-' in {{ item.device }}"
+  when: "'/dev/mapper/luks-' in item.device"
 '''
 
 import os

plugins/modules/dnf_config_manager.py

@@ -40,6 +40,8 @@ options:
     required: false
     type: str
     choices: [enabled, disabled]
+notes:
+  - Does not work with C(dnf5).
 seealso:
   - module: ansible.builtin.dnf
   - module: ansible.builtin.yum_repository

plugins/modules/dnf_versionlock.py

@@ -74,6 +74,7 @@ notes:
     guess as close as possible to the behaviour inferred from its code.
   - For most of cases where you want to lock and unlock specific versions of a
     package, this works fairly well.
+  - Does not work with C(dnf5).
 requirements:
   - dnf
   - dnf-plugin-versionlock

plugins/modules/github_key.py

@@ -162,7 +162,7 @@ def create_key(session, name, pubkey, check_mode):
             'key': pubkey,
             'title': name,
             'url': 'http://example.com/CHECK_MODE_GITHUB_KEY',
-            'created_at': datetime.strftime(now_t, '%Y-%m-%dT%H:%M:%SZ'),
+            'created_at': datetime.datetime.strftime(now_t, '%Y-%m-%dT%H:%M:%SZ'),
             'read_only': False,
             'verified': False
         }

plugins/modules/keycloak_authentication.py

@@ -257,6 +257,7 @@ def create_or_update_executions(kc, config, realm='master'):
         changed = False
         after = ""
         before = ""
+        execution = None
         if "authenticationExecutions" in config:
             # Get existing executions on the Keycloak server for this alias
             existing_executions = kc.get_executions_representation(config, realm=realm)
@@ -283,27 +284,27 @@ def create_or_update_executions(kc, config, realm='master'):
                         if new_exec['index'] is None:
                             new_exec_index = exec_index
                         before += str(existing_executions[exec_index]) + '\n'
-                    id_to_update = existing_executions[exec_index]["id"]
+                    execution = existing_executions[exec_index].copy()
                     # Remove exec from list in case 2 exec with same name
                     existing_executions[exec_index].clear()
                 elif new_exec["providerId"] is not None:
                     kc.create_execution(new_exec, flowAlias=flow_alias_parent, realm=realm)
+                    execution = kc.get_executions_representation(config, realm=realm)[exec_index]
                     exec_found = True
                     exec_index = new_exec_index
-                    id_to_update = kc.get_executions_representation(config, realm=realm)[exec_index]["id"]
                     after += str(new_exec) + '\n'
                 elif new_exec["displayName"] is not None:
                     kc.create_subflow(new_exec["displayName"], flow_alias_parent, realm=realm, flowType=new_exec["subFlowType"])
+                    execution = kc.get_executions_representation(config, realm=realm)[exec_index]
                     exec_found = True
                     exec_index = new_exec_index
-                    id_to_update = kc.get_executions_representation(config, realm=realm)[exec_index]["id"]
                     after += str(new_exec) + '\n'
                 if exec_found:
                     changed = True
                     if exec_index != -1:
                         # Update the existing execution
                         updated_exec = {
-                            "id": id_to_update
+                            "id": execution["id"]
                         }
                         # add the execution configuration
                         if new_exec["authenticationConfig"] is not None:
@@ -313,6 +314,8 @@ def create_or_update_executions(kc, config, realm='master'):
                             if key not in ("flowAlias", "authenticationConfig", "subFlowType"):
                                 updated_exec[key] = new_exec[key]
                         if new_exec["requirement"] is not None:
+                            if "priority" in execution:
+                                updated_exec["priority"] = execution["priority"]
                             kc.update_authentication_executions(flow_alias_parent, updated_exec, realm=realm)
                         diff = exec_index - new_exec_index
                         kc.change_execution_priority(updated_exec["id"], diff, realm=realm)

plugins/modules/keycloak_client.py

@@ -776,8 +776,11 @@ def sanitize_cr(clientrep):
         result['secret'] = 'no_log'
     if 'attributes' in result:
         attributes = result['attributes']
-        if isinstance(attributes, dict) and 'saml.signing.private.key' in attributes:
-            attributes['saml.signing.private.key'] = 'no_log'
+        if isinstance(attributes, dict):
+            if 'saml.signing.private.key' in attributes:
+                attributes['saml.signing.private.key'] = 'no_log'
+            if 'saml.encryption.private.key' in attributes:
+                attributes['saml.encryption.private.key'] = 'no_log'
     return normalise_cr(result)
 
 

plugins/modules/modprobe.py

@@ -46,6 +46,7 @@ options:
         type: str
         choices: [ disabled, absent, present ]
         default: disabled
+        version_added: 7.0.0
         description:
             - Persistency between reboots for configured module.
             - This option creates files in C(/etc/modules-load.d/) and C(/etc/modprobe.d/) that make your module configuration persistent during reboots.

plugins/modules/ufw.py

@@ -23,6 +23,10 @@ author:
     - Ahti Kitsik (@ahtik)
 notes:
     - See C(man ufw) for more examples.
+    - >
+      B(Warning:) Whilst the module itself can be run using concurrent strategies, C(ufw) does not support concurrency,
+      as firewall rules are meant to be ordered and parallel executions do not guarantee order.
+      B(Do not use concurrency:) The results are unpredictable and the module may fail silently if you do.
 requirements:
     - C(ufw) package
 extends_documentation_fragment:

plugins/modules/yarn.py

@@ -16,7 +16,8 @@ DOCUMENTATION = '''
 module: yarn
 short_description: Manage node.js packages with Yarn
 description:
-  - Manage node.js packages with the Yarn package manager (https://yarnpkg.com/)
+  - Manage Node.js packages with the Yarn package manager U(https://yarnpkg.com/).
+  - Note that at the moment, this module B(only works with Yarn Classic).
 author:
   - "David Gunter (@verkaufer)"
   - "Chris Hoffman (@chrishoffman), creator of NPM Ansible module)"
@@ -85,7 +86,7 @@ options:
     default: present
     choices: [ "present", "absent", "latest" ]
 requirements:
-    - Yarn installed in bin path (typically /usr/local/bin)
+  - Yarn Classic installed in bin path (typically C(/usr/local/bin))
 '''
 
 EXAMPLES = '''

tests/integration/targets/callback_yaml/tasks/main.yml

@@ -67,7 +67,7 @@
           ANSIBLE_NOCOLOR: 'true'
           ANSIBLE_FORCE_COLOR: 'false'
           ANSIBLE_STDOUT_CALLBACK: community.general.yaml
-        playbook: |
+        playbook: !unsafe |
           - hosts: testhost
             gather_facts: false
             vars:
@@ -78,9 +78,7 @@
             tasks:
               - name: Test to_yaml
                 debug:
-                  msg: "{{ '{{' }}'{{ '{{' }}'{{ '}}' }} data | to_yaml {{ '{{' }}'{{ '}}' }}'{{ '}}' }}"
-        # The above should be:   msg: "{{ data | to_yaml }}"
-        # Unfortunately, the way Ansible handles templating, we need to do some funny 'escaping' tricks...
+                  msg: "{{ data | to_yaml }}"
         expected_output: [
           "",
           "PLAY [testhost] ****************************************************************",

tests/integration/targets/cmd_runner/library/cmd_echo.py

@@ -7,6 +7,8 @@
 from __future__ import absolute_import, division, print_function
 __metaclass__ = type
 
+import traceback
+
 
 DOCUMENTATION = ""
 
@@ -43,15 +45,18 @@ def main():
 
         arg_formats[arg] = func(*args)
 
-    runner = CmdRunner(module, [module.params["cmd"], '--'], arg_formats=arg_formats, path_prefix=module.params["path_prefix"])
+    try:
+        runner = CmdRunner(module, [module.params["cmd"], '--'], arg_formats=arg_formats, path_prefix=module.params["path_prefix"])
 
-    with runner.context(p['arg_order'], check_mode_skip=p['check_mode_skip']) as ctx:
-        result = ctx.run(**p['arg_values'])
-        info = ctx.run_info
-    check = "check"
-    rc, out, err = result if result is not None else (None, None, None)
+        with runner.context(p['arg_order'], check_mode_skip=p['check_mode_skip']) as ctx:
+            result = ctx.run(**p['arg_values'])
+            info = ctx.run_info
+        check = "check"
+        rc, out, err = result if result is not None else (None, None, None)
 
-    module.exit_json(rc=rc, out=out, err=err, info=info)
+        module.exit_json(rc=rc, out=out, err=err, info=info)
+    except Exception as exc:
+        module.fail_json(rc=1, module_stderr=traceback.format_exc(), msg="Module crashed with exception")
 
 
 if __name__ == '__main__':

tests/integration/targets/filesystem/tasks/main.yml

@@ -59,6 +59,8 @@
             item.0.key == "reiserfs")'
     # reiserfs packages apparently not available with Alpine
     - 'not (ansible_distribution == "Alpine" and item.0.key == "reiserfs")'
+    # reiserfsprogs packages no longer available with Arch Linux
+    - 'not (ansible_distribution == "Archlinux" and item.0.key == "reiserfs")'
     # ocfs2 only available on Debian based distributions
     - 'not (item.0.key == "ocfs2" and ansible_os_family != "Debian")'
     # Tests use losetup which can not be used inside unprivileged container

tests/integration/targets/filesystem/tasks/setup.yml

@@ -75,7 +75,7 @@
     state: present
   when:
     - ansible_system == 'Linux'
-    - ansible_os_family not in ['Suse', 'RedHat', 'Alpine']
+    - ansible_os_family not in ['Suse', 'RedHat', 'Alpine', 'Archlinux']
 
 - name: "Install reiserfs progs (FreeBSD)"
   ansible.builtin.package:

tests/integration/targets/hg/aliases

@@ -3,5 +3,6 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 azp/posix/2
-skip/python3
 skip/aix
+skip/macos
+disabled  # TODO osdn.net is out of business, so cloning a repo from there does not work

tests/integration/targets/hg/meta/main.yml

@@ -6,3 +6,4 @@
 dependencies:
   - setup_pkg_mgr
   - setup_remote_tmp_dir
+  - setup_epel

tests/integration/targets/hg/tasks/install.yml

@@ -26,6 +26,12 @@
   shell: apt-get -y update && apt-get -y install mercurial
   when: ansible_facts.pkg_mgr == 'apt'
 
+- name: install packages (apk)
+  package:
+    name: mercurial
+    state: present
+  when: ansible_facts.pkg_mgr in ['apk', 'community.general.apk']
+
 - name: install mercurial (dnf)
   dnf:
     name: mercurial
@@ -36,6 +42,11 @@
     name: mercurial
   when: ansible_facts.pkg_mgr == 'yum'
 
+- name: install mercurial (pacman)
+  package:
+    name: mercurial
+  when: ansible_facts.pkg_mgr in ['pacman', 'community.general.pacman']
+
 - name: install mercurial (pkgng)
   package:
     name: mercurial

tests/integration/targets/hg/tasks/uninstall.yml

@@ -16,6 +16,12 @@
     line: "#!{{ stat_hg_interpreter.stat.path }}"
   when: stat_hg_interpreter.stat.islnk
 
+- name: uninstall packages which were not originally installed (apk)
+  package:
+    name: mercurial
+    state: absent
+  when: ansible_facts.pkg_mgr in ['apk', 'community.general.apk']
+
 # using the apt module prevents autoremove from working, so call apt-get via shell instead
 - name: uninstall packages which were not originally installed (apt)
   shell: apt-get -y remove mercurial && apt-get -y autoremove
@@ -33,6 +39,12 @@
   shell: yum -y autoremove mercurial
   when: ansible_facts.pkg_mgr == 'yum'
 
+- name: uninstall packages which were not originally installed (pacman)
+  package:
+    name: mercurial
+    state: absent
+  when: ansible_facts.pkg_mgr in ['pacman', 'community.general.pacman']
+
 - name: uninstall packages which were not originally installed (pkgng)
   package:
     name: mercurial

tests/integration/targets/keycloak_clientsecret_info/tasks/main.yml

@@ -32,7 +32,7 @@
   assert:
     that:
       - fetch_by_client_id_result.clientsecret_info.type == "secret"
-      - "{{ fetch_by_client_id_result.clientsecret_info.value | length }} >= 32"
+      - fetch_by_client_id_result.clientsecret_info.value | length >= 32
 
 - name: Keycloak Client fetch clientsecret by id
   community.general.keycloak_clientsecret_info: "{{ auth_args | combine(call_args) }}"

tests/integration/targets/keycloak_clientsecret_regenerate/tasks/main.yml

@@ -32,7 +32,7 @@
   assert:
     that:
       - regenerate_by_client_id.end_state.type == "secret"
-      - "{{ regenerate_by_client_id.end_state.value | length }} >= 32"
+      - regenerate_by_client_id.end_state.value | length >= 32
 
 - name: Keycloak Client regenerate clientsecret by id
   community.general.keycloak_clientsecret_regenerate: "{{ auth_args | combine(call_args) }}"
@@ -45,5 +45,5 @@
 - name: Assert that client secret was regenerated
   assert:
     that:
-      - "{{ regenerate_by_id.end_state.value | length }} >= 32"
+      - regenerate_by_id.end_state.value | length >= 32
       - regenerate_by_id.end_state.value != regenerate_by_client_id.end_state.value

tests/integration/targets/keycloak_role/tasks/main.yml

@@ -45,8 +45,8 @@
     that:
       - result is changed
       - result.existing == {}
-      - result.end_state.name == "{{ role }}"
-      - result.end_state.containerId == "{{ realm }}"
+      - result.end_state.name == role
+      - result.end_state.containerId == realm
 
 - name: Create existing realm role
   community.general.keycloak_role:
@@ -89,8 +89,8 @@
   assert:
     that:
       - result is changed
-      - result.existing.description == "{{ description_1 }}"
-      - result.end_state.description == "{{ description_2 }}"
+      - result.existing.description == description_1
+      - result.end_state.description == description_2
 
 - name: Delete existing realm role
   community.general.keycloak_role:
@@ -156,8 +156,8 @@
     that:
       - result is changed
       - result.existing == {}
-      - result.end_state.name == "{{ role }}"
-      - result.end_state.containerId == "{{ client.end_state.id }}"
+      - result.end_state.name == role
+      - result.end_state.containerId == client.end_state.id
 
 - name: Create existing client role
   community.general.keycloak_role:
@@ -202,8 +202,8 @@
   assert:
     that:
       - result is changed
-      - result.existing.description == "{{ description_1 }}"
-      - result.end_state.description == "{{ description_2 }}"
+      - result.existing.description == description_1
+      - result.end_state.description == description_2
 
 - name: Delete existing client role
   community.general.keycloak_role:
@@ -480,4 +480,4 @@
   assert:
     that:
       - result is not changed
-      - result.end_state == {}
+      - result.end_state == {}

tests/integration/targets/keycloak_user_federation/tasks/main.yml

@@ -64,7 +64,7 @@
     that:
       - result is changed
       - result.existing == {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 - name: Create new user federation in admin realm
   community.general.keycloak_user_federation:
@@ -117,7 +117,7 @@
     that:
       - result is changed
       - result.existing == {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 - name: Update existing user federation (no change)
   community.general.keycloak_user_federation:
@@ -170,9 +170,9 @@
     that:
       - result is not changed
       - result.existing != {}
-      - result.existing.name == "{{ federation }}"
+      - result.existing.name == federation
       - result.end_state != {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 - name: Update existing user federation (no change, admin realm)
   community.general.keycloak_user_federation:
@@ -225,9 +225,9 @@
     that:
       - result is not changed
       - result.existing != {}
-      - result.existing.name == "{{ federation }}"
+      - result.existing.name == federation
       - result.end_state != {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 - name: Update existing user federation (with change)
   community.general.keycloak_user_federation:
@@ -296,9 +296,9 @@
     that:
       - result is changed
       - result.existing != {}
-      - result.existing.name == "{{ federation }}"
+      - result.existing.name == federation
       - result.end_state != {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 - name: Delete existing user federation
   community.general.keycloak_user_federation:
@@ -411,7 +411,7 @@
     that:
       - result is changed
       - result.existing == {}
-      - result.end_state.name == "{{ federation }}"
+      - result.end_state.name == federation
 
 ## no point in retesting this, just doing it to clean up introduced server changes
 - name: Delete absent user federation

tests/integration/targets/keycloak_user_rolemapping/tasks/main.yml

@@ -53,7 +53,7 @@
   assert:
     that:
       - result is changed
-      - result.end_state | selectattr("clientRole", "eq", false) | selectattr("name", "eq", "{{role}}") | list | count > 0
+      - result.end_state | selectattr("clientRole", "eq", false) | selectattr("name", "eq", role) | list | count > 0
 
 - name: Unmap a realm role from client service account
   vars:
@@ -74,8 +74,8 @@
     that:
       - result is changed
       - (result.end_state | length) == (result.existing | length) - 1
-      - result.existing | selectattr("clientRole", "eq", false) | selectattr("name", "eq", "{{role}}") | list | count > 0
-      - result.end_state | selectattr("clientRole", "eq", false) | selectattr("name", "eq", "{{role}}") | list | count == 0
+      - result.existing | selectattr("clientRole", "eq", false) | selectattr("name", "eq", role) | list | count > 0
+      - result.end_state | selectattr("clientRole", "eq", false) | selectattr("name", "eq", role) | list | count == 0
 
 - name: Delete existing realm role
   community.general.keycloak_role:
@@ -118,7 +118,7 @@
   assert:
     that:
       - result is changed
-      - result.end_state | selectattr("clientRole", "eq", true) | selectattr("name", "eq", "{{role}}") | list | count > 0
+      - result.end_state | selectattr("clientRole", "eq", true) | selectattr("name", "eq", role) | list | count > 0
 
 - name: Unmap a client role from client service account
   vars:
@@ -140,4 +140,4 @@
     that:
       - result is changed
       - result.end_state == []
-      - result.existing | selectattr("clientRole", "eq", true) | selectattr("name", "eq", "{{role}}") | list | count > 0
+      - result.existing | selectattr("clientRole", "eq", true) | selectattr("name", "eq", role) | list | count > 0

tests/integration/targets/lookup_lmdb_kv/runme.sh

@@ -4,6 +4,10 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 set -eux
 
+if grep -Fq 'NAME="Arch Linux"' /etc/os-release; then
+  exit 0
+fi
+
 ANSIBLE_ROLES_PATH=../ \
     ansible-playbook dependencies.yml -v "$@"
 

tests/integration/targets/lookup_random_words/test.yml

@@ -27,6 +27,7 @@
         - result4[0] | length >= 17
         - result4[0] | length <= 29
         - result4[0] | regex_findall("[A-Z]") | length == 3
-        - result4[0].count("-") == 2
+        # If one of the random words is 't-shirt', there are more than 2 dashes...
+        - result4[0].count("-") == 2 or "t-shirt" in result4[0].lower()
         - result5 | length == 1
         - result5[0] | length == 15

tests/integration/targets/pipx_info/tasks/main.yml

@@ -9,10 +9,13 @@
     extra_args: --user
 
 ##############################################################################
-- name: ensure application tox is uninstalled
+- name: ensure applications are uninstalled
   community.general.pipx:
+    name: "{{ item }}"
     state: absent
-    name: tox
+  loop:
+    - tox
+    - pylint
 
 - name: retrieve applications (empty)
   community.general.pipx_info: {}

tests/integration/targets/setup_redis_replication/defaults/main.yml

@@ -8,7 +8,7 @@ redis_packages:
   Alpine:
   - redis
   Archlinux:
-  - redis
+  - valkey
   Debian:
   - redis-server
   Ubuntu:
@@ -22,13 +22,23 @@ redis_packages:
   FreeBSD:
   - redis
 
+redis_user:
+  Alpine: redis
+  Archlinux: valkey
+  Debian: redis
+  Ubuntu: redis
+  openSUSE Leap: redis
+  Fedora: "{{ '998' if ansible_distribution_major_version is version('41', '>=') else 'redis' }}"
+  CentOS: redis
+  FreeBSD: redis
+
 redis_bin:
   Alpine: /usr/bin/redis-server
   Archlinux: /usr/bin/redis-server
   Debian: /usr/bin/redis-server
   Ubuntu: /usr/bin/redis-server
   openSUSE Leap: /usr/sbin/redis-server
-  Fedora: /usr/bin/redis-server
+  Fedora: "/usr/bin/{{ 'valkey-server' if ansible_distribution_major_version is version('41', '>=') else 'redis-server' }}"
   CentOS: /usr/bin/redis-server
   FreeBSD: /usr/local/bin/redis-server
 

tests/integration/targets/setup_redis_replication/tasks/setup_redis_cluster.yml

@@ -24,8 +24,8 @@
   file:                                                                                                                                                                                                 
     path: "{{ item }}"
     state: directory                                                                                                                                                                                    
-    owner: redis
-    group: redis
+    owner: "{{ redis_user[ansible_distribution] }}"
+    group: "{{ redis_user[ansible_distribution] }}"
   loop:
   - "{{ master_datadir }}"
   - "{{ master_logdir }}"
@@ -54,10 +54,10 @@
     datadir: "{{ replica_datadir }}"
 
 - name: Start redis master
-  shell: "{{ redis_bin[ansible_distribution] }} {{ master_conf }}"
+  ansible.builtin.command: "{{ redis_bin[ansible_distribution] }} {{ master_conf }}"
 
 - name: Start redis replica
-  shell: "{{ redis_bin[ansible_distribution] }} {{ replica_conf }} --{% if old_redis %}slaveof{% else %}replicaof{% endif %} 127.0.0.1 {{ master_port }}"
+  ansible.builtin.command: "{{ redis_bin[ansible_distribution] }} {{ replica_conf }} --{% if old_redis %}slaveof{% else %}replicaof{% endif %} 127.0.0.1 {{ master_port }}"
 
 - name: Wait for redis master to be started
   ansible.builtin.wait_for:

tests/integration/targets/snap/aliases

@@ -11,3 +11,4 @@ skip/freebsd
 skip/osx
 skip/macos
 skip/docker
+skip/rhel8.8  # TODO: fix

tests/integration/targets/snap_alias/aliases

@@ -11,3 +11,4 @@ skip/freebsd
 skip/osx
 skip/macos
 skip/docker
+skip/rhel8.8  # TODO: fix

tests/integration/targets/supervisorctl/aliases

@@ -4,5 +4,7 @@
 
 azp/posix/2
 destructive
-skip/python3
 skip/aix
+skip/rhel  # TODO executables are installed in /usr/local/bin, which isn't part of $PATH
+skip/macos  # TODO executables are installed in /Library/Frameworks/Python.framework/Versions/3.11/bin, which isn't part of $PATH
+unstable # TODO fix!

tests/integration/targets/supervisorctl/tasks/install_pip.yml

@@ -5,5 +5,5 @@
 
 - name: install supervisord
   pip:
-    name: supervisor<4.0.0  # supervisor version 4.0.0 fails tests
+    name: supervisor
     state: present

tests/integration/targets/supervisorctl/tasks/main.yml

@@ -8,50 +8,54 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-- block:
-  - tempfile:
-      state: directory
-      suffix: supervisorctl-tests
-    register: supervisord_sock_path
+- when:
+    # setuptools is too old on RHEL/CentOS 6 (https://github.com/Supervisor/meld3/issues/23)
+    - ansible_os_family != 'RedHat' or ansible_distribution_major_version|int > 6
+    # For some reason CentOS 7 and OpenSuSE 15 do not work on ansible-core 2.16
+    - ansible_version.minor != 16 or ansible_distribution not in ['CentOS', 'openSUSE Leap']
+    # For some reason, OpenSuSE 15 with Python 2 does ont work on ansible-core 2.13
+    - ansible_version.minor != 13 or ansible_distribution != 'openSUSE Leap' or ansible_python.version.major != 2
+  block:
+    - block:
+      - tempfile:
+          state: directory
+          suffix: supervisorctl-tests
+        register: supervisord_sock_path
 
-  - command: 'echo {{ remote_tmp_dir }}'
-    register: echo
-  - set_fact:
-      remote_dir: '{{ echo.stdout }}'
+      - command: 'echo {{ remote_tmp_dir }}'
+        register: echo
+      - set_fact:
+          remote_dir: '{{ echo.stdout }}'
 
-  - include_vars: '{{ item }}'
-    with_first_found:
-      - files:
-          - '{{ ansible_distribution }}.yml'
-          - '{{ ansible_os_family }}.yml'
-          - 'defaults.yml'
+      - include_vars: '{{ item }}'
+        with_first_found:
+          - files:
+              - '{{ ansible_distribution }}.yml'
+              - '{{ ansible_os_family }}.yml'
+              - 'defaults.yml'
 
-  - include_tasks: '{{ item }}'
-    with_first_found:
-      - files:
-        - 'install_{{ ansible_distribution }}.yml' # CentOS
-        - 'install_{{ ansible_os_family }}.yml'    # RedHat
-        - 'install_{{ ansible_system }}.yml'       # Linux
+      - include_tasks: '{{ item }}'
+        with_first_found:
+          - files:
+            - 'install_{{ ansible_distribution }}.yml' # CentOS
+            - 'install_{{ ansible_os_family }}.yml'    # RedHat
+            - 'install_{{ ansible_system }}.yml'       # Linux
 
-  - include_tasks: test.yml
-    with_items:
-        - { username: '', password: '' }
-        - { username: 'testétest', password: 'passéword' } # non-ASCII credentials
-    loop_control:
-      loop_var: credentials
+      - include_tasks: test.yml
+        with_items:
+            - { username: '', password: '' }
+            - { username: 'testétest', password: 'passéword' } # non-ASCII credentials
+        loop_control:
+          loop_var: credentials
 
-  # setuptools is too old on RHEL/CentOS 6 (https://github.com/Supervisor/meld3/issues/23)
-  when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int > 6
+      always:
+      - include_tasks: '{{ item }}'
+        with_first_found:
+          - files:
+            - 'uninstall_{{ ansible_distribution }}.yml' # CentOS
+            - 'uninstall_{{ ansible_os_family }}.yml'    # RedHat
+            - 'uninstall_{{ ansible_system }}.yml'       # Linux
 
-  always:
-  - include_tasks: '{{ item }}'
-    when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int > 6
-    with_first_found:
-      - files:
-        - 'uninstall_{{ ansible_distribution }}.yml' # CentOS
-        - 'uninstall_{{ ansible_os_family }}.yml'    # RedHat
-        - 'uninstall_{{ ansible_system }}.yml'       # Linux
-
-  - file:
-      path: '{{ supervisord_sock_path.path }}'
-      state: absent
+      - file:
+          path: '{{ supervisord_sock_path.path }}'
+          state: absent

tests/integration/targets/supervisorctl/tasks/test.yml

@@ -7,6 +7,7 @@
   template:
     src: supervisord.conf
     dest: '{{ remote_dir }}/supervisord.conf'
+  diff: true
 
 - block:
     - import_tasks: start_supervisord.yml

tests/integration/targets/supervisorctl/tasks/test_start.yml

@@ -22,6 +22,8 @@
   when: credentials.username != ''
 
 - command: "supervisorctl -c {{ remote_dir }}/supervisord.conf {% if credentials.username %}-u {{ credentials.username }} -p {{ credentials.password }}{% endif %} status"
+  register: result_cmd
+  failed_when: result_cmd.rc not in [0, 3]
 
 - name: check that service is started
   assert:
@@ -30,8 +32,9 @@
       - (result is changed and result_with_auth is skip) or (result is skip and result_with_auth is changed)
 
 - name: check that service is running (part1) # py1.log content is checked below
-  script: "files/sendProcessStdin.py 'pys:py1' 2 \
-    '{{ credentials.username }}' '{{ credentials.password }}'"
+  script:
+    cmd: "files/sendProcessStdin.py 'pys:py1' 2 '{{ credentials.username }}' '{{ credentials.password }}'"
+    executable: "{{ ansible_facts.python.executable }}"
 
 - name: try again to start py1 service (without auth)
   supervisorctl:

tests/integration/targets/supervisorctl/tasks/test_stop.yml

@@ -24,6 +24,8 @@
   when: credentials.username != ''
 
 - command: "supervisorctl -c {{ remote_dir }}/supervisord.conf {% if credentials.username %}-u {{ credentials.username }} -p {{ credentials.password }}{% endif %} status"
+  register: result_cmd
+  failed_when: result_cmd.rc not in [0, 3]
 
 - name: check that service is stopped
   assert:
@@ -32,8 +34,9 @@
       - (result is changed and result_with_auth is skip) or (result is skip and result_with_auth is changed)
 
 - name: "check that service isn't running"
-  script: "files/sendProcessStdin.py 'pys:py1' 1 \
-    '{{ credentials.username }}' '{{ credentials.password }}'"
+  script:
+    cmd: "files/sendProcessStdin.py 'pys:py1' 1 '{{ credentials.username }}' '{{ credentials.password }}'"
+    executable: "{{ ansible_facts.python.executable }}"
   register: is_py1_alive
   failed_when: is_py1_alive is success
 

tests/integration/targets/sysrc/tasks/main.yml

@@ -140,11 +140,13 @@
     - name: Test within jail
       #
       # NOTE: currently fails with FreeBSD 12 with minor version less than 4
-      # NOTE: currently fails with FreeBSD 13 with minor version less than 2
+      # NOTE: currently fails with FreeBSD 13 with minor version less than 4
+      # NOTE: currently fails with FreeBSD 14 with minor version less than 1
       #
       when: >-
         ansible_distribution_version is version('12.4', '>=') and ansible_distribution_version is version('13', '<')
-        or ansible_distribution_version is version('13.2', '>=')
+        or ansible_distribution_version is version('13.4', '>=') and ansible_distribution_version is version('14', '<')
+        or ansible_distribution_version is version('14.1', '>=')
       block:
         - name: Setup testjail
           include_tasks: setup-testjail.yml

tests/sanity/extra/botmeta.py

@@ -3,10 +3,9 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 """Check BOTMETA file."""
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
 
-import ast
+from __future__ import annotations
+
 import os
 import re
 import sys
@@ -66,26 +65,27 @@ AUTHOR_REGEX = re.compile(r'^\w.*\(@([\w-]+)\)(?![\w.])')
 def read_authors(filename):
     data = {}
     try:
-        with open(filename, 'rb') as b_module_data:
-            M = ast.parse(b_module_data.read())
+        documentation = []
+        in_docs = False
+        with open(filename, 'r', encoding='utf-8') as f:
+            for line in f:
+                if line.startswith('DOCUMENTATION ='):
+                    in_docs = True
+                elif line.startswith(("'''", '"""')) and in_docs:
+                    in_docs = False
+                elif in_docs:
+                    documentation.append(line)
+        if in_docs:
+            print(f'{filename}: cannot find DOCUMENTATION end')
+            return []
+        if not documentation:
+            print(f'{filename}: cannot find DOCUMENTATION')
+            return []
 
-        for child in M.body:
-            if isinstance(child, ast.Assign):
-                for t in child.targets:
-                    try:
-                        theid = t.id
-                    except AttributeError:
-                        # skip errors can happen when trying to use the normal code
-                        continue
-
-                    if theid == 'DOCUMENTATION':
-                        if isinstance(child.value, ast.Dict):
-                            data = ast.literal_eval(child.value)
-                        else:
-                            data = yaml.safe_load(child.value.s)
+        data = yaml.safe_load('\n'.join(documentation))
 
     except Exception as e:
-        print('%s:%d:%d: Cannot load DOCUMENTATION: %s' % (filename, 0, 0, e))
+        print(f'{filename}:0:0: Cannot load DOCUMENTATION: {e}')
         return []
 
     author = data.get('author') or []
@@ -108,21 +108,21 @@ def validate(filename, filedata):
         return
     if filename.startswith(('plugins/doc_fragments/', 'plugins/module_utils/')):
         return
-    # Compile lis tof all active and inactive maintainers
+    # Compile list of all active and inactive maintainers
     all_maintainers = filedata['maintainers'] + filedata['ignore']
-    if not filename.startswith('plugins/filter/'):
+    if not filename.startswith(('plugins/action/', 'plugins/doc_fragments/', 'plugins/filter/', 'plugins/module_utils/', 'plugins/plugin_utils/')):
         maintainers = read_authors(filename)
         for maintainer in maintainers:
             maintainer = extract_author_name(maintainer)
             if maintainer is not None and maintainer not in all_maintainers:
-                msg = 'Author %s not mentioned as active or inactive maintainer for %s (mentioned are: %s)' % (
-                    maintainer, filename, ', '.join(all_maintainers))
-                print('%s:%d:%d: %s' % (FILENAME, 0, 0, msg))
+                others = ', '.join(all_maintainers)
+                msg = f'Author {maintainer} not mentioned as active or inactive maintainer for {filename} (mentioned are: {others})'
+                print(f'{FILENAME}:0:0: {msg}')
     should_have_no_maintainer = filename in IGNORE_NO_MAINTAINERS
     if not all_maintainers and not should_have_no_maintainer:
-        print('%s:%d:%d: %s' % (FILENAME, 0, 0, 'No (active or inactive) maintainer mentioned for %s' % filename))
+        print(f'{FILENAME}:0:0: No (active or inactive) maintainer mentioned for {filename}')
     if all_maintainers and should_have_no_maintainer:
-        print('%s:%d:%d: %s' % (FILENAME, 0, 0, 'Please remove %s from the ignore list of %s' % (filename, sys.argv[0])))
+        print(f'{FILENAME}:0:0: Please remove {filename} from the ignore list of {sys.argv[0]}')
 
 
 def main():
@@ -131,12 +131,12 @@ def main():
         with open(FILENAME, 'rb') as f:
             botmeta = yaml.safe_load(f)
     except yaml.error.MarkedYAMLError as ex:
-        print('%s:%d:%d: YAML load failed: %s' % (FILENAME, ex.context_mark.line +
-                                                  1, ex.context_mark.column + 1, re.sub(r'\s+', ' ', str(ex))))
+        msg = re.sub(r'\s+', ' ', str(ex))
+        print('f{FILENAME}:{ex.context_mark.line + 1}:{ex.context_mark.column + 1}: YAML load failed: {msg}')
         return
     except Exception as ex:  # pylint: disable=broad-except
-        print('%s:%d:%d: YAML load failed: %s' %
-              (FILENAME, 0, 0, re.sub(r'\s+', ' ', str(ex))))
+        msg = re.sub(r'\s+', ' ', str(ex))
+        print(f'{FILENAME}:0:0: YAML load failed: {msg}')
         return
 
     # Validate schema
@@ -169,7 +169,7 @@ def main():
     except MultipleInvalid as ex:
         for error in ex.errors:
             # No way to get line/column numbers
-            print('%s:%d:%d: %s' % (FILENAME, 0, 0, humanize_error(botmeta, error)))
+            print(f'{FILENAME}:0:0: {humanize_error(botmeta, error)}')
         return
 
     # Preprocess (substitute macros, convert to lists)
@@ -181,7 +181,7 @@ def main():
             macro = m.group(1)
             replacement = (macros[macro] or '')
             if macro == 'team_ansible_core':
-                return '$team_ansible_core %s' % replacement
+                return f'$team_ansible_core {replacement}'
             return replacement
 
         return macro_re.sub(f, text)
@@ -196,13 +196,13 @@ def main():
                 if k in LIST_ENTRIES:
                     filedata[k] = v.split()
     except KeyError as e:
-        print('%s:%d:%d: %s' % (FILENAME, 0, 0, 'Found unknown macro %s' % e))
+        print(f'{FILENAME}:0:0: Found unknown macro {e}')
         return
 
     # Scan all files
     unmatched = set(files)
     for dirs in ('docs/docsite/rst', 'plugins', 'tests', 'changelogs'):
-        for dirpath, dirnames, filenames in os.walk(dirs):
+        for dirpath, _dirnames, filenames in os.walk(dirs):
             for file in sorted(filenames):
                 if file.endswith('.pyc'):
                     continue
@@ -217,10 +217,10 @@ def main():
                             if file in unmatched:
                                 unmatched.remove(file)
                     if not matching_files:
-                        print('%s:%d:%d: %s' % (FILENAME, 0, 0, 'Did not find any entry for %s' % filename))
+                        print(f'{FILENAME}:0:0: Did not find any entry for {filename}')
 
                     matching_files.sort(key=lambda kv: kv[0])
-                    filedata = dict()
+                    filedata = {}
                     for k in LIST_ENTRIES:
                         filedata[k] = []
                     for dummy, data in matching_files:
@@ -231,7 +231,7 @@ def main():
                     validate(filename, filedata)
 
     for file in unmatched:
-        print('%s:%d:%d: %s' % (FILENAME, 0, 0, 'Entry %s was not used' % file))
+        print(f'{FILENAME}:0:0: Entry {file} was not used')
 
 
 if __name__ == '__main__':

tests/utils/shippable/aix.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/alpine.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/fedora.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/freebsd.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/generic.sh

@@ -1,21 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-python="${args[1]}"
-group="${args[2]}"
-
-target="azp/generic/${group}/"
-
-stage="${S:-prod}"
-
-# shellcheck disable=SC2086
-ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
-    --remote-terminate always --remote-stage "${stage}" \
-    --docker --python "${python}"

tests/utils/shippable/linux-community.sh

@@ -1,22 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-image="${args[1]}"
-python="${args[2]}"
-
-if [ "${#args[@]}" -gt 3 ]; then
-    target="azp/posix/${args[3]}/"
-else
-    target="azp/posix/"
-fi
-
-# shellcheck disable=SC2086
-ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
-    --docker "quay.io/ansible-community/test-image:${image}" --python "${python}"

tests/utils/shippable/linux.sh

@@ -1,21 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-image="${args[1]}"
-
-if [ "${#args[@]}" -gt 2 ]; then
-    target="azp/posix/${args[2]}/"
-else
-    target="azp/posix/"
-fi
-
-# shellcheck disable=SC2086
-ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
-    --docker "${image}"

tests/utils/shippable/macos.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/osx.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/remote.sh

@@ -1,29 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-platform="${args[0]}"
-version="${args[1]}"
-
-if [ "${#args[@]}" -gt 2 ]; then
-    target="azp/posix/${args[2]}/"
-else
-    target="azp/posix/"
-fi
-
-stage="${S:-prod}"
-provider="${P:-default}"
-
-if [ "${platform}" == "rhel" ] && [[ "${version}" =~ ^8 ]]; then
-    echo "pynacl >= 1.4.0, < 1.5.0; python_version == '3.6'" >> tests/utils/constraints.txt
-fi
-
-# shellcheck disable=SC2086
-ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
-    --remote "${platform}/${version}" --remote-terminate always --remote-stage "${stage}" --remote-provider "${provider}"

tests/utils/shippable/rhel.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/sanity.sh

@@ -1,45 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-group="${args[1]}"
-
-if [ "${BASE_BRANCH:-}" ]; then
-    base_branch="origin/${BASE_BRANCH}"
-else
-    base_branch=""
-fi
-
-if [ "${group}" == "extra" ]; then
-    ../internal_test_tools/tools/run.py --color --bot --junit
-    exit
-fi
-
-case "${group}" in
-    1) options=(--skip-test pylint --skip-test ansible-doc --skip-test validate-modules) ;;
-    2) options=(                   --test      ansible-doc      --test validate-modules) ;;
-    3) options=(--test pylint           plugins/modules/) ;;
-    4) options=(--test pylint --exclude plugins/modules/) ;;
-esac
-
-# allow collection migration sanity tests for groups 3 and 4 to pass without updating this script during migration
-network_path="lib/ansible/modules/network/"
-
-if [ -d "${network_path}" ]; then
-    if [ "${group}" -eq 3 ]; then
-        options+=(--exclude "${network_path}")
-    elif [ "${group}" -eq 4 ]; then
-        options+=("${network_path}")
-    fi
-fi
-
-# shellcheck disable=SC2086
-ansible-test sanity --color -v --junit ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} \
-    --docker --base-branch "${base_branch}" \
-    "${options[@]}" --allow-disabled

tests/utils/shippable/shippable.sh

@@ -1,223 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-ansible_version="${args[0]}"
-script="${args[1]}"
-
-function join {
-    local IFS="$1";
-    shift;
-    echo "$*";
-}
-
-# Ensure we can write other collections to this dir
-sudo chown "$(whoami)" "${PWD}/../../"
-
-test="$(join / "${args[@]:1}")"
-
-docker images ansible/ansible
-docker images quay.io/ansible/*
-docker ps
-
-for container in $(docker ps --format '{{.Image}} {{.ID}}' | grep -v -e '^drydock/' -e '^quay.io/ansible/azure-pipelines-test-container:' | sed 's/^.* //'); do
-    docker rm -f "${container}" || true  # ignore errors
-done
-
-docker ps
-
-if [ -d /home/shippable/cache/ ]; then
-    ls -la /home/shippable/cache/
-fi
-
-command -v python
-python -V
-
-function retry
-{
-    # shellcheck disable=SC2034
-    for repetition in 1 2 3; do
-        set +e
-        "$@"
-        result=$?
-        set -e
-        if [ ${result} == 0 ]; then
-            return ${result}
-        fi
-        echo "@* -> ${result}"
-    done
-    echo "Command '@*' failed 3 times!"
-    exit 255
-}
-
-command -v pip
-pip --version
-pip list --disable-pip-version-check
-if [ "${ansible_version}" == "devel" ]; then
-    retry pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
-else
-    retry pip install "https://github.com/ansible/ansible/archive/stable-${ansible_version}.tar.gz" --disable-pip-version-check
-fi
-
-export ANSIBLE_COLLECTIONS_PATHS="${PWD}/../../../"
-
-if [ "${test}" == "sanity/extra" ]; then
-    retry pip install junit-xml --disable-pip-version-check
-fi
-
-# START: HACK install dependencies
-if [ "${script}" != "sanity" ] || [ "${test}" == "sanity/extra" ]; then
-    # Nothing further should be added to this list.
-    # This is to prevent modules or plugins in this collection having a runtime dependency on other collections.
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/internal_test_tools"
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.docker.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/docker"
-    # NOTE: we're installing with git to work around Galaxy being a huge PITA (https://github.com/ansible/galaxy/issues/2429)
-    # retry ansible-galaxy -vvv collection install community.internal_test_tools
-fi
-
-if [ "${script}" != "sanity" ] && [ "${script}" != "units" ] && [ "${test}" != "sanity/extra" ]; then
-    # To prevent Python dependencies on other collections only install other collections for integration tests
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/ansible.posix.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/ansible/posix"
-    retry git clone --depth=1 --single-branch https://github.com/ansible-collections/community.crypto.git "${ANSIBLE_COLLECTIONS_PATHS}/ansible_collections/community/crypto"
-    # NOTE: we're installing with git to work around Galaxy being a huge PITA (https://github.com/ansible/galaxy/issues/2429)
-    # retry ansible-galaxy -vvv collection install ansible.posix
-    # retry ansible-galaxy -vvv collection install community.crypto
-fi
-
-# END: HACK
-
-export PYTHONIOENCODING='utf-8'
-
-if [ "${JOB_TRIGGERED_BY_NAME:-}" == "nightly-trigger" ]; then
-    COVERAGE=yes
-    COMPLETE=yes
-fi
-
-if [ -n "${COVERAGE:-}" ]; then
-    # on-demand coverage reporting triggered by setting the COVERAGE environment variable to a non-empty value
-    export COVERAGE="--coverage"
-elif [[ "${COMMIT_MESSAGE}" =~ ci_coverage ]]; then
-    # on-demand coverage reporting triggered by having 'ci_coverage' in the latest commit message
-    export COVERAGE="--coverage"
-else
-    # on-demand coverage reporting disabled (default behavior, always-on coverage reporting remains enabled)
-    export COVERAGE="--coverage-check"
-fi
-
-if [ -n "${COMPLETE:-}" ]; then
-    # disable change detection triggered by setting the COMPLETE environment variable to a non-empty value
-    export CHANGED=""
-elif [[ "${COMMIT_MESSAGE}" =~ ci_complete ]]; then
-    # disable change detection triggered by having 'ci_complete' in the latest commit message
-    export CHANGED=""
-else
-    # enable change detection (default behavior)
-    export CHANGED="--changed"
-fi
-
-if [ "${IS_PULL_REQUEST:-}" == "true" ]; then
-    # run unstable tests which are targeted by focused changes on PRs
-    export UNSTABLE="--allow-unstable-changed"
-else
-    # do not run unstable tests outside PRs
-    export UNSTABLE=""
-fi
-
-# remove empty core/extras module directories from PRs created prior to the repo-merge
-find plugins -type d -empty -print -delete
-
-function cleanup
-{
-    # for complete on-demand coverage generate a report for all files with no coverage on the "sanity/5" job so we only have one copy
-    if [ "${COVERAGE}" == "--coverage" ] && [ "${CHANGED}" == "" ] && [ "${test}" == "sanity/5" ]; then
-        stub="--stub"
-        # trigger coverage reporting for stubs even if no other coverage data exists
-        mkdir -p tests/output/coverage/
-    else
-        stub=""
-    fi
-
-    if [ -d tests/output/coverage/ ]; then
-        if find tests/output/coverage/ -mindepth 1 -name '.*' -prune -o -print -quit | grep -q .; then
-            process_coverage='yes'  # process existing coverage files
-        elif [ "${stub}" ]; then
-            process_coverage='yes'  # process coverage when stubs are enabled
-        else
-            process_coverage=''
-        fi
-
-        if [ "${process_coverage}" ]; then
-            # use python 3.7 for coverage to avoid running out of memory during coverage xml processing
-            # only use it for coverage to avoid the additional overhead of setting up a virtual environment for a potential no-op job
-            virtualenv --python /usr/bin/python3.7 ~/ansible-venv
-            set +ux
-            . ~/ansible-venv/bin/activate
-            set -ux
-
-            # shellcheck disable=SC2086
-            ansible-test coverage xml --color -v --requirements --group-by command --group-by version ${stub:+"$stub"}
-            cp -a tests/output/reports/coverage=*.xml "$SHIPPABLE_RESULT_DIR/codecoverage/"
-
-            if [ "${ansible_version}" != "2.9" ]; then
-                # analyze and capture code coverage aggregated by integration test target
-                ansible-test coverage analyze targets generate -v "$SHIPPABLE_RESULT_DIR/testresults/coverage-analyze-targets.json"
-            fi
-
-            # upload coverage report to codecov.io only when using complete on-demand coverage
-            if [ "${COVERAGE}" == "--coverage" ] && [ "${CHANGED}" == "" ]; then
-                for file in tests/output/reports/coverage=*.xml; do
-                    flags="${file##*/coverage=}"
-                    flags="${flags%-powershell.xml}"
-                    flags="${flags%.xml}"
-                    # remove numbered component from stub files when converting to tags
-                    flags="${flags//stub-[0-9]*/stub}"
-                    flags="${flags//=/,}"
-                    flags="${flags//[^a-zA-Z0-9_,]/_}"
-
-                    bash <(curl -s https://ansible-ci-files.s3.us-east-1.amazonaws.com/codecov/codecov.sh) \
-                        -f "${file}" \
-                        -F "${flags}" \
-                        -n "${test}" \
-                        -t 20636cf5-4d6a-4b9a-8d2d-6f22ebbaa752 \
-                        -X coveragepy \
-                        -X gcov \
-                        -X fix \
-                        -X search \
-                        -X xcode \
-                    || echo "Failed to upload code coverage report to codecov.io: ${file}"
-                done
-            fi
-        fi
-    fi
-
-    if [ -d  tests/output/junit/ ]; then
-      cp -aT tests/output/junit/ "$SHIPPABLE_RESULT_DIR/testresults/"
-    fi
-
-    if [ -d tests/output/data/ ]; then
-      cp -a tests/output/data/ "$SHIPPABLE_RESULT_DIR/testresults/"
-    fi
-
-    if [ -d  tests/output/bot/ ]; then
-      cp -aT tests/output/bot/ "$SHIPPABLE_RESULT_DIR/testresults/"
-    fi
-}
-
-if [ "${SHIPPABLE_BUILD_ID:-}" ]; then trap cleanup EXIT; fi
-
-if [[ "${COVERAGE:-}" == "--coverage" ]]; then
-    timeout=60
-else
-    timeout=50
-fi
-
-ansible-test env --dump --show --timeout "${timeout}" --color -v
-
-if [ "${SHIPPABLE_BUILD_ID:-}" ]; then "tests/utils/shippable/check_matrix.py"; fi
-"tests/utils/shippable/${script}.sh" "${test}" "${ansible_version}"

tests/utils/shippable/ubuntu.sh

@@ -1 +0,0 @@
-remote.sh

tests/utils/shippable/units.sh

@@ -1,41 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-set -o pipefail -eux
-
-declare -a args
-IFS='/:' read -ra args <<< "$1"
-
-version="${args[1]}"
-group="${args[2]}"
-
-if [[ "${COVERAGE:-}" == "--coverage" ]]; then
-    timeout=90
-else
-    timeout=30
-fi
-
-group1=()
-
-case "${group}" in
-    1) options=("${group1[@]:+${group1[@]}}") ;;
-esac
-
-ansible-test env --timeout "${timeout}" --color -v
-
-if [ "$2" == "2.9" ]; then
-    # 1.5.0+ will not install for Python 3.6+ in the 2.9 setting (due to `enum` being installed)
-    echo "pynacl >= 1.4.0, < 1.5.0; python_version >= '3.6'" >> tests/unit/requirements.txt
-fi
-
-if [ "$2" == "2.10" ]; then
-    sed -i -E 's/^redis($| .*)/redis < 4.1.0/g' tests/unit/requirements.txt
-    sed -i -E 's/^python-gitlab($| .*)/python-gitlab < 2.10.1 ; python_version >= '\'3.6\''/g' tests/unit/requirements.txt
-    echo "python-gitlab ; python_version < '3.6'" >> tests/unit/requirements.txt
-fi
-
-# shellcheck disable=SC2086
-ansible-test units --color -v --docker default --python "${version}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} \
-    "${options[@]:+${options[@]}}" \