internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-04-30 18:36:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: internet:9.0.0
Branches Tags
internet:main internet:stable-12 internet:stable-10 internet:stable-11 internet:stable-9 internet:stable-8 internet:stable-7 internet:stable-6 internet:stable-5 internet:stable-4 internet:stable-3 internet:stable-2 internet:stable-1
internet:12.6.0 internet:11.4.7 internet:12.5.0 internet:11.4.6 internet:12.4.0 internet:11.4.5 internet:10.7.8 internet:12.3.0 internet:11.4.4 internet:12.2.0 internet:10.7.7 internet:11.4.3 internet:12.1.0 internet:11.4.2 internet:12.0.1 internet:12.0.0 internet:11.4.1 internet:10.7.6 internet:9.5.13 internet:11.4.0 internet:10.7.5 internet:9.5.12 internet:11.3.0 internet:10.7.4 internet:11.2.1 internet:11.2.0 internet:10.7.3 internet:9.5.11 internet:11.1.2 internet:11.1.1 internet:11.1.0 internet:10.7.2 internet:9.5.10 internet:11.0.0 internet:10.7.1 internet:9.5.9 internet:8.6.11 internet:10.7.0 internet:9.5.8 internet:10.6.0 internet:9.5.7 internet:10.5.0 internet:9.5.6 internet:10.4.0 internet:9.5.5 internet:10.3.1 internet:10.3.0 internet:9.5.4 internet:8.6.10 internet:10.2.0 internet:9.5.3 internet:8.6.9 internet:10.1.0 internet:9.5.2 internet:8.6.8 internet:10.0.1 internet:10.0.0 internet:9.5.1 internet:8.6.7 internet:7.5.9 internet:9.5.0 internet:8.6.6 internet:9.4.0 internet:8.6.5 internet:9.3.0 internet:8.6.4 internet:9.2.0 internet:8.6.3 internet:9.1.0 internet:8.6.2 internet:9.0.1 internet:9.0.0 internet:8.6.1 internet:7.5.8 internet:6.6.9 internet:8.6.0 internet:7.5.7 internet:8.5.0 internet:7.5.6 internet:6.6.8 internet:8.4.0 internet:7.5.5 internet:8.3.0 internet:7.5.4 internet:8.2.0 internet:7.5.3 internet:8.1.0 internet:7.5.2 internet:8.0.2 internet:8.0.1 internet:7.5.1 internet:6.6.7 internet:5.8.10 internet:8.0.0 internet:7.5.0 internet:6.6.6 internet:7.4.0 internet:6.6.5 internet:7.3.0 internet:6.6.4 internet:7.2.1 internet:7.2.0 internet:6.6.3 internet:5.8.9 internet:7.1.0 internet:6.6.2 internet:7.0.1 internet:6.6.1 internet:7.0.0 internet:4.8.11 internet:6.6.0 internet:5.8.8 internet:6.5.0 internet:5.8.7 internet:4.8.10 internet:6.4.0 internet:5.8.6 internet:6.3.0 internet:5.8.5 internet:6.2.0 internet:5.8.4 internet:6.1.0 internet:5.8.3 internet:5.8.2 internet:6.0.1 internet:5.8.1 internet:6.0.0 internet:4.8.9 internet:3.8.10 internet:6.0.0-a1 internet:5.8.0 internet:4.8.8 internet:5.7.0 internet:4.8.7 internet:5.6.0 internet:5.5.0 internet:4.8.6 internet:3.8.9 internet:5.4.0 internet:4.8.5 internet:5.3.0 internet:4.8.4 internet:5.2.0 internet:4.8.3 internet:5.1.1 internet:5.1.0 internet:5.0.2 internet:4.8.2 internet:3.8.8 internet:5.0.1 internet:5.0.0 internet:4.8.1 internet:3.8.7 internet:2.5.9 internet:1.3.14 internet:5.0.0-a1 internet:4.8.0 internet:4.7.0 internet:3.8.6 internet:4.6.1 internet:4.6.0 internet:4.5.0 internet:3.8.5 internet:4.4.0 internet:2.5.8 internet:1.3.13 internet:4.3.0 internet:3.8.4 internet:4.2.0 internet:3.8.3 internet:3.8.2 internet:4.1.0 internet:4.0.2 internet:4.0.1 internet:2.5.7 internet:4.0.0 internet:3.8.1 internet:3.8.0 internet:3.7.0 internet:2.5.6 internet:3.6.0 internet:1.3.12 internet:3.5.0 internet:2.5.5 internet:3.4.0 internet:3.3.2 internet:3.3.1 internet:3.3.0 internet:2.5.4 internet:1.3.11 internet:3.2.0 internet:2.5.3 internet:3.1.0 internet:3.0.2 internet:2.5.2 internet:3.0.1 internet:3.0.0 internet:1.3.10 internet:2.5.1 internet:2.5.0 internet:2.4.0 internet:2.3.0 internet:1.3.9 internet:1.3.8 internet:2.2.0 internet:1.3.7 internet:2.1.1 internet:2.1.0 internet:2.0.1 internet:1.3.6 internet:2.0.0 internet:1.3.5 internet:1.3.4 internet:1.3.3 internet:1.3.2 internet:1.3.1 internet:1.3.0 internet:1.2.0 internet:1.1.0 internet:1.0.0 internet:0.3.0-experimental.meta.redirects-3 internet:0.2.1 internet:0.3.0-experimental.meta.redirects internet:0.2.0 internet:0.1.4 internet:0.1.3 internet:0.1.2 internet:0.1.1 internet:0.1.0
..
compare: internet:8.0.2
Branches Tags
internet:main internet:stable-12 internet:stable-10 internet:stable-11 internet:stable-9 internet:stable-8 internet:stable-7 internet:stable-6 internet:stable-5 internet:stable-4 internet:stable-3 internet:stable-2 internet:stable-1
internet:12.6.0 internet:11.4.7 internet:12.5.0 internet:11.4.6 internet:12.4.0 internet:11.4.5 internet:10.7.8 internet:12.3.0 internet:11.4.4 internet:12.2.0 internet:10.7.7 internet:11.4.3 internet:12.1.0 internet:11.4.2 internet:12.0.1 internet:12.0.0 internet:11.4.1 internet:10.7.6 internet:9.5.13 internet:11.4.0 internet:10.7.5 internet:9.5.12 internet:11.3.0 internet:10.7.4 internet:11.2.1 internet:11.2.0 internet:10.7.3 internet:9.5.11 internet:11.1.2 internet:11.1.1 internet:11.1.0 internet:10.7.2 internet:9.5.10 internet:11.0.0 internet:10.7.1 internet:9.5.9 internet:8.6.11 internet:10.7.0 internet:9.5.8 internet:10.6.0 internet:9.5.7 internet:10.5.0 internet:9.5.6 internet:10.4.0 internet:9.5.5 internet:10.3.1 internet:10.3.0 internet:9.5.4 internet:8.6.10 internet:10.2.0 internet:9.5.3 internet:8.6.9 internet:10.1.0 internet:9.5.2 internet:8.6.8 internet:10.0.1 internet:10.0.0 internet:9.5.1 internet:8.6.7 internet:7.5.9 internet:9.5.0 internet:8.6.6 internet:9.4.0 internet:8.6.5 internet:9.3.0 internet:8.6.4 internet:9.2.0 internet:8.6.3 internet:9.1.0 internet:8.6.2 internet:9.0.1 internet:9.0.0 internet:8.6.1 internet:7.5.8 internet:6.6.9 internet:8.6.0 internet:7.5.7 internet:8.5.0 internet:7.5.6 internet:6.6.8 internet:8.4.0 internet:7.5.5 internet:8.3.0 internet:7.5.4 internet:8.2.0 internet:7.5.3 internet:8.1.0 internet:7.5.2 internet:8.0.2 internet:8.0.1 internet:7.5.1 internet:6.6.7 internet:5.8.10 internet:8.0.0 internet:7.5.0 internet:6.6.6 internet:7.4.0 internet:6.6.5 internet:7.3.0 internet:6.6.4 internet:7.2.1 internet:7.2.0 internet:6.6.3 internet:5.8.9 internet:7.1.0 internet:6.6.2 internet:7.0.1 internet:6.6.1 internet:7.0.0 internet:4.8.11 internet:6.6.0 internet:5.8.8 internet:6.5.0 internet:5.8.7 internet:4.8.10 internet:6.4.0 internet:5.8.6 internet:6.3.0 internet:5.8.5 internet:6.2.0 internet:5.8.4 internet:6.1.0 internet:5.8.3 internet:5.8.2 internet:6.0.1 internet:5.8.1 internet:6.0.0 internet:4.8.9 internet:3.8.10 internet:6.0.0-a1 internet:5.8.0 internet:4.8.8 internet:5.7.0 internet:4.8.7 internet:5.6.0 internet:5.5.0 internet:4.8.6 internet:3.8.9 internet:5.4.0 internet:4.8.5 internet:5.3.0 internet:4.8.4 internet:5.2.0 internet:4.8.3 internet:5.1.1 internet:5.1.0 internet:5.0.2 internet:4.8.2 internet:3.8.8 internet:5.0.1 internet:5.0.0 internet:4.8.1 internet:3.8.7 internet:2.5.9 internet:1.3.14 internet:5.0.0-a1 internet:4.8.0 internet:4.7.0 internet:3.8.6 internet:4.6.1 internet:4.6.0 internet:4.5.0 internet:3.8.5 internet:4.4.0 internet:2.5.8 internet:1.3.13 internet:4.3.0 internet:3.8.4 internet:4.2.0 internet:3.8.3 internet:3.8.2 internet:4.1.0 internet:4.0.2 internet:4.0.1 internet:2.5.7 internet:4.0.0 internet:3.8.1 internet:3.8.0 internet:3.7.0 internet:2.5.6 internet:3.6.0 internet:1.3.12 internet:3.5.0 internet:2.5.5 internet:3.4.0 internet:3.3.2 internet:3.3.1 internet:3.3.0 internet:2.5.4 internet:1.3.11 internet:3.2.0 internet:2.5.3 internet:3.1.0 internet:3.0.2 internet:2.5.2 internet:3.0.1 internet:3.0.0 internet:1.3.10 internet:2.5.1 internet:2.5.0 internet:2.4.0 internet:2.3.0 internet:1.3.9 internet:1.3.8 internet:2.2.0 internet:1.3.7 internet:2.1.1 internet:2.1.0 internet:2.0.1 internet:1.3.6 internet:2.0.0 internet:1.3.5 internet:1.3.4 internet:1.3.3 internet:1.3.2 internet:1.3.1 internet:1.3.0 internet:1.2.0 internet:1.1.0 internet:1.0.0 internet:0.3.0-experimental.meta.redirects-3 internet:0.2.1 internet:0.3.0-experimental.meta.redirects internet:0.2.0 internet:0.1.4 internet:0.1.3 internet:0.1.2 internet:0.1.1 internet:0.1.0

19 Commits
9.0.0 ... 8.0.2

Author SHA1 Message Date
Felix Fontein
28d7c499b5 Release 8.0.2. 2023-11-13 19:58:06 +01:00
Felix Fontein
9f218be912 Prepare 8.0.2 release. 2023-11-11 12:39:26 +01:00
Felix Fontein
363936a544 Fix RST code formatting. 
(cherry picked from commit e1503fc306)
 2023-11-11 12:38:33 +01:00
patchback[bot]
a8351fa9df [PR #7506/c2e578cb backport][stable-8] pipx: change parameter formatter for pip_args (#7514) 
pipx: change parameter formatter for pip_args (#7506)

* change parameter formatter for pip_args

* add changelog frag

(cherry picked from commit c2e578cb14)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
 2023-11-11 12:36:48 +01:00
patchback[bot]
4b84127ef3 [PR #7501/48e860be backport][stable-8] Use isinstance() instead of type() (#7503) 
Use isinstance() instead of type() (#7501)

* Replace type comparisons with isinstance() checks.

* Add changelog.

(cherry picked from commit 48e860be20)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2023-11-08 13:27:04 +01:00
Felix Fontein
82e1f24d2e The next expected release is 8.0.2. 2023-11-06 21:43:17 +01:00
Felix Fontein
9e8b6ea803 Release 8.0.1. 2023-11-06 21:05:10 +01:00
Felix Fontein
db8a6609de Fix release summary. 2023-11-06 21:04:45 +01:00
patchback[bot]
5be75b8e43 [PR #7464/03049893 backport][stable-8] fix vm removal in proxmox_pool_member.py (#7494) 
fix vm removal in proxmox_pool_member.py (#7464)

* fix vm removal in proxmox_pool_member.py

in the original the vm doesn't get removed, always errors with "'Failed to delete a member (12345) from the pool TestPool: list.remove(x): x not in list'

* add changelog fragment

* fix linting errors in changelog

(cherry picked from commit 0304989392)

Co-authored-by: aungvari <12872375+aungvari@users.noreply.github.com>
 2023-11-06 20:45:46 +01:00
patchback[bot]
71b1ae0aff [PR #7471/ab0b85d7 backport][stable-8] Redfish: Updated message handling for update operations to skip message objects with missing MessageId properties (#7492) 
Redfish: Updated message handling for update operations to skip message objects with missing MessageId properties (#7471)

* Redfish: Updated message handling for update operations to skip message objects with missing MessageId properties

Signed-off-by: Mike Raineri <michael.raineri@dell.com>

* Update 7465-redfish-firmware-update-message-id-hardening.yml

---------

Signed-off-by: Mike Raineri <michael.raineri@dell.com>
(cherry picked from commit ab0b85d7d2)

Co-authored-by: Mike Raineri <mraineri@gmail.com>
 2023-11-06 06:25:16 +01:00
patchback[bot]
9b2fa2cfd7 [PR #7480/74e941e4 backport][stable-8] Disable nomad tests (#7484) 
Disable nomad tests (#7480)

Disable nomad tests.

(cherry picked from commit 74e941e432)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2023-11-04 14:01:15 +01:00
patchback[bot]
83193ffc1f [PR #7476/57e36d7d backport][stable-8] timezone tests: do not restore original timezone if it wasn't known (value 'n/a') (#7479) 
timezone tests: do not restore original timezone if it wasn't known (value 'n/a') (#7476)

Do not restore original timezone if it wasn't known (value 'n/a').

(cherry picked from commit 57e36d7dc2)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2023-11-04 13:23:02 +01:00
Felix Fontein
4b955a3548 Prepare 8.0.1 release. 2023-11-04 12:18:42 +01:00
patchback[bot]
c7dbda3656 [PR #7467/a366318a backport][stable-8] [gitlab] Fix gitlab constants calls (#7474) 
[gitlab] Fix gitlab constants calls (#7467)

fix: Fix gitlab constants calls

Co-authored-by: Arnaud Hatzenbuhler <arnaud.hatzenbuhler@conserto.pro>
(cherry picked from commit a366318ac6)

Co-authored-by: Arnaud Hatzenbuhler <arnaud.hatzenbuhler@gmail.com>
 2023-11-04 09:31:49 +01:00
Felix Fontein
e98cf96499 Fix version number. 2023-11-02 13:13:50 +01:00
Felix Fontein
8d52dc3f1d Next expected release will be 8.0.1. 2023-11-01 09:19:18 +01:00
Felix Fontein
5f9ea0b7ac Release 8.0.0. 2023-11-01 08:34:14 +01:00
Felix Fontein
d125f5bee6 Main branches are stable-8 and stable-7; stable-6 runs more seldomly in CI. 
(cherry picked from commit 6d0bcec1cb)
 2023-11-01 08:10:31 +01:00
Felix Fontein
82c5970811 Prepare 8.0.0 release. 2023-11-01 08:09:07 +01:00
652 changed files with 18399 additions and 22916 deletions
Expand all files Collapse all files

193
.azure-pipelines/azure-pipelines.yml
View File

@@ -29,14 +29,14 @@ schedules:
always: true
branches:
include:
- stable-9
- stable-8
- stable-7
- cron: 0 11 * * 0
displayName: Weekly (old stable branches)
always: true
branches:
include:
- stable-7
- stable-6
variables:
- name: checkoutPath
@@ -73,19 +73,6 @@ stages:
- test: 3
- test: 4
- test: extra
- stage: Sanity_2_17
displayName: Sanity 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: 2.17/sanity/{0}
targets:
- test: 1
- test: 2
- test: 3
- test: 4
- stage: Sanity_2_16
displayName: Sanity 2.16
dependsOn: []
@@ -112,6 +99,19 @@ stages:
- test: 2
- test: 3
- test: 4
- stage: Sanity_2_14
displayName: Sanity 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Test {0}
testFormat: 2.14/sanity/{0}
targets:
- test: 1
- test: 2
- test: 3
- test: 4
### Units
- stage: Units_devel
displayName: Units devel
@@ -122,22 +122,12 @@ stages:
nameFormat: Python {0}
testFormat: devel/units/{0}/1
targets:
- test: 3.7
- test: 3.8
- test: 3.9
- test: '3.10'
- test: '3.11'
- test: '3.12'
- stage: Units_2_17
displayName: Units 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.17/units/{0}/1
targets:
- test: 3.7
- test: "3.12"
- stage: Units_2_16
displayName: Units 2.16
dependsOn: []
@@ -161,6 +151,16 @@ stages:
targets:
- test: 3.5
- test: "3.10"
- stage: Units_2_14
displayName: Units 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.14/units/{0}/1
targets:
- test: 3.9
## Remote
- stage: Remote_devel_extra_vms
@@ -171,10 +171,10 @@ stages:
parameters:
testFormat: devel/{0}
targets:
- name: Alpine 3.19
test: alpine/3.19
# - name: Fedora 39
# test: fedora/39
- name: Alpine 3.18
test: alpine/3.18
# - name: Fedora 38
# test: fedora/38
- name: Ubuntu 22.04
test: ubuntu/22.04
groups:
@@ -187,26 +187,12 @@ stages:
parameters:
testFormat: devel/{0}
targets:
- name: macOS 14.3
test: macos/14.3
- name: RHEL 9.3
test: rhel/9.3
- name: FreeBSD 14.0
test: freebsd/14.0
groups:
- 1
- 2
- 3
- stage: Remote_2_17
displayName: Remote 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.17/{0}
targets:
- name: FreeBSD 13.3
test: freebsd/13.3
- name: macOS 13.2
test: macos/13.2
- name: RHEL 9.2
test: rhel/9.2
- name: FreeBSD 13.2
test: freebsd/13.2
groups:
- 1
- 2
@@ -219,14 +205,12 @@ stages:
parameters:
testFormat: 2.16/{0}
targets:
- name: macOS 13.2
test: macos/13.2
- name: RHEL 9.2
test: rhel/9.2
#- name: macOS 13.2
# test: macos/13.2
- name: RHEL 8.8
test: rhel/8.8
- name: FreeBSD 13.2
test: freebsd/13.2
#- name: FreeBSD 13.2
# test: freebsd/13.2
groups:
- 1
- 2
@@ -245,10 +229,28 @@ stages:
test: rhel/8.7
- name: RHEL 7.9
test: rhel/7.9
# - name: FreeBSD 13.1
# test: freebsd/13.1
# - name: FreeBSD 12.4
# test: freebsd/12.4
- name: FreeBSD 13.1
test: freebsd/13.1
- name: FreeBSD 12.4
test: freebsd/12.4
groups:
- 1
- 2
- 3
- stage: Remote_2_14
displayName: Remote 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.14/{0}
targets:
#- name: macOS 12.0
# test: macos/12.0
- name: RHEL 9.0
test: rhel/9.0
#- name: FreeBSD 12.4
# test: freebsd/12.4
groups:
- 1
- 2
@@ -263,26 +265,14 @@ stages:
parameters:
testFormat: devel/linux/{0}
targets:
- name: Fedora 39
test: fedora39
- name: Fedora 38
test: fedora38
- name: Ubuntu 20.04
test: ubuntu2004
- name: Ubuntu 22.04
test: ubuntu2204
groups:
- 1
- 2
- 3
- stage: Docker_2_17
displayName: Docker 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.17/linux/{0}
targets:
- name: Alpine 3.19
test: alpine319
- name: Alpine 3
test: alpine3
groups:
- 1
- 2
@@ -295,12 +285,8 @@ stages:
parameters:
testFormat: 2.16/linux/{0}
targets:
- name: Fedora 38
test: fedora38
- name: openSUSE 15
test: opensuse15
- name: Alpine 3
test: alpine3
groups:
- 1
- 2
@@ -321,6 +307,20 @@ stages:
- 1
- 2
- 3
- stage: Docker_2_14
displayName: Docker 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.14/linux/{0}
targets:
- name: Fedora 36
test: fedora36
groups:
- 1
- 2
- 3
### Community Docker
- stage: Docker_community_devel
@@ -336,7 +336,7 @@ stages:
- name: Debian Bookworm
test: debian-bookworm/3.11
- name: ArchLinux
test: archlinux/3.12
test: archlinux/3.11
groups:
- 1
- 2
@@ -351,17 +351,6 @@ stages:
parameters:
nameFormat: Python {0}
testFormat: devel/generic/{0}/1
targets:
- test: '3.8'
- test: '3.11'
- stage: Generic_2_17
displayName: Generic 2.17
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.17/generic/{0}/1
targets:
- test: '3.7'
- test: '3.12'
@@ -387,32 +376,42 @@ stages:
testFormat: 2.15/generic/{0}/1
targets:
- test: '3.9'
- stage: Generic_2_14
displayName: Generic 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: Python {0}
testFormat: 2.14/generic/{0}/1
targets:
- test: '3.10'
- stage: Summary
condition: succeededOrFailed()
dependsOn:
- Sanity_devel
- Sanity_2_17
- Sanity_2_16
- Sanity_2_15
- Sanity_2_14
- Units_devel
- Units_2_17
- Units_2_16
- Units_2_15
- Units_2_14
- Remote_devel_extra_vms
- Remote_devel
- Remote_2_17
- Remote_2_16
- Remote_2_15
- Remote_2_14
- Docker_devel
- Docker_2_17
- Docker_2_16
- Docker_2_15
- Docker_2_14
- Docker_community_devel
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - Generic_devel
# - Generic_2_17
# - Generic_2_16
# - Generic_2_15
# - Generic_2_14
jobs:
- template: templates/coverage.yml

178
.github/BOTMETA.yml vendored
View File

@@ -33,8 +33,6 @@ files:
maintainers: $team_ansible_core
$becomes/pmrun.py:
maintainers: $team_ansible_core
$becomes/run0.py:
maintainers: konstruktoid
$becomes/sesu.py:
maintainers: nekonyuu
$becomes/sudosu.py:
@@ -52,8 +50,6 @@ files:
$callbacks/cgroup_memory_recap.py: {}
$callbacks/context_demo.py: {}
$callbacks/counter_enabled.py: {}
$callbacks/default_without_diff.py:
maintainers: felixfontein
$callbacks/dense.py:
maintainers: dagwieers
$callbacks/diy.py:
@@ -91,8 +87,6 @@ files:
maintainers: ryancurrah
$callbacks/syslog_json.py:
maintainers: imjoseangel
$callbacks/timestamp.py:
maintainers: kurokobo
$callbacks/unixy.py:
labels: unixy
maintainers: akatch
@@ -103,9 +97,6 @@ files:
$connections/funcd.py:
maintainers: mscherer
$connections/iocage.py: {}
$connections/incus.py:
labels: incus
maintainers: stgraber
$connections/jail.py:
maintainers: $team_ansible_core
$connections/lxc.py: {}
@@ -121,8 +112,6 @@ files:
maintainers: $team_ansible_core
$doc_fragments/:
labels: docs_fragments
$doc_fragments/django.py:
maintainers: russoz
$doc_fragments/hpe3par.py:
labels: hpe3par
maintainers: farhan7500 gautamphegde
@@ -130,7 +119,7 @@ files:
labels: hwc
maintainers: $team_huawei
$doc_fragments/nomad.py:
maintainers: chris93111 apecnascimento
maintainers: chris93111
$doc_fragments/xenserver.py:
labels: xenserver
maintainers: bvitnik
@@ -144,8 +133,6 @@ files:
maintainers: giner
$filters/from_csv.py:
maintainers: Ajpantuso
$filters/from_ini.py:
maintainers: sscheib
$filters/groupby_as_dict.py:
maintainers: felixfontein
$filters/hashids.py:
@@ -157,18 +144,8 @@ files:
$filters/jc.py:
maintainers: kellyjonbrazil
$filters/json_query.py: {}
$filters/lists.py:
maintainers: cfiehe
$filters/lists_difference.yml:
maintainers: cfiehe
$filters/lists_intersect.yml:
maintainers: cfiehe
$filters/lists_mergeby.py:
maintainers: vbotka
$filters/lists_symmetric_difference.yml:
maintainers: cfiehe
$filters/lists_union.yml:
maintainers: cfiehe
$filters/random_mac.py: {}
$filters/time.py:
maintainers: resmo
@@ -176,8 +153,6 @@ files:
maintainers: resmo
$filters/to_hours.yml:
maintainers: resmo
$filters/to_ini.py:
maintainers: sscheib
$filters/to_milliseconds.yml:
maintainers: resmo
$filters/to_minutes.yml:
@@ -218,7 +193,7 @@ files:
labels: cloud opennebula
maintainers: feldsam
$inventories/proxmox.py:
maintainers: $team_virt ilijamt krauthosting
maintainers: $team_virt ilijamt
$inventories/scaleway.py:
labels: cloud scaleway
maintainers: $team_scaleway
@@ -259,8 +234,6 @@ files:
$lookups/filetree.py:
maintainers: dagwieers
$lookups/flattened.py: {}
$lookups/github_app_access_token.py:
maintainers: weisheng-p
$lookups/hiera.py:
maintainers: jparrill
$lookups/keyring.py: {}
@@ -271,7 +244,7 @@ files:
labels: manifold
maintainers: galanoff
$lookups/merge_variables.py:
maintainers: rlenferink m-a-r-k-e alpex8
maintainers: rlenferink m-a-r-k-e
$lookups/onepass:
labels: onepassword
maintainers: samdoran
@@ -300,12 +273,8 @@ files:
labels: module_utils
$module_utils/btrfs.py:
maintainers: gnfzdz
$module_utils/cmd_runner.py:
maintainers: russoz
$module_utils/deps.py:
maintainers: russoz
$module_utils/django.py:
maintainers: russoz
$module_utils/gconftool2.py:
labels: gconftool2
maintainers: russoz
@@ -349,8 +318,6 @@ files:
$module_utils/pipx.py:
labels: pipx
maintainers: russoz
$module_utils/python_runner.py:
maintainers: russoz
$module_utils/puppet.py:
labels: puppet
maintainers: russoz
@@ -506,12 +473,8 @@ files:
ignore: scottanderson42 tastychutney
labels: django_manage
maintainers: russoz
$modules/django_command.py:
maintainers: russoz
$modules/dnf_versionlock.py:
maintainers: moreda
$modules/dnf_config_manager.py:
maintainers: ahyattdev
$modules/dnsimple.py:
maintainers: drcapulet
$modules/dnsimple_info.py:
@@ -546,6 +509,8 @@ files:
maintainers: $team_flatpak
$modules/flatpak_remote.py:
maintainers: $team_flatpak
$modules/flowdock.py:
ignore: mcodd
$modules/gandi_livedns.py:
maintainers: gthiemonge
$modules/gconftool2.py:
@@ -561,8 +526,6 @@ files:
maintainers: russoz
$modules/git_config.py:
maintainers: djmattyg007 mgedmin
$modules/git_config_info.py:
maintainers: guenhter
$modules/github_:
maintainers: stpierre
$modules/github_deploy_key.py:
@@ -584,14 +547,8 @@ files:
ignore: dj-wasabi
$modules/gitlab_branch.py:
maintainers: paytroff
$modules/gitlab_issue.py:
maintainers: zvaraondrej
$modules/gitlab_label.py:
maintainers: gpongelli
$modules/gitlab_merge_request.py:
maintainers: zvaraondrej
$modules/gitlab_milestone.py:
maintainers: gpongelli
$modules/gitlab_project_variable.py:
maintainers: markuman
$modules/gitlab_instance_variable.py:
@@ -600,10 +557,6 @@ files:
maintainers: SamyCoenen
$modules/gitlab_user.py:
maintainers: LennertMertens stgrace
$modules/gitlab_group_access_token.py:
maintainers: pixslx
$modules/gitlab_project_access_token.py:
maintainers: pixslx
$modules/grove.py:
maintainers: zimbatm
$modules/gunicorn.py:
@@ -692,9 +645,6 @@ files:
maintainers: bregman-arie
$modules/ipa_:
maintainers: $team_ipa
ignore: fxfitz
$modules/ipa_dnsrecord.py:
maintainers: $team_ipa jwbernin
$modules/ipbase_info.py:
maintainers: dominikkukacka
$modules/ipa_pwpolicy.py:
@@ -790,14 +740,8 @@ files:
maintainers: elfelip
$modules/keycloak_user_federation.py:
maintainers: laurpaum
$modules/keycloak_component_info.py:
maintainers: desand01
$modules/keycloak_client_rolescope.py:
maintainers: desand01
$modules/keycloak_user_rolemapping.py:
maintainers: bratwurzt
$modules/keycloak_realm_rolemapping.py:
maintainers: agross mhuysamen Gaetan2907
$modules/keyring.py:
maintainers: ahussey-redhat
$modules/keyring_info.py:
@@ -926,7 +870,7 @@ files:
$modules/nmcli.py:
maintainers: alcamie101
$modules/nomad_:
maintainers: chris93111 apecnascimento
maintainers: chris93111
$modules/nosh.py:
maintainers: tacatac
$modules/npm.py:
@@ -1073,27 +1017,23 @@ files:
$modules/proxmox:
keywords: kvm libvirt proxmox qemu
labels: proxmox virt
maintainers: $team_virt UnderGreen krauthosting
maintainers: $team_virt UnderGreen
ignore: tleguern
$modules/proxmox.py:
ignore: skvidal
maintainers: UnderGreen krauthosting
maintainers: UnderGreen
$modules/proxmox_disk.py:
maintainers: castorsky krauthosting
maintainers: castorsky
$modules/proxmox_kvm.py:
ignore: skvidal
maintainers: helldorado krauthosting
maintainers: helldorado
$modules/proxmox_nic.py:
maintainers: Kogelvis krauthosting
$modules/proxmox_node_info.py:
maintainers: jwbernin krauthosting
$modules/proxmox_storage_contents_info.py:
maintainers: l00ptr krauthosting
maintainers: Kogelvis
$modules/proxmox_tasks_info:
maintainers: paginabianca krauthosting
maintainers: paginabianca
$modules/proxmox_template.py:
ignore: skvidal
maintainers: UnderGreen krauthosting
maintainers: UnderGreen
$modules/pubnub_blocks.py:
maintainers: parfeon pubnub
$modules/pulp_repo.py:
@@ -1108,6 +1048,46 @@ files:
$modules/python_requirements_info.py:
ignore: ryansb
maintainers: willthames
$modules/rax:
ignore: ryansb sivel
$modules/rax.py:
maintainers: omgjlk sivel
$modules/rax_cbs.py:
maintainers: claco
$modules/rax_cbs_attachments.py:
maintainers: claco
$modules/rax_cdb.py:
maintainers: jails
$modules/rax_cdb_database.py:
maintainers: jails
$modules/rax_cdb_user.py:
maintainers: jails
$modules/rax_clb.py:
maintainers: claco
$modules/rax_clb_nodes.py:
maintainers: neuroid
$modules/rax_clb_ssl.py:
maintainers: smashwilson
$modules/rax_files.py:
maintainers: angstwad
$modules/rax_files_objects.py:
maintainers: angstwad
$modules/rax_identity.py:
maintainers: claco
$modules/rax_mon_alarm.py:
maintainers: smashwilson
$modules/rax_mon_check.py:
maintainers: smashwilson
$modules/rax_mon_entity.py:
maintainers: smashwilson
$modules/rax_mon_notification.py:
maintainers: smashwilson
$modules/rax_mon_notification_plan.py:
maintainers: smashwilson
$modules/rax_network.py:
maintainers: claco omgjlk
$modules/rax_queue.py:
maintainers: claco
$modules/read_csv.py:
maintainers: dagwieers
$modules/redfish_:
@@ -1272,6 +1252,8 @@ files:
maintainers: farhan7500 gautamphegde
$modules/ssh_config.py:
maintainers: gaqzi Akasurde
$modules/stackdriver.py:
maintainers: bwhaley
$modules/stacki_host.py:
labels: stacki_host
maintainers: bsanders bbyhuy
@@ -1326,8 +1308,6 @@ files:
maintainers: nate-kingsley
$modules/urpmi.py:
maintainers: pmakowski
$modules/usb_facts.py:
maintainers: maxopoly
$modules/utm_:
keywords: sophos utm
maintainers: $team_e_spirit
@@ -1364,6 +1344,8 @@ files:
maintainers: $team_wdc
$modules/wdc_redfish_info.py:
maintainers: $team_wdc
$modules/webfaction_:
maintainers: quentinsf
$modules/xattr.py:
labels: xattr
maintainers: bcoca
@@ -1415,47 +1397,8 @@ files:
ignore: matze
labels: zypper
maintainers: $team_suse
$plugin_utils/unsafe.py:
maintainers: felixfontein
$tests/a_module.py:
maintainers: felixfontein
$tests/fqdn_valid.py:
maintainers: vbotka
#########################
docs/docsite/rst/filter_guide.rst: {}
docs/docsite/rst/filter_guide_abstract_informations.rst: {}
docs/docsite/rst/filter_guide_abstract_informations_counting_elements_in_sequence.rst:
maintainers: keilr
docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst:
maintainers: felixfontein giner
docs/docsite/rst/filter_guide_abstract_informations_grouping.rst:
maintainers: felixfontein
docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst:
maintainers: cfiehe
docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst:
maintainers: vbotka
docs/docsite/rst/filter_guide_conversions.rst:
maintainers: Ajpantuso kellyjonbrazil
docs/docsite/rst/filter_guide_creating_identifiers.rst:
maintainers: Ajpantuso
docs/docsite/rst/filter_guide_paths.rst: {}
docs/docsite/rst/filter_guide_selecting_json_data.rst: {}
docs/docsite/rst/filter_guide_working_with_times.rst:
maintainers: resmo
docs/docsite/rst/filter_guide_working_with_unicode.rst:
maintainers: Ajpantuso
docs/docsite/rst/filter_guide_working_with_versions.rst:
maintainers: ericzolf
docs/docsite/rst/guide_alicloud.rst:
maintainers: xiaozhu36
docs/docsite/rst/guide_online.rst:
maintainers: remyleone
docs/docsite/rst/guide_packet.rst:
maintainers: baldwinSPC nurfet-becirevic t0mk teebes
docs/docsite/rst/guide_scaleway.rst:
maintainers: $team_scaleway
docs/docsite/rst/test_guide.rst:
maintainers: felixfontein
#########################
tests/:
labels: tests
@@ -1473,6 +1416,7 @@ macros:
becomes: plugins/become
caches: plugins/cache
callbacks: plugins/callback
cliconfs: plugins/cliconf
connections: plugins/connection
doc_fragments: plugins/doc_fragments
filters: plugins/filter
@@ -1480,19 +1424,19 @@ macros:
lookups: plugins/lookup
module_utils: plugins/module_utils
modules: plugins/modules
plugin_utils: plugins/plugin_utils
terminals: plugins/terminal
tests: plugins/test
team_ansible_core:
team_aix: MorrisA bcoca d-little flynn1973 gforster kairoaraujo marvin-sinister mator molekuul ramooncamacho wtcross
team_bsd: JoergFiedler MacLemon bcoca dch jasperla mekanix opoplawski overhacked tuxillo
team_consul: sgargan apollo13
team_consul: sgargan
team_cyberark_conjur: jvanderhoof ryanprior
team_e_spirit: MatrixCrawler getjack
team_flatpak: JayKayy oolongbrothers
team_gitlab: Lunik Shaps marwatk waheedi zanssa scodeman metanovii sh0shin nejch lgatellier suukit
team_hpux: bcoca davx8342
team_huawei: QijunPan TommyLike edisonxiang freesky-edward hwDCN niuzhenguo xuxiaowei0512 yanzhangi zengchen1024 zhongjun2
team_ipa: Akasurde Nosmoht justchris1
team_ipa: Akasurde Nosmoht fxfitz justchris1
team_jboss: Wolfant jairojunior wbrefvem
team_keycloak: eikef ndclt mattock
team_linode: InTheCloudDan decentral1se displague rmcintosh Charliekenney23 LBGarber

24
.github/workflows/ansible-test.yml vendored
View File

@@ -30,7 +30,6 @@ jobs:
matrix:
ansible:
- '2.13'
- '2.14'
# Ansible-test on various stable branches does not yet work well with cgroups v2.
# Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
# image for these stable branches. The list of branches where this is necessary will
@@ -42,7 +41,6 @@ jobs:
uses: felixfontein/ansible-test-gh-action@main
with:
ansible-core-version: stable-${{ matrix.ansible }}
codecov-token: ${{ secrets.CODECOV_TOKEN }}
coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
pull-request-change-detection: 'true'
testing-type: sanity
@@ -74,8 +72,6 @@ jobs:
python: '2.7'
- ansible: '2.13'
python: '3.8'
- ansible: '2.14'
python: '3.9'
steps:
- name: >-
@@ -84,7 +80,6 @@ jobs:
uses: felixfontein/ansible-test-gh-action@main
with:
ansible-core-version: stable-${{ matrix.ansible }}
codecov-token: ${{ secrets.CODECOV_TOKEN }}
coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
pre-test-cmd: >-
mkdir -p ../../ansible
@@ -153,29 +148,11 @@ jobs:
docker: alpine3
python: ''
target: azp/posix/3/
# 2.14
- ansible: '2.14'
docker: alpine3
python: ''
target: azp/posix/1/
- ansible: '2.14'
docker: alpine3
python: ''
target: azp/posix/2/
- ansible: '2.14'
docker: alpine3
python: ''
target: azp/posix/3/
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - ansible: '2.13'
# docker: default
# python: '3.9'
# target: azp/generic/1/
# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
# - ansible: '2.14'
# docker: default
# python: '3.10'
# target: azp/generic/1/
steps:
- name: >-
@@ -185,7 +162,6 @@ jobs:
uses: felixfontein/ansible-test-gh-action@main
with:
ansible-core-version: stable-${{ matrix.ansible }}
codecov-token: ${{ secrets.CODECOV_TOKEN }}
coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
docker-image: ${{ matrix.docker }}
integration-continue-on-error: 'false'

4
.github/workflows/codeql-analysis.yml vendored
View File

@@ -28,9 +28,9 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@v2
with:
languages: python
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@v2

20
.github/workflows/import-galaxy.yml vendored
View File

@@ -1,20 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
name: import-galaxy
'on':
# Run CI against all pushes (direct commits, also merged PRs) to main, and all Pull Requests
push:
branches:
- main
- stable-*
pull_request:
jobs:
import-galaxy:
permissions:
contents: read
name: Test to import built collection artifact with Galaxy importer
uses: ansible-community/github-action-test-galaxy-import/.github/workflows/test-galaxy-import.yml@main

9
.github/workflows/reuse.yml vendored
View File

@@ -26,5 +26,10 @@ jobs:
with:
ref: ${{ github.event.pull_request.head.sha || '' }}
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v3
- name: Install dependencies
run: |
pip install reuse
- name: Check REUSE compliance
run: |
reuse lint

4
.gitignore vendored
View File

@@ -512,7 +512,3 @@ $RECYCLE.BIN/
# Integration tests cloud configs
tests/integration/cloud-config-*.ini
# VSCode specific extensions
.vscode/settings.json

337
CHANGELOG.md
View File

@@ -1,337 +0,0 @@
# Community General Release Notes
**Topics**
- <a href="#v9-0-0">v9\.0\.0</a>
- <a href="#release-summary">Release Summary</a>
- <a href="#minor-changes">Minor Changes</a>
- <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
- <a href="#deprecated-features">Deprecated Features</a>
- <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
- <a href="#security-fixes">Security Fixes</a>
- <a href="#bugfixes">Bugfixes</a>
- <a href="#new-plugins">New Plugins</a>
- <a href="#become">Become</a>
- <a href="#callback">Callback</a>
- <a href="#connection">Connection</a>
- <a href="#filter">Filter</a>
- <a href="#lookup">Lookup</a>
- <a href="#test">Test</a>
- <a href="#new-modules">New Modules</a>
This changelog describes changes after version 8\.0\.0\.
<a id="v9-0-0"></a>
## v9\.0\.0
<a id="release-summary"></a>
### Release Summary
This is release 9\.0\.0 of <code>community\.general</code>\, released on 2024\-05\-20\.
<a id="minor-changes"></a>
### Minor Changes
* PythonRunner module utils \- specialisation of <code>CmdRunner</code> to execute Python scripts \([https\://github\.com/ansible\-collections/community\.general/pull/8289](https\://github\.com/ansible\-collections/community\.general/pull/8289)\)\.
* Use offset\-aware <code>datetime\.datetime</code> objects \(with timezone UTC\) instead of offset\-naive UTC timestamps\, which are deprecated in Python 3\.12 \([https\://github\.com/ansible\-collections/community\.general/pull/8222](https\://github\.com/ansible\-collections/community\.general/pull/8222)\)\.
* aix\_lvol \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* apt\_rpm \- add new states <code>latest</code> and <code>present\_not\_latest</code>\. The value <code>latest</code> is equivalent to the current behavior of <code>present</code>\, which will upgrade a package if a newer version exists\. <code>present\_not\_latest</code> does what most users would expect <code>present</code> to do\: it does not upgrade if the package is already installed\. The current behavior of <code>present</code> will be deprecated in a later version\, and eventually changed to that of <code>present\_not\_latest</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8217](https\://github\.com/ansible\-collections/community\.general/issues/8217)\, [https\://github\.com/ansible\-collections/community\.general/pull/8247](https\://github\.com/ansible\-collections/community\.general/pull/8247)\)\.
* apt\_rpm \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* bitwarden lookup plugin \- add <code>bw\_session</code> option\, to pass session key instead of reading from env \([https\://github\.com/ansible\-collections/community\.general/pull/7994](https\://github\.com/ansible\-collections/community\.general/pull/7994)\)\.
* bitwarden lookup plugin \- add support to filter by organization ID \([https\://github\.com/ansible\-collections/community\.general/pull/8188](https\://github\.com/ansible\-collections/community\.general/pull/8188)\)\.
* bitwarden lookup plugin \- allows to fetch all records of a given collection ID\, by allowing to pass an empty value for <code>search\_value</code> when <code>collection\_id</code> is provided \([https\://github\.com/ansible\-collections/community\.general/pull/8013](https\://github\.com/ansible\-collections/community\.general/pull/8013)\)\.
* bitwarden lookup plugin \- when looking for items using an item ID\, the item is now accessed directly with <code>bw get item</code> instead of searching through all items\. This doubles the lookup speed \([https\://github\.com/ansible\-collections/community\.general/pull/7468](https\://github\.com/ansible\-collections/community\.general/pull/7468)\)\.
* btrfs\_subvolume \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* cmd\_runner module\_utils \- add validation for minimum and maximum length in the value passed to <code>cmd\_runner\_fmt\.as\_list\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8288](https\://github\.com/ansible\-collections/community\.general/pull/8288)\)\.
* consul\_auth\_method\, consul\_binding\_rule\, consul\_policy\, consul\_role\, consul\_session\, consul\_token \- added action group <code>community\.general\.consul</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7897](https\://github\.com/ansible\-collections/community\.general/pull/7897)\)\.
* consul\_policy \- added support for diff and check mode \([https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* consul\_policy\, consul\_role\, consul\_session \- removed dependency on <code>requests</code> and factored out common parts \([https\://github\.com/ansible\-collections/community\.general/pull/7826](https\://github\.com/ansible\-collections/community\.general/pull/7826)\, [https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* consul\_role \- <code>node\_identities</code> now expects a <code>node\_name</code> option to match the Consul API\, the old <code>name</code> is still supported as alias \([https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* consul\_role \- <code>service\_identities</code> now expects a <code>service\_name</code> option to match the Consul API\, the old <code>name</code> is still supported as alias \([https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* consul\_role \- added support for diff mode \([https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* consul\_role \- added support for templated policies \([https\://github\.com/ansible\-collections/community\.general/pull/7878](https\://github\.com/ansible\-collections/community\.general/pull/7878)\)\.
* elastic callback plugin \- close elastic client to not leak resources \([https\://github\.com/ansible\-collections/community\.general/pull/7517](https\://github\.com/ansible\-collections/community\.general/pull/7517)\)\.
* filesystem \- add bcachefs support \([https\://github\.com/ansible\-collections/community\.general/pull/8126](https\://github\.com/ansible\-collections/community\.general/pull/8126)\)\.
* gandi\_livedns \- adds support for personal access tokens \([https\://github\.com/ansible\-collections/community\.general/issues/7639](https\://github\.com/ansible\-collections/community\.general/issues/7639)\, [https\://github\.com/ansible\-collections/community\.general/pull/8337](https\://github\.com/ansible\-collections/community\.general/pull/8337)\)\.
* gconftool2 \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* git\_config \- allow multiple git configs for the same name with the new <code>add\_mode</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7260](https\://github\.com/ansible\-collections/community\.general/pull/7260)\)\.
* git\_config \- the <code>after</code> and <code>before</code> fields in the <code>diff</code> of the return value can be a list instead of a string in case more configs with the same key are affected \([https\://github\.com/ansible\-collections/community\.general/pull/7260](https\://github\.com/ansible\-collections/community\.general/pull/7260)\)\.
* git\_config \- when a value is unset\, all configs with the same key are unset \([https\://github\.com/ansible\-collections/community\.general/pull/7260](https\://github\.com/ansible\-collections/community\.general/pull/7260)\)\.
* gitlab modules \- add <code>ca\_path</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7472](https\://github\.com/ansible\-collections/community\.general/pull/7472)\)\.
* gitlab modules \- remove duplicate <code>gitlab</code> package check \([https\://github\.com/ansible\-collections/community\.general/pull/7486](https\://github\.com/ansible\-collections/community\.general/pull/7486)\)\.
* gitlab\_deploy\_key\, gitlab\_group\_members\, gitlab\_group\_variable\, gitlab\_hook\, gitlab\_instance\_variable\, gitlab\_project\_badge\, gitlab\_project\_variable\, gitlab\_user \- improve API pagination and compatibility with different versions of <code>python\-gitlab</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7790](https\://github\.com/ansible\-collections/community\.general/pull/7790)\)\.
* gitlab\_hook \- adds <code>releases\_events</code> parameter for supporting Releases events triggers on GitLab hooks \([https\://github\.com/ansible\-collections/community\.general/pull/7956](https\://github\.com/ansible\-collections/community\.general/pull/7956)\)\.
* gitlab\_runner \- add support for new runner creation workflow \([https\://github\.com/ansible\-collections/community\.general/pull/7199](https\://github\.com/ansible\-collections/community\.general/pull/7199)\)\.
* homebrew \- adds <code>force\_formula</code> parameter to disambiguate a formula from a cask of the same name \([https\://github\.com/ansible\-collections/community\.general/issues/8274](https\://github\.com/ansible\-collections/community\.general/issues/8274)\)\.
* homebrew\, homebrew\_cask \- refactor common argument validation logic into a dedicated <code>homebrew</code> module utils \([https\://github\.com/ansible\-collections/community\.general/issues/8323](https\://github\.com/ansible\-collections/community\.general/issues/8323)\, [https\://github\.com/ansible\-collections/community\.general/pull/8324](https\://github\.com/ansible\-collections/community\.general/pull/8324)\)\.
* icinga2 inventory plugin \- add Jinja2 templating support to <code>url</code>\, <code>user</code>\, and <code>password</code> paramenters \([https\://github\.com/ansible\-collections/community\.general/issues/7074](https\://github\.com/ansible\-collections/community\.general/issues/7074)\, [https\://github\.com/ansible\-collections/community\.general/pull/7996](https\://github\.com/ansible\-collections/community\.general/pull/7996)\)\.
* icinga2 inventory plugin \- adds new parameter <code>group\_by\_hostgroups</code> in order to make grouping by Icinga2 hostgroups optional \([https\://github\.com/ansible\-collections/community\.general/pull/7998](https\://github\.com/ansible\-collections/community\.general/pull/7998)\)\.
* ini\_file \- add an optional parameter <code>section\_has\_values</code>\. If the target ini file contains more than one <code>section</code>\, use <code>section\_has\_values</code> to specify which one should be updated \([https\://github\.com/ansible\-collections/community\.general/pull/7505](https\://github\.com/ansible\-collections/community\.general/pull/7505)\)\.
* ini\_file \- support optional spaces between section names and their surrounding brackets \([https\://github\.com/ansible\-collections/community\.general/pull/8075](https\://github\.com/ansible\-collections/community\.general/pull/8075)\)\.
* installp \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* ipa\_config \- adds <code>passkey</code> choice to <code>ipauserauthtype</code> parameter\'s choices \([https\://github\.com/ansible\-collections/community\.general/pull/7588](https\://github\.com/ansible\-collections/community\.general/pull/7588)\)\.
* ipa\_dnsrecord \- adds ability to manage NS record types \([https\://github\.com/ansible\-collections/community\.general/pull/7737](https\://github\.com/ansible\-collections/community\.general/pull/7737)\)\.
* ipa\_pwpolicy \- refactor module and exchange a sequence <code>if</code> statements with a <code>for</code> loop \([https\://github\.com/ansible\-collections/community\.general/pull/7723](https\://github\.com/ansible\-collections/community\.general/pull/7723)\)\.
* ipa\_pwpolicy \- update module to support <code>maxrepeat</code>\, <code>maxsequence</code>\, <code>dictcheck</code>\, <code>usercheck</code>\, <code>gracelimit</code> parameters in FreeIPA password policies \([https\://github\.com/ansible\-collections/community\.general/pull/7723](https\://github\.com/ansible\-collections/community\.general/pull/7723)\)\.
* ipa\_sudorule \- adds options to include denied commands or command groups \([https\://github\.com/ansible\-collections/community\.general/pull/7415](https\://github\.com/ansible\-collections/community\.general/pull/7415)\)\.
* ipa\_user \- adds <code>idp</code> and <code>passkey</code> choice to <code>ipauserauthtype</code> parameter\'s choices \([https\://github\.com/ansible\-collections/community\.general/pull/7589](https\://github\.com/ansible\-collections/community\.general/pull/7589)\)\.
* irc \- add <code>validate\_certs</code> option\, and rename <code>use\_ssl</code> to <code>use\_tls</code>\, while keeping <code>use\_ssl</code> as an alias\. The default value for <code>validate\_certs</code> is <code>false</code> for backwards compatibility\. We recommend to every user of this module to explicitly set <code>use\_tls\=true</code> and <em class="title-reference">validate\_certs\=true\`</em> whenever possible\, especially when communicating to IRC servers over the internet \([https\://github\.com/ansible\-collections/community\.general/pull/7550](https\://github\.com/ansible\-collections/community\.general/pull/7550)\)\.
* java\_cert \- add <code>cert\_content</code> argument \([https\://github\.com/ansible\-collections/community\.general/pull/8153](https\://github\.com/ansible\-collections/community\.general/pull/8153)\)\.
* java\_cert \- enable <code>owner</code>\, <code>group</code>\, <code>mode</code>\, and other generic file arguments \([https\://github\.com/ansible\-collections/community\.general/pull/8116](https\://github\.com/ansible\-collections/community\.general/pull/8116)\)\.
* kernel\_blacklist \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* keycloak module utils \- expose error message from Keycloak server for HTTP errors in some specific situations \([https\://github\.com/ansible\-collections/community\.general/pull/7645](https\://github\.com/ansible\-collections/community\.general/pull/7645)\)\.
* keycloak\_client\, keycloak\_clientscope\, keycloak\_clienttemplate \- added <code>docker\-v2</code> protocol support\, enhancing alignment with Keycloak\'s protocol options \([https\://github\.com/ansible\-collections/community\.general/issues/8215](https\://github\.com/ansible\-collections/community\.general/issues/8215)\, [https\://github\.com/ansible\-collections/community\.general/pull/8216](https\://github\.com/ansible\-collections/community\.general/pull/8216)\)\.
* keycloak\_realm\_key \- the <code>config\.algorithm</code> option now supports 8 additional key algorithms \([https\://github\.com/ansible\-collections/community\.general/pull/7698](https\://github\.com/ansible\-collections/community\.general/pull/7698)\)\.
* keycloak\_realm\_key \- the <code>config\.certificate</code> option value is no longer defined with <code>no\_log\=True</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7698](https\://github\.com/ansible\-collections/community\.general/pull/7698)\)\.
* keycloak\_realm\_key \- the <code>provider\_id</code> option now supports RSA encryption key usage \(value <code>rsa\-enc</code>\) \([https\://github\.com/ansible\-collections/community\.general/pull/7698](https\://github\.com/ansible\-collections/community\.general/pull/7698)\)\.
* keycloak\_user\_federation \- add option for <code>krbPrincipalAttribute</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7538](https\://github\.com/ansible\-collections/community\.general/pull/7538)\)\.
* keycloak\_user\_federation \- allow custom user storage providers to be set through <code>provider\_id</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7789](https\://github\.com/ansible\-collections/community\.general/pull/7789)\)\.
* ldap\_attrs \- module now supports diff mode\, showing which attributes are changed within an operation \([https\://github\.com/ansible\-collections/community\.general/pull/8073](https\://github\.com/ansible\-collections/community\.general/pull/8073)\)\.
* lvg \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* lvol \- change <code>pvs</code> argument type to list of strings \([https\://github\.com/ansible\-collections/community\.general/pull/7676](https\://github\.com/ansible\-collections/community\.general/pull/7676)\, [https\://github\.com/ansible\-collections/community\.general/issues/7504](https\://github\.com/ansible\-collections/community\.general/issues/7504)\)\.
* lvol \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* lxd connection plugin \- tighten the detection logic for lxd <code>Instance not found</code> errors\, to avoid false detection on unrelated errors such as <code>/usr/bin/python3\: not found</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7521](https\://github\.com/ansible\-collections/community\.general/pull/7521)\)\.
* lxd\_container \- uses <code>/1\.0/instances</code> API endpoint\, if available\. Falls back to <code>/1\.0/containers</code> or <code>/1\.0/virtual\-machines</code>\. Fixes issue when using Incus or LXD 5\.19 due to migrating to <code>/1\.0/instances</code> endpoint \([https\://github\.com/ansible\-collections/community\.general/pull/7980](https\://github\.com/ansible\-collections/community\.general/pull/7980)\)\.
* macports \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* mail \- add <code>Message\-ID</code> header\; which is required by some mail servers \([https\://github\.com/ansible\-collections/community\.general/pull/7740](https\://github\.com/ansible\-collections/community\.general/pull/7740)\)\.
* mail module\, mail callback plugin \- allow to configure the domain name of the Message\-ID header with a new <code>message\_id\_domain</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7765](https\://github\.com/ansible\-collections/community\.general/pull/7765)\)\.
* mssql\_script \- adds transactional \(rollback/commit\) support via optional boolean param <code>transaction</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7976](https\://github\.com/ansible\-collections/community\.general/pull/7976)\)\.
* netcup\_dns \- adds support for record types <code>OPENPGPKEY</code>\, <code>SMIMEA</code>\, and <code>SSHFP</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7489](https\://github\.com/ansible\-collections/community\.general/pull/7489)\)\.
* nmcli \- add support for new connection type <code>loopback</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6572](https\://github\.com/ansible\-collections/community\.general/issues/6572)\)\.
* nmcli \- adds OpenvSwitch support with new <code>type</code> values <code>ovs\-port</code>\, <code>ovs\-interface</code>\, and <code>ovs\-bridge</code>\, and new <code>slave\_type</code> value <code>ovs\-port</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8154](https\://github\.com/ansible\-collections/community\.general/pull/8154)\)\.
* nmcli \- allow for <code>infiniband</code> slaves of <code>bond</code> interface types \([https\://github\.com/ansible\-collections/community\.general/pull/7569](https\://github\.com/ansible\-collections/community\.general/pull/7569)\)\.
* nmcli \- allow for the setting of <code>MTU</code> for <code>infiniband</code> and <code>bond</code> interface types \([https\://github\.com/ansible\-collections/community\.general/pull/7499](https\://github\.com/ansible\-collections/community\.general/pull/7499)\)\.
* nmcli \- allow setting <code>MTU</code> for <code>bond\-slave</code> interface types \([https\://github\.com/ansible\-collections/community\.general/pull/8118](https\://github\.com/ansible\-collections/community\.general/pull/8118)\)\.
* onepassword lookup plugin \- support 1Password Connect with the opv2 client by setting the connect\_host and connect\_token parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7116](https\://github\.com/ansible\-collections/community\.general/pull/7116)\)\.
* onepassword\_raw lookup plugin \- support 1Password Connect with the opv2 client by setting the connect\_host and connect\_token parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7116](https\://github\.com/ansible\-collections/community\.general/pull/7116)\)
* opentelemetry \- add support for HTTP trace\_exporter and configures the behavior via <code>OTEL\_EXPORTER\_OTLP\_TRACES\_PROTOCOL</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7888](https\://github\.com/ansible\-collections/community\.general/issues/7888)\, [https\://github\.com/ansible\-collections/community\.general/pull/8321](https\://github\.com/ansible\-collections/community\.general/pull/8321)\)\.
* opentelemetry \- add support for exporting spans in a file via <code>ANSIBLE\_OPENTELEMETRY\_STORE\_SPANS\_IN\_FILE</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7888](https\://github\.com/ansible\-collections/community\.general/issues/7888)\, [https\://github\.com/ansible\-collections/community\.general/pull/8363](https\://github\.com/ansible\-collections/community\.general/pull/8363)\)\.
* opkg \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* osx\_defaults \- add option <code>check\_types</code> to enable changing the type of existing defaults on the fly \([https\://github\.com/ansible\-collections/community\.general/pull/8173](https\://github\.com/ansible\-collections/community\.general/pull/8173)\)\.
* parted \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* passwordstore \- adds <code>timestamp</code> and <code>preserve</code> parameters to modify the stored password format \([https\://github\.com/ansible\-collections/community\.general/pull/7426](https\://github\.com/ansible\-collections/community\.general/pull/7426)\)\.
* passwordstore lookup \- add <code>missing\_subkey</code> parameter defining the behavior of the lookup when a passwordstore subkey is missing \([https\://github\.com/ansible\-collections/community\.general/pull/8166](https\://github\.com/ansible\-collections/community\.general/pull/8166)\)\.
* pipx \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* pkg5 \- add support for non\-silent execution \([https\://github\.com/ansible\-collections/community\.general/issues/8379](https\://github\.com/ansible\-collections/community\.general/issues/8379)\, [https\://github\.com/ansible\-collections/community\.general/pull/8382](https\://github\.com/ansible\-collections/community\.general/pull/8382)\)\.
* pkgin \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* portage \- adds the possibility to explicitely tell portage to write packages to world file \([https\://github\.com/ansible\-collections/community\.general/issues/6226](https\://github\.com/ansible\-collections/community\.general/issues/6226)\, [https\://github\.com/ansible\-collections/community\.general/pull/8236](https\://github\.com/ansible\-collections/community\.general/pull/8236)\)\.
* portinstall \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* proxmox \- adds <code>startup</code> parameters to configure startup order\, startup delay and shutdown delay \([https\://github\.com/ansible\-collections/community\.general/pull/8038](https\://github\.com/ansible\-collections/community\.general/pull/8038)\)\.
* proxmox \- adds <code>template</code> value to the <code>state</code> parameter\, allowing conversion of container to a template \([https\://github\.com/ansible\-collections/community\.general/pull/7143](https\://github\.com/ansible\-collections/community\.general/pull/7143)\)\.
* proxmox \- adds <code>update</code> parameter\, allowing update of an already existing containers configuration \([https\://github\.com/ansible\-collections/community\.general/pull/7540](https\://github\.com/ansible\-collections/community\.general/pull/7540)\)\.
* proxmox inventory plugin \- adds an option to exclude nodes from the dynamic inventory generation\. The new setting is optional\, not using this option will behave as usual \([https\://github\.com/ansible\-collections/community\.general/issues/6714](https\://github\.com/ansible\-collections/community\.general/issues/6714)\, [https\://github\.com/ansible\-collections/community\.general/pull/7461](https\://github\.com/ansible\-collections/community\.general/pull/7461)\)\.
* proxmox\* modules \- there is now a <code>community\.general\.proxmox</code> module defaults group that can be used to set default options for all Proxmox modules \([https\://github\.com/ansible\-collections/community\.general/pull/8334](https\://github\.com/ansible\-collections/community\.general/pull/8334)\)\.
* proxmox\_disk \- add ability to manipulate CD\-ROM drive \([https\://github\.com/ansible\-collections/community\.general/pull/7495](https\://github\.com/ansible\-collections/community\.general/pull/7495)\)\.
* proxmox\_kvm \- add parameter <code>update\_unsafe</code> to avoid limitations when updating dangerous values \([https\://github\.com/ansible\-collections/community\.general/pull/7843](https\://github\.com/ansible\-collections/community\.general/pull/7843)\)\.
* proxmox\_kvm \- adds <code>template</code> value to the <code>state</code> parameter\, allowing conversion of a VM to a template \([https\://github\.com/ansible\-collections/community\.general/pull/7143](https\://github\.com/ansible\-collections/community\.general/pull/7143)\)\.
* proxmox\_kvm \- adds\`\`usb\`\` parameter for setting USB devices on proxmox KVM VMs \([https\://github\.com/ansible\-collections/community\.general/pull/8199](https\://github\.com/ansible\-collections/community\.general/pull/8199)\)\.
* proxmox\_kvm \- support the <code>hookscript</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/7600](https\://github\.com/ansible\-collections/community\.general/issues/7600)\)\.
* proxmox\_ostype \- it is now possible to specify the <code>ostype</code> when creating an LXC container \([https\://github\.com/ansible\-collections/community\.general/pull/7462](https\://github\.com/ansible\-collections/community\.general/pull/7462)\)\.
* proxmox\_vm\_info \- add ability to retrieve configuration info \([https\://github\.com/ansible\-collections/community\.general/pull/7485](https\://github\.com/ansible\-collections/community\.general/pull/7485)\)\.
* puppet \- new feature to set <code>\-\-waitforlock</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/8282](https\://github\.com/ansible\-collections/community\.general/pull/8282)\)\.
* redfish\_command \- add command <code>ResetToDefaults</code> to reset manager to default state \([https\://github\.com/ansible\-collections/community\.general/issues/8163](https\://github\.com/ansible\-collections/community\.general/issues/8163)\)\.
* redfish\_config \- add command <code>SetServiceIdentification</code> to set service identification \([https\://github\.com/ansible\-collections/community\.general/issues/7916](https\://github\.com/ansible\-collections/community\.general/issues/7916)\)\.
* redfish\_info \- add boolean return value <code>MultipartHttpPush</code> to <code>GetFirmwareUpdateCapabilities</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8194](https\://github\.com/ansible\-collections/community\.general/issues/8194)\, [https\://github\.com/ansible\-collections/community\.general/pull/8195](https\://github\.com/ansible\-collections/community\.general/pull/8195)\)\.
* redfish\_info \- add command <code>GetServiceIdentification</code> to get service identification \([https\://github\.com/ansible\-collections/community\.general/issues/7882](https\://github\.com/ansible\-collections/community\.general/issues/7882)\)\.
* redfish\_info \- adding the <code>BootProgress</code> property when getting <code>Systems</code> info \([https\://github\.com/ansible\-collections/community\.general/pull/7626](https\://github\.com/ansible\-collections/community\.general/pull/7626)\)\.
* revbitspss lookup plugin \- removed a redundant unicode prefix\. The prefix was not necessary for Python 3 and has been cleaned up to streamline the code \([https\://github\.com/ansible\-collections/community\.general/pull/8087](https\://github\.com/ansible\-collections/community\.general/pull/8087)\)\.
* rundeck module utils \- allow to pass <code>Content\-Type</code> to API requests \([https\://github\.com/ansible\-collections/community\.general/pull/7684](https\://github\.com/ansible\-collections/community\.general/pull/7684)\)\.
* slackpkg \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* ssh\_config \- adds <code>controlmaster</code>\, <code>controlpath</code> and <code>controlpersist</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7456](https\://github\.com/ansible\-collections/community\.general/pull/7456)\)\.
* ssh\_config \- allow <code>accept\-new</code> as valid value for <code>strict\_host\_key\_checking</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8257](https\://github\.com/ansible\-collections/community\.general/pull/8257)\)\.
* ssh\_config \- new feature to set <code>AddKeysToAgent</code> option to <code>yes</code> or <code>no</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7703](https\://github\.com/ansible\-collections/community\.general/pull/7703)\)\.
* ssh\_config \- new feature to set <code>IdentitiesOnly</code> option to <code>yes</code> or <code>no</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7704](https\://github\.com/ansible\-collections/community\.general/pull/7704)\)\.
* sudoers \- add support for the <code>NOEXEC</code> tag in sudoers rules \([https\://github\.com/ansible\-collections/community\.general/pull/7983](https\://github\.com/ansible\-collections/community\.general/pull/7983)\)\.
* svr4pkg \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* swdepot \- refactor module to pass list of arguments to <code>module\.run\_command\(\)</code> instead of relying on interpretation by a shell \([https\://github\.com/ansible\-collections/community\.general/pull/8264](https\://github\.com/ansible\-collections/community\.general/pull/8264)\)\.
* terraform \- add support for <code>diff\_mode</code> for terraform resource\_changes \([https\://github\.com/ansible\-collections/community\.general/pull/7896](https\://github\.com/ansible\-collections/community\.general/pull/7896)\)\.
* terraform \- fix <code>diff\_mode</code> in state <code>absent</code> and when terraform <code>resource\_changes</code> does not exist \([https\://github\.com/ansible\-collections/community\.general/pull/7963](https\://github\.com/ansible\-collections/community\.general/pull/7963)\)\.
* xcc\_redfish\_command \- added support for raw POSTs \(<code>command\=PostResource</code> in <code>category\=Raw</code>\) without a specific action info \([https\://github\.com/ansible\-collections/community\.general/pull/7746](https\://github\.com/ansible\-collections/community\.general/pull/7746)\)\.
* xfconf \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* xfconf\_info \- use <code>ModuleHelper</code> with <code>VarDict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
<a id="breaking-changes--porting-guide"></a>
### Breaking Changes / Porting Guide
* cpanm \- the default of the <code>mode</code> option changed from <code>compatibility</code> to <code>new</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* django\_manage \- the module now requires Django \>\= 4\.1 \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* django\_manage \- the module will now fail if <code>virtualenv</code> is specified but no virtual environment exists at that location \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* redfish\_command\, redfish\_config\, redfish\_info \- change the default for <code>timeout</code> from 10 to 60 \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
<a id="deprecated-features"></a>
### Deprecated Features
* MH DependencyCtxMgr module\_utils \- deprecate <code>module\_utils\.mh\.mixin\.deps\.DependencyCtxMgr</code> in favour of <code>module\_utils\.deps</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.AnsibleModule</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.DependencyCtxMgr</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.StateMixin</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.VarDict\,</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.VarMeta</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate <code>plugins\.module\_utils\.module\_helper\.VarsMixin</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8280](https\://github\.com/ansible\-collections/community\.general/pull/8280)\)\.
* ModuleHelper module\_utils \- deprecate use of <code>VarsMixin</code> in favor of using the <code>VardDict</code> module\_utils \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* ModuleHelper vars module\_utils \- bump deprecation of <code>VarMeta</code>\, <code>VarDict</code> and <code>VarsMixin</code> to version 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/8226](https\://github\.com/ansible\-collections/community\.general/pull/8226)\)\.
* apt\_rpm \- the behavior of <code>state\=present</code> and <code>state\=installed</code> is deprecated and will change in community\.general 11\.0\.0\. Right now the module will upgrade a package to the latest version if one of these two states is used\. You should explicitly use <code>state\=latest</code> if you want this behavior\, and switch to <code>state\=present\_not\_latest</code> if you do not want to upgrade the package if it is already installed\. In community\.general 11\.0\.0 the behavior of <code>state\=present</code> and <code>state\=installed</code> will change to that of <code>state\=present\_not\_latest</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8217](https\://github\.com/ansible\-collections/community\.general/issues/8217)\, [https\://github\.com/ansible\-collections/community\.general/pull/8285](https\://github\.com/ansible\-collections/community\.general/pull/8285)\)\.
* consul\_acl \- the module has been deprecated and will be removed in community\.general 10\.0\.0\. <code>consul\_token</code> and <code>consul\_policy</code> can be used instead \([https\://github\.com/ansible\-collections/community\.general/pull/7901](https\://github\.com/ansible\-collections/community\.general/pull/7901)\)\.
* django\_manage \- the <code>ack\_venv\_creation\_deprecation</code> option has no more effect and will be removed from community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* gitlab modules \- the basic auth method on GitLab API have been deprecated and will be removed in community\.general 10\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/8383](https\://github\.com/ansible\-collections/community\.general/pull/8383)\)\.
* hipchat callback plugin \- the hipchat service has been discontinued and the self\-hosted variant has been End of Life since 2020\. The callback plugin is therefore deprecated and will be removed from community\.general 10\.0\.0 if nobody provides compelling reasons to still keep it \([https\://github\.com/ansible\-collections/community\.general/issues/8184](https\://github\.com/ansible\-collections/community\.general/issues/8184)\, [https\://github\.com/ansible\-collections/community\.general/pull/8189](https\://github\.com/ansible\-collections/community\.general/pull/8189)\)\.
* irc \- the defaults <code>false</code> for <code>use\_tls</code> and <code>validate\_certs</code> have been deprecated and will change to <code>true</code> in community\.general 10\.0\.0 to improve security\. You can already improve security now by explicitly setting them to <code>true</code>\. Specifying values now disables the deprecation warning \([https\://github\.com/ansible\-collections/community\.general/pull/7578](https\://github\.com/ansible\-collections/community\.general/pull/7578)\)\.
<a id="removed-features-previously-deprecated"></a>
### Removed Features \(previously deprecated\)
* The deprecated redirects for internal module names have been removed\. These internal redirects were extra\-long FQCNs like <code>community\.general\.packaging\.os\.apt\_rpm</code> that redirect to the short FQCN <code>community\.general\.apt\_rpm</code>\. They were originally needed to implement flatmapping\; as various tooling started to recommend users to use the long names flatmapping was removed from the collection and redirects were added for users who already followed these incorrect recommendations \([https\://github\.com/ansible\-collections/community\.general/pull/7835](https\://github\.com/ansible\-collections/community\.general/pull/7835)\)\.
* ansible\_galaxy\_install \- the <code>ack\_ansible29</code> and <code>ack\_min\_ansiblecore211</code> options have been removed\. They no longer had any effect \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* cloudflare\_dns \- remove support for SPF records\. These are no longer supported by CloudFlare \([https\://github\.com/ansible\-collections/community\.general/pull/7782](https\://github\.com/ansible\-collections/community\.general/pull/7782)\)\.
* django\_manage \- support for the <code>command</code> values <code>cleanup</code>\, <code>syncdb</code>\, and <code>validate</code> were removed\. Use <code>clearsessions</code>\, <code>migrate</code>\, and <code>check</code> instead\, respectively \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* flowdock \- this module relied on HTTPS APIs that do not exist anymore and was thus removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* mh\.mixins\.deps module utils \- the <code>DependencyMixin</code> has been removed\. Use the <code>deps</code> module utils instead \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* proxmox \- the <code>proxmox\_default\_behavior</code> option has been removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* rax\* modules\, rax module utils\, rax docs fragment \- the Rackspace modules relied on the deprecated package <code>pyrax</code> and were thus removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* redhat module utils \- the classes <code>Rhsm</code>\, <code>RhsmPool</code>\, and <code>RhsmPools</code> have been removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* redhat\_subscription \- the alias <code>autosubscribe</code> of the <code>auto\_attach</code> option was removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* stackdriver \- this module relied on HTTPS APIs that do not exist anymore and was thus removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
* webfaction\_\* modules \- these modules relied on HTTPS APIs that do not exist anymore and were thus removed \([https\://github\.com/ansible\-collections/community\.general/pull/8198](https\://github\.com/ansible\-collections/community\.general/pull/8198)\)\.
<a id="security-fixes"></a>
### Security Fixes
* cobbler\, gitlab\_runners\, icinga2\, linode\, lxd\, nmap\, online\, opennebula\, proxmox\, scaleway\, stackpath\_compute\, virtualbox\, and xen\_orchestra inventory plugin \- make sure all data received from the remote servers is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.general/pull/8098](https\://github\.com/ansible\-collections/community\.general/pull/8098)\)\.
* keycloak\_identity\_provider \- the client secret was not correctly sanitized by the module\. The return values <code>proposed</code>\, <code>existing</code>\, and <code>end\_state</code>\, as well as the diff\, did contain the client secret unmasked \([https\://github\.com/ansible\-collections/community\.general/pull/8355](https\://github\.com/ansible\-collections/community\.general/pull/8355)\)\.
<a id="bugfixes"></a>
### Bugfixes
* aix\_filesystem \- fix <code>\_validate\_vg</code> not passing VG name to <code>lsvg\_cmd</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8151](https\://github\.com/ansible\-collections/community\.general/issues/8151)\)\.
* aix\_filesystem \- fix issue with empty list items in crfs logic and option order \([https\://github\.com/ansible\-collections/community\.general/pull/8052](https\://github\.com/ansible\-collections/community\.general/pull/8052)\)\.
* apt\-rpm \- the module did not upgrade packages if a newer version exists\. Now the package will be reinstalled if the candidate is newer than the installed version \([https\://github\.com/ansible\-collections/community\.general/issues/7414](https\://github\.com/ansible\-collections/community\.general/issues/7414)\)\.
* apt\_rpm \- when checking whether packages were installed after running <code>apt\-get \-y install \<packages\></code>\, only the last package name was checked \([https\://github\.com/ansible\-collections/community\.general/pull/8263](https\://github\.com/ansible\-collections/community\.general/pull/8263)\)\.
* bitwarden\_secrets\_manager lookup plugin \- implements retry with exponential backoff to avoid lookup errors when Bitwardn\'s API rate limiting is encountered \([https\://github\.com/ansible\-collections/community\.general/issues/8230](https\://github\.com/ansible\-collections/community\.general/issues/8230)\, [https\://github\.com/ansible\-collections/community\.general/pull/8238](https\://github\.com/ansible\-collections/community\.general/pull/8238)\)\.
* cargo \- fix idempotency issues when using a custom installation path for packages \(using the <code>\-\-path</code> parameter\)\. The initial installation runs fine\, but subsequent runs use the <code>get\_installed\(\)</code> function which did not check the given installation location\, before running <code>cargo install</code>\. This resulted in a false <code>changed</code> state\. Also the removal of packeges using <code>state\: absent</code> failed\, as the installation check did not use the given parameter \([https\://github\.com/ansible\-collections/community\.general/pull/7970](https\://github\.com/ansible\-collections/community\.general/pull/7970)\)\.
* cloudflare\_dns \- fix Cloudflare lookup of SHFP records \([https\://github\.com/ansible\-collections/community\.general/issues/7652](https\://github\.com/ansible\-collections/community\.general/issues/7652)\)\.
* consul\_token \- fix token creation without <code>accessor\_id</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8091](https\://github\.com/ansible\-collections/community\.general/pull/8091)\)\.
* from\_ini filter plugin \- disabling interpolation of <code>ConfigParser</code> to allow converting values with a <code>\%</code> sign \([https\://github\.com/ansible\-collections/community\.general/issues/8183](https\://github\.com/ansible\-collections/community\.general/issues/8183)\, [https\://github\.com/ansible\-collections/community\.general/pull/8185](https\://github\.com/ansible\-collections/community\.general/pull/8185)\)\.
* gitlab\_group\_members \- fix gitlab constants call in <code>gitlab\_group\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
* gitlab\_issue \- fix behavior to search GitLab issue\, using <code>search</code> keyword instead of <code>title</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7846](https\://github\.com/ansible\-collections/community\.general/issues/7846)\)\.
* gitlab\_issue\, gitlab\_label\, gitlab\_milestone \- avoid crash during version comparison when the python\-gitlab Python module is not installed \([https\://github\.com/ansible\-collections/community\.general/pull/8158](https\://github\.com/ansible\-collections/community\.general/pull/8158)\)\.
* gitlab\_project\_members \- fix gitlab constants call in <code>gitlab\_project\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
* gitlab\_protected\_branches \- fix gitlab constants call in <code>gitlab\_protected\_branches</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
* gitlab\_runner \- fix pagination when checking for existing runners \([https\://github\.com/ansible\-collections/community\.general/pull/7790](https\://github\.com/ansible\-collections/community\.general/pull/7790)\)\.
* gitlab\_user \- fix gitlab constants call in <code>gitlab\_user</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
* haproxy \- fix an issue where HAProxy could get stuck in DRAIN mode when the backend was unreachable \([https\://github\.com/ansible\-collections/community\.general/issues/8092](https\://github\.com/ansible\-collections/community\.general/issues/8092)\)\.
* homebrew \- detect already installed formulae and casks using JSON output from <code>brew info</code> \([https\://github\.com/ansible\-collections/community\.general/issues/864](https\://github\.com/ansible\-collections/community\.general/issues/864)\)\.
* homebrew \- error returned from brew command was ignored and tried to parse empty JSON\. Fix now checks for an error and raises it to give accurate error message to users \([https\://github\.com/ansible\-collections/community\.general/issues/8047](https\://github\.com/ansible\-collections/community\.general/issues/8047)\)\.
* incus connection plugin \- treats <code>inventory\_hostname</code> as a variable instead of a literal in remote connections \([https\://github\.com/ansible\-collections/community\.general/issues/7874](https\://github\.com/ansible\-collections/community\.general/issues/7874)\)\.
* interface\_files \- also consider <code>address\_family</code> when changing <code>option\=method</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7610](https\://github\.com/ansible\-collections/community\.general/issues/7610)\, [https\://github\.com/ansible\-collections/community\.general/pull/7612](https\://github\.com/ansible\-collections/community\.general/pull/7612)\)\.
* inventory plugins \- add unsafe wrapper to avoid marking strings that do not contain <code>\{</code> or <code>\}</code> as unsafe\, to work around a bug in AWX \(\([https\://github\.com/ansible\-collections/community\.general/issues/8212](https\://github\.com/ansible\-collections/community\.general/issues/8212)\, [https\://github\.com/ansible\-collections/community\.general/pull/8225](https\://github\.com/ansible\-collections/community\.general/pull/8225)\)\.
* ipa \- fix get version regex in IPA module\_utils \([https\://github\.com/ansible\-collections/community\.general/pull/8175](https\://github\.com/ansible\-collections/community\.general/pull/8175)\)\.
* ipa\_hbacrule \- the module uses a string for <code>ipaenabledflag</code> for new FreeIPA versions while the returned value is a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7880](https\://github\.com/ansible\-collections/community\.general/pull/7880)\)\.
* ipa\_otptoken \- the module expect <code>ipatokendisabled</code> as string but the <code>ipatokendisabled</code> value is returned as a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7795](https\://github\.com/ansible\-collections/community\.general/pull/7795)\)\.
* ipa\_sudorule \- the module uses a string for <code>ipaenabledflag</code> for new FreeIPA versions while the returned value is a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7880](https\://github\.com/ansible\-collections/community\.general/pull/7880)\)\.
* iptables\_state \- fix idempotency issues when restoring incomplete iptables dumps \([https\://github\.com/ansible\-collections/community\.general/issues/8029](https\://github\.com/ansible\-collections/community\.general/issues/8029)\)\.
* irc \- replace <code>ssl\.wrap\_socket</code> that was removed from Python 3\.12 with code for creating a proper SSL context \([https\://github\.com/ansible\-collections/community\.general/pull/7542](https\://github\.com/ansible\-collections/community\.general/pull/7542)\)\.
* keycloak\_\* \- fix Keycloak API client to quote <code>/</code> properly \([https\://github\.com/ansible\-collections/community\.general/pull/7641](https\://github\.com/ansible\-collections/community\.general/pull/7641)\)\.
* keycloak\_authz\_permission \- resource payload variable for scope\-based permission was constructed as a string\, when it needs to be a list\, even for a single item \([https\://github\.com/ansible\-collections/community\.general/issues/7151](https\://github\.com/ansible\-collections/community\.general/issues/7151)\)\.
* keycloak\_client \- add sorted <code>defaultClientScopes</code> and <code>optionalClientScopes</code> to normalizations \([https\://github\.com/ansible\-collections/community\.general/pull/8223](https\://github\.com/ansible\-collections/community\.general/pull/8223)\)\.
* keycloak\_client \- fixes issue when metadata is provided in desired state when task is in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/1226](https\://github\.com/ansible\-collections/community\.general/issues/1226)\, [https\://github\.com/ansible\-collections/community\.general/pull/7881](https\://github\.com/ansible\-collections/community\.general/pull/7881)\)\.
* keycloak\_identity\_provider \- <code>mappers</code> processing was not idempotent if the mappers configuration list had not been sorted by name \(in ascending order\)\. Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
* keycloak\_identity\_provider \- it was not possible to reconfigure \(add\, remove\) <code>mappers</code> once they were created initially\. Removal was ignored\, adding new ones resulted in dropping the pre\-existing unmodified mappers\. Fix resolves the issue by supplying correct input to the internal update call \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
* keycloak\_realm \- add normalizations for <code>enabledEventTypes</code> and <code>supportedLocales</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8224](https\://github\.com/ansible\-collections/community\.general/pull/8224)\)\.
* keycloak\_user \- when <code>force</code> is set\, but user does not exist\, do not try to delete it \([https\://github\.com/ansible\-collections/community\.general/pull/7696](https\://github\.com/ansible\-collections/community\.general/pull/7696)\)\.
* keycloak\_user\_federation \- fix diff of empty <code>krbPrincipalAttribute</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8320](https\://github\.com/ansible\-collections/community\.general/pull/8320)\)\.
* ldap \- previously the order number \(if present\) was expected to follow an equals sign in the DN\. This makes it so the order number string is identified correctly anywhere within the DN \([https\://github\.com/ansible\-collections/community\.general/issues/7646](https\://github\.com/ansible\-collections/community\.general/issues/7646)\)\.
* linode inventory plugin \- add descriptive error message for linode inventory plugin \([https\://github\.com/ansible\-collections/community\.general/pull/8133](https\://github\.com/ansible\-collections/community\.general/pull/8133)\)\.
* log\_entries callback plugin \- replace <code>ssl\.wrap\_socket</code> that was removed from Python 3\.12 with code for creating a proper SSL context \([https\://github\.com/ansible\-collections/community\.general/pull/7542](https\://github\.com/ansible\-collections/community\.general/pull/7542)\)\.
* lvol \- test for output messages in both <code>stdout</code> and <code>stderr</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7601](https\://github\.com/ansible\-collections/community\.general/pull/7601)\, [https\://github\.com/ansible\-collections/community\.general/issues/7182](https\://github\.com/ansible\-collections/community\.general/issues/7182)\)\.
* merge\_variables lookup plugin \- fixing cross host merge\: providing access to foreign hosts variables to the perspective of the host that is performing the merge \([https\://github\.com/ansible\-collections/community\.general/pull/8303](https\://github\.com/ansible\-collections/community\.general/pull/8303)\)\.
* modprobe \- listing modules files or modprobe files could trigger a FileNotFoundError if <code>/etc/modprobe\.d</code> or <code>/etc/modules\-load\.d</code> did not exist\. Relevant functions now return empty lists if the directories do not exist to avoid crashing the module \([https\://github\.com/ansible\-collections/community\.general/issues/7717](https\://github\.com/ansible\-collections/community\.general/issues/7717)\)\.
* mssql\_script \- make the module work with Python 2 \([https\://github\.com/ansible\-collections/community\.general/issues/7818](https\://github\.com/ansible\-collections/community\.general/issues/7818)\, [https\://github\.com/ansible\-collections/community\.general/pull/7821](https\://github\.com/ansible\-collections/community\.general/pull/7821)\)\.
* nmcli \- fix <code>connection\.slave\-type</code> wired to <code>bond</code> and not with parameter <code>slave\_type</code> in case of connection type <code>wifi</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7389](https\://github\.com/ansible\-collections/community\.general/issues/7389)\)\.
* ocapi\_utils\, oci\_utils\, redfish\_utils module utils \- replace <code>type\(\)</code> calls with <code>isinstance\(\)</code> calls \([https\://github\.com/ansible\-collections/community\.general/pull/7501](https\://github\.com/ansible\-collections/community\.general/pull/7501)\)\.
* onepassword lookup plugin \- failed for fields that were in sections and had uppercase letters in the label/ID\. Field lookups are now case insensitive in all cases \([https\://github\.com/ansible\-collections/community\.general/pull/7919](https\://github\.com/ansible\-collections/community\.general/pull/7919)\)\.
* onepassword lookup plugin \- field and section titles are now case insensitive when using op CLI version two or later\. This matches the behavior of version one \([https\://github\.com/ansible\-collections/community\.general/pull/7564](https\://github\.com/ansible\-collections/community\.general/pull/7564)\)\.
* opentelemetry callback plugin \- close spans always \([https\://github\.com/ansible\-collections/community\.general/pull/8367](https\://github\.com/ansible\-collections/community\.general/pull/8367)\)\.
* opentelemetry callback plugin \- honour the <code>disable\_logs</code> option to avoid storing task results since they are not used regardless \([https\://github\.com/ansible\-collections/community\.general/pull/8373](https\://github\.com/ansible\-collections/community\.general/pull/8373)\)\.
* pacemaker\_cluster \- actually implement check mode\, which the module claims to support\. This means that until now the module also did changes in check mode \([https\://github\.com/ansible\-collections/community\.general/pull/8081](https\://github\.com/ansible\-collections/community\.general/pull/8081)\)\.
* pam\_limits \- when the file does not exist\, do not create it in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/8050](https\://github\.com/ansible\-collections/community\.general/issues/8050)\, [https\://github\.com/ansible\-collections/community\.general/pull/8057](https\://github\.com/ansible\-collections/community\.general/pull/8057)\)\.
* pipx module utils \- change the CLI argument formatter for the <code>pip\_args</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/7497](https\://github\.com/ansible\-collections/community\.general/issues/7497)\, [https\://github\.com/ansible\-collections/community\.general/pull/7506](https\://github\.com/ansible\-collections/community\.general/pull/7506)\)\.
* pkgin \- pkgin \(pkgsrc package manager used by SmartOS\) raises erratic exceptions and spurious <code>changed\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7971](https\://github\.com/ansible\-collections/community\.general/pull/7971)\)\.
* proxmox \- fix updating a container config if the setting does not already exist \([https\://github\.com/ansible\-collections/community\.general/pull/7872](https\://github\.com/ansible\-collections/community\.general/pull/7872)\)\.
* proxmox\_kvm \- fixed status check getting from node\-specific API endpoint \([https\://github\.com/ansible\-collections/community\.general/issues/7817](https\://github\.com/ansible\-collections/community\.general/issues/7817)\)\.
* proxmox\_kvm \- running <code>state\=template</code> will first check whether VM is already a template \([https\://github\.com/ansible\-collections/community\.general/pull/7792](https\://github\.com/ansible\-collections/community\.general/pull/7792)\)\.
* proxmox\_pool\_member \- absent state for type VM did not delete VMs from the pools \([https\://github\.com/ansible\-collections/community\.general/pull/7464](https\://github\.com/ansible\-collections/community\.general/pull/7464)\)\.
* puppet \- add option <code>environment\_lang</code> to set the environment language encoding\. Defaults to lang <code>C</code>\. It is recommended to set it to <code>C\.UTF\-8</code> or <code>en\_US\.UTF\-8</code> depending on what is available on your system\. \([https\://github\.com/ansible\-collections/community\.general/issues/8000](https\://github\.com/ansible\-collections/community\.general/issues/8000)\)
* redfish\_command \- fix usage of message parsing in <code>SimpleUpdate</code> and <code>MultipartHTTPPushUpdate</code> commands to treat the lack of a <code>MessageId</code> as no message \([https\://github\.com/ansible\-collections/community\.general/issues/7465](https\://github\.com/ansible\-collections/community\.general/issues/7465)\, [https\://github\.com/ansible\-collections/community\.general/pull/7471](https\://github\.com/ansible\-collections/community\.general/pull/7471)\)\.
* redfish\_info \- allow for a GET operation invoked by <code>GetUpdateStatus</code> to allow for an empty response body for cases where a service returns 204 No Content \([https\://github\.com/ansible\-collections/community\.general/issues/8003](https\://github\.com/ansible\-collections/community\.general/issues/8003)\)\.
* redfish\_info \- correct uncaught exception when attempting to retrieve <code>Chassis</code> information \([https\://github\.com/ansible\-collections/community\.general/pull/7952](https\://github\.com/ansible\-collections/community\.general/pull/7952)\)\.
* redhat\_subscription \- use the D\-Bus registration on RHEL 7 only on 7\.4 and
greater\; older versions of RHEL 7 do not have it
\([https\://github\.com/ansible\-collections/community\.general/issues/7622](https\://github\.com/ansible\-collections/community\.general/issues/7622)\,
[https\://github\.com/ansible\-collections/community\.general/pull/7624](https\://github\.com/ansible\-collections/community\.general/pull/7624)\)\.
* riak \- support <code>riak admin</code> sub\-command in newer Riak KV versions beside the legacy <code>riak\-admin</code> main command \([https\://github\.com/ansible\-collections/community\.general/pull/8211](https\://github\.com/ansible\-collections/community\.general/pull/8211)\)\.
* statusio\_maintenance \- fix error caused by incorrectly formed API data payload\. Was raising \"Failed to create maintenance HTTP Error 400 Bad Request\" caused by bad data type for date/time and deprecated dict keys \([https\://github\.com/ansible\-collections/community\.general/pull/7754](https\://github\.com/ansible\-collections/community\.general/pull/7754)\)\.
* terraform \- fix multiline string handling in complex variables \([https\://github\.com/ansible\-collections/community\.general/pull/7535](https\://github\.com/ansible\-collections/community\.general/pull/7535)\)\.
* to\_ini filter plugin \- disabling interpolation of <code>ConfigParser</code> to allow converting values with a <code>\%</code> sign \([https\://github\.com/ansible\-collections/community\.general/issues/8183](https\://github\.com/ansible\-collections/community\.general/issues/8183)\, [https\://github\.com/ansible\-collections/community\.general/pull/8185](https\://github\.com/ansible\-collections/community\.general/pull/8185)\)\.
* xml \- make module work with lxml 5\.1\.1\, which removed some internals that the module was relying on \([https\://github\.com/ansible\-collections/community\.general/pull/8169](https\://github\.com/ansible\-collections/community\.general/pull/8169)\)\.
<a id="new-plugins"></a>
### New Plugins
<a id="become"></a>
#### Become
* community\.general\.run0 \- Systemd\'s run0\.
<a id="callback"></a>
#### Callback
* community\.general\.default\_without\_diff \- The default ansible callback without diff output\.
* community\.general\.timestamp \- Adds simple timestamp for each header\.
<a id="connection"></a>
#### Connection
* community\.general\.incus \- Run tasks in Incus instances via the Incus CLI\.
<a id="filter"></a>
#### Filter
* community\.general\.from\_ini \- Converts INI text input into a dictionary\.
* community\.general\.lists\_difference \- Difference of lists with a predictive order\.
* community\.general\.lists\_intersect \- Intersection of lists with a predictive order\.
* community\.general\.lists\_symmetric\_difference \- Symmetric Difference of lists with a predictive order\.
* community\.general\.lists\_union \- Union of lists with a predictive order\.
* community\.general\.to\_ini \- Converts a dictionary to the INI file format\.
<a id="lookup"></a>
#### Lookup
* community\.general\.github\_app\_access\_token \- Obtain short\-lived Github App Access tokens\.
* community\.general\.onepassword\_doc \- Fetch documents stored in 1Password\.
<a id="test"></a>
#### Test
* community\.general\.fqdn\_valid \- Validates fully\-qualified domain names against RFC 1123\.
<a id="new-modules"></a>
### New Modules
* community\.general\.consul\_acl\_bootstrap \- Bootstrap ACLs in Consul\.
* community\.general\.consul\_auth\_method \- Manipulate Consul auth methods\.
* community\.general\.consul\_binding\_rule \- Manipulate Consul binding rules\.
* community\.general\.consul\_token \- Manipulate Consul tokens\.
* community\.general\.django\_command \- Run Django admin commands\.
* community\.general\.dnf\_config\_manager \- Enable or disable dnf repositories using config\-manager\.
* community\.general\.git\_config\_info \- Read git configuration\.
* community\.general\.gitlab\_group\_access\_token \- Manages GitLab group access tokens\.
* community\.general\.gitlab\_issue \- Create\, update\, or delete GitLab issues\.
* community\.general\.gitlab\_label \- Creates/updates/deletes GitLab Labels belonging to project or group\.
* community\.general\.gitlab\_milestone \- Creates/updates/deletes GitLab Milestones belonging to project or group\.
* community\.general\.gitlab\_project\_access\_token \- Manages GitLab project access tokens\.
* community\.general\.keycloak\_client\_rolescope \- Allows administration of Keycloak client roles scope to restrict the usage of certain roles to a other specific client applications\.
* community\.general\.keycloak\_component\_info \- Retrive component info in Keycloak\.
* community\.general\.keycloak\_realm\_rolemapping \- Allows administration of Keycloak realm role mappings into groups with the Keycloak API\.
* community\.general\.nomad\_token \- Manage Nomad ACL tokens\.
* community\.general\.proxmox\_node\_info \- Retrieve information about one or more Proxmox VE nodes\.
* community\.general\.proxmox\_storage\_contents\_info \- List content from a Proxmox VE storage\.
* community\.general\.usb\_facts \- Allows listing information about USB devices\.

621
CHANGELOG.rst
View File

@@ -4,320 +4,361 @@ Community General Release Notes
.. contents:: Topics
This changelog describes changes after version 8.0.0.
This changelog describes changes after version 7.0.0.
v9.0.0
v8.0.2
======
Release Summary
---------------
This is release 9.0.0 of ``community.general``, released on 2024-05-20.
Minor Changes
-------------
- PythonRunner module utils - specialisation of ``CmdRunner`` to execute Python scripts (https://github.com/ansible-collections/community.general/pull/8289).
- Use offset-aware ``datetime.datetime`` objects (with timezone UTC) instead of offset-naive UTC timestamps, which are deprecated in Python 3.12 (https://github.com/ansible-collections/community.general/pull/8222).
- aix_lvol - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- apt_rpm - add new states ``latest`` and ``present_not_latest``. The value ``latest`` is equivalent to the current behavior of ``present``, which will upgrade a package if a newer version exists. ``present_not_latest`` does what most users would expect ``present`` to do: it does not upgrade if the package is already installed. The current behavior of ``present`` will be deprecated in a later version, and eventually changed to that of ``present_not_latest`` (https://github.com/ansible-collections/community.general/issues/8217, https://github.com/ansible-collections/community.general/pull/8247).
- apt_rpm - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- bitwarden lookup plugin - add ``bw_session`` option, to pass session key instead of reading from env (https://github.com/ansible-collections/community.general/pull/7994).
- bitwarden lookup plugin - add support to filter by organization ID (https://github.com/ansible-collections/community.general/pull/8188).
- bitwarden lookup plugin - allows to fetch all records of a given collection ID, by allowing to pass an empty value for ``search_value`` when ``collection_id`` is provided (https://github.com/ansible-collections/community.general/pull/8013).
- bitwarden lookup plugin - when looking for items using an item ID, the item is now accessed directly with ``bw get item`` instead of searching through all items. This doubles the lookup speed (https://github.com/ansible-collections/community.general/pull/7468).
- btrfs_subvolume - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- cmd_runner module_utils - add validation for minimum and maximum length in the value passed to ``cmd_runner_fmt.as_list()`` (https://github.com/ansible-collections/community.general/pull/8288).
- consul_auth_method, consul_binding_rule, consul_policy, consul_role, consul_session, consul_token - added action group ``community.general.consul`` (https://github.com/ansible-collections/community.general/pull/7897).
- consul_policy - added support for diff and check mode (https://github.com/ansible-collections/community.general/pull/7878).
- consul_policy, consul_role, consul_session - removed dependency on ``requests`` and factored out common parts (https://github.com/ansible-collections/community.general/pull/7826, https://github.com/ansible-collections/community.general/pull/7878).
- consul_role - ``node_identities`` now expects a ``node_name`` option to match the Consul API, the old ``name`` is still supported as alias (https://github.com/ansible-collections/community.general/pull/7878).
- consul_role - ``service_identities`` now expects a ``service_name`` option to match the Consul API, the old ``name`` is still supported as alias (https://github.com/ansible-collections/community.general/pull/7878).
- consul_role - added support for diff mode (https://github.com/ansible-collections/community.general/pull/7878).
- consul_role - added support for templated policies (https://github.com/ansible-collections/community.general/pull/7878).
- elastic callback plugin - close elastic client to not leak resources (https://github.com/ansible-collections/community.general/pull/7517).
- filesystem - add bcachefs support (https://github.com/ansible-collections/community.general/pull/8126).
- gandi_livedns - adds support for personal access tokens (https://github.com/ansible-collections/community.general/issues/7639, https://github.com/ansible-collections/community.general/pull/8337).
- gconftool2 - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
- git_config - allow multiple git configs for the same name with the new ``add_mode`` option (https://github.com/ansible-collections/community.general/pull/7260).
- git_config - the ``after`` and ``before`` fields in the ``diff`` of the return value can be a list instead of a string in case more configs with the same key are affected (https://github.com/ansible-collections/community.general/pull/7260).
- git_config - when a value is unset, all configs with the same key are unset (https://github.com/ansible-collections/community.general/pull/7260).
- gitlab modules - add ``ca_path`` option (https://github.com/ansible-collections/community.general/pull/7472).
- gitlab modules - remove duplicate ``gitlab`` package check (https://github.com/ansible-collections/community.general/pull/7486).
- gitlab_deploy_key, gitlab_group_members, gitlab_group_variable, gitlab_hook, gitlab_instance_variable, gitlab_project_badge, gitlab_project_variable, gitlab_user - improve API pagination and compatibility with different versions of ``python-gitlab`` (https://github.com/ansible-collections/community.general/pull/7790).
- gitlab_hook - adds ``releases_events`` parameter for supporting Releases events triggers on GitLab hooks (https://github.com/ansible-collections/community.general/pull/7956).
- gitlab_runner - add support for new runner creation workflow (https://github.com/ansible-collections/community.general/pull/7199).
- homebrew - adds ``force_formula`` parameter to disambiguate a formula from a cask of the same name (https://github.com/ansible-collections/community.general/issues/8274).
- homebrew, homebrew_cask - refactor common argument validation logic into a dedicated ``homebrew`` module utils (https://github.com/ansible-collections/community.general/issues/8323, https://github.com/ansible-collections/community.general/pull/8324).
- icinga2 inventory plugin - add Jinja2 templating support to ``url``, ``user``, and ``password`` paramenters (https://github.com/ansible-collections/community.general/issues/7074, https://github.com/ansible-collections/community.general/pull/7996).
- icinga2 inventory plugin - adds new parameter ``group_by_hostgroups`` in order to make grouping by Icinga2 hostgroups optional (https://github.com/ansible-collections/community.general/pull/7998).
- ini_file - add an optional parameter ``section_has_values``. If the target ini file contains more than one ``section``, use ``section_has_values`` to specify which one should be updated (https://github.com/ansible-collections/community.general/pull/7505).
- ini_file - support optional spaces between section names and their surrounding brackets (https://github.com/ansible-collections/community.general/pull/8075).
- installp - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- ipa_config - adds ``passkey`` choice to ``ipauserauthtype`` parameter's choices (https://github.com/ansible-collections/community.general/pull/7588).
- ipa_dnsrecord - adds ability to manage NS record types (https://github.com/ansible-collections/community.general/pull/7737).
- ipa_pwpolicy - refactor module and exchange a sequence ``if`` statements with a ``for`` loop (https://github.com/ansible-collections/community.general/pull/7723).
- ipa_pwpolicy - update module to support ``maxrepeat``, ``maxsequence``, ``dictcheck``, ``usercheck``, ``gracelimit`` parameters in FreeIPA password policies (https://github.com/ansible-collections/community.general/pull/7723).
- ipa_sudorule - adds options to include denied commands or command groups (https://github.com/ansible-collections/community.general/pull/7415).
- ipa_user - adds ``idp`` and ``passkey`` choice to ``ipauserauthtype`` parameter's choices (https://github.com/ansible-collections/community.general/pull/7589).
- irc - add ``validate_certs`` option, and rename ``use_ssl`` to ``use_tls``, while keeping ``use_ssl`` as an alias. The default value for ``validate_certs`` is ``false`` for backwards compatibility. We recommend to every user of this module to explicitly set ``use_tls=true`` and `validate_certs=true`` whenever possible, especially when communicating to IRC servers over the internet (https://github.com/ansible-collections/community.general/pull/7550).
- java_cert - add ``cert_content`` argument (https://github.com/ansible-collections/community.general/pull/8153).
- java_cert - enable ``owner``, ``group``, ``mode``, and other generic file arguments (https://github.com/ansible-collections/community.general/pull/8116).
- kernel_blacklist - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
- keycloak module utils - expose error message from Keycloak server for HTTP errors in some specific situations (https://github.com/ansible-collections/community.general/pull/7645).
- keycloak_client, keycloak_clientscope, keycloak_clienttemplate - added ``docker-v2`` protocol support, enhancing alignment with Keycloak's protocol options (https://github.com/ansible-collections/community.general/issues/8215, https://github.com/ansible-collections/community.general/pull/8216).
- keycloak_realm_key - the ``config.algorithm`` option now supports 8 additional key algorithms (https://github.com/ansible-collections/community.general/pull/7698).
- keycloak_realm_key - the ``config.certificate`` option value is no longer defined with ``no_log=True`` (https://github.com/ansible-collections/community.general/pull/7698).
- keycloak_realm_key - the ``provider_id`` option now supports RSA encryption key usage (value ``rsa-enc``) (https://github.com/ansible-collections/community.general/pull/7698).
- keycloak_user_federation - add option for ``krbPrincipalAttribute`` (https://github.com/ansible-collections/community.general/pull/7538).
- keycloak_user_federation - allow custom user storage providers to be set through ``provider_id`` (https://github.com/ansible-collections/community.general/pull/7789).
- ldap_attrs - module now supports diff mode, showing which attributes are changed within an operation (https://github.com/ansible-collections/community.general/pull/8073).
- lvg - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- lvol - change ``pvs`` argument type to list of strings (https://github.com/ansible-collections/community.general/pull/7676, https://github.com/ansible-collections/community.general/issues/7504).
- lvol - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- lxd connection plugin - tighten the detection logic for lxd ``Instance not found`` errors, to avoid false detection on unrelated errors such as ``/usr/bin/python3: not found`` (https://github.com/ansible-collections/community.general/pull/7521).
- lxd_container - uses ``/1.0/instances`` API endpoint, if available. Falls back to ``/1.0/containers`` or ``/1.0/virtual-machines``. Fixes issue when using Incus or LXD 5.19 due to migrating to ``/1.0/instances`` endpoint (https://github.com/ansible-collections/community.general/pull/7980).
- macports - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- mail - add ``Message-ID`` header; which is required by some mail servers (https://github.com/ansible-collections/community.general/pull/7740).
- mail module, mail callback plugin - allow to configure the domain name of the Message-ID header with a new ``message_id_domain`` option (https://github.com/ansible-collections/community.general/pull/7765).
- mssql_script - adds transactional (rollback/commit) support via optional boolean param ``transaction`` (https://github.com/ansible-collections/community.general/pull/7976).
- netcup_dns - adds support for record types ``OPENPGPKEY``, ``SMIMEA``, and ``SSHFP`` (https://github.com/ansible-collections/community.general/pull/7489).
- nmcli - add support for new connection type ``loopback`` (https://github.com/ansible-collections/community.general/issues/6572).
- nmcli - adds OpenvSwitch support with new ``type`` values ``ovs-port``, ``ovs-interface``, and ``ovs-bridge``, and new ``slave_type`` value ``ovs-port`` (https://github.com/ansible-collections/community.general/pull/8154).
- nmcli - allow for ``infiniband`` slaves of ``bond`` interface types (https://github.com/ansible-collections/community.general/pull/7569).
- nmcli - allow for the setting of ``MTU`` for ``infiniband`` and ``bond`` interface types (https://github.com/ansible-collections/community.general/pull/7499).
- nmcli - allow setting ``MTU`` for ``bond-slave`` interface types (https://github.com/ansible-collections/community.general/pull/8118).
- onepassword lookup plugin - support 1Password Connect with the opv2 client by setting the connect_host and connect_token parameters (https://github.com/ansible-collections/community.general/pull/7116).
- onepassword_raw lookup plugin - support 1Password Connect with the opv2 client by setting the connect_host and connect_token parameters (https://github.com/ansible-collections/community.general/pull/7116)
- opentelemetry - add support for HTTP trace_exporter and configures the behavior via ``OTEL_EXPORTER_OTLP_TRACES_PROTOCOL`` (https://github.com/ansible-collections/community.general/issues/7888, https://github.com/ansible-collections/community.general/pull/8321).
- opentelemetry - add support for exporting spans in a file via ``ANSIBLE_OPENTELEMETRY_STORE_SPANS_IN_FILE`` (https://github.com/ansible-collections/community.general/issues/7888, https://github.com/ansible-collections/community.general/pull/8363).
- opkg - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
- osx_defaults - add option ``check_types`` to enable changing the type of existing defaults on the fly (https://github.com/ansible-collections/community.general/pull/8173).
- parted - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- passwordstore - adds ``timestamp`` and ``preserve`` parameters to modify the stored password format (https://github.com/ansible-collections/community.general/pull/7426).
- passwordstore lookup - add ``missing_subkey`` parameter defining the behavior of the lookup when a passwordstore subkey is missing (https://github.com/ansible-collections/community.general/pull/8166).
- pipx - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
- pkg5 - add support for non-silent execution (https://github.com/ansible-collections/community.general/issues/8379, https://github.com/ansible-collections/community.general/pull/8382).
- pkgin - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- portage - adds the possibility to explicitely tell portage to write packages to world file (https://github.com/ansible-collections/community.general/issues/6226, https://github.com/ansible-collections/community.general/pull/8236).
- portinstall - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- proxmox - adds ``startup`` parameters to configure startup order, startup delay and shutdown delay (https://github.com/ansible-collections/community.general/pull/8038).
- proxmox - adds ``template`` value to the ``state`` parameter, allowing conversion of container to a template (https://github.com/ansible-collections/community.general/pull/7143).
- proxmox - adds ``update`` parameter, allowing update of an already existing containers configuration (https://github.com/ansible-collections/community.general/pull/7540).
- proxmox inventory plugin - adds an option to exclude nodes from the dynamic inventory generation. The new setting is optional, not using this option will behave as usual (https://github.com/ansible-collections/community.general/issues/6714, https://github.com/ansible-collections/community.general/pull/7461).
- proxmox* modules - there is now a ``community.general.proxmox`` module defaults group that can be used to set default options for all Proxmox modules (https://github.com/ansible-collections/community.general/pull/8334).
- proxmox_disk - add ability to manipulate CD-ROM drive (https://github.com/ansible-collections/community.general/pull/7495).
- proxmox_kvm - add parameter ``update_unsafe`` to avoid limitations when updating dangerous values (https://github.com/ansible-collections/community.general/pull/7843).
- proxmox_kvm - adds ``template`` value to the ``state`` parameter, allowing conversion of a VM to a template (https://github.com/ansible-collections/community.general/pull/7143).
- proxmox_kvm - adds``usb`` parameter for setting USB devices on proxmox KVM VMs (https://github.com/ansible-collections/community.general/pull/8199).
- proxmox_kvm - support the ``hookscript`` parameter (https://github.com/ansible-collections/community.general/issues/7600).
- proxmox_ostype - it is now possible to specify the ``ostype`` when creating an LXC container (https://github.com/ansible-collections/community.general/pull/7462).
- proxmox_vm_info - add ability to retrieve configuration info (https://github.com/ansible-collections/community.general/pull/7485).
- puppet - new feature to set ``--waitforlock`` option (https://github.com/ansible-collections/community.general/pull/8282).
- redfish_command - add command ``ResetToDefaults`` to reset manager to default state (https://github.com/ansible-collections/community.general/issues/8163).
- redfish_config - add command ``SetServiceIdentification`` to set service identification (https://github.com/ansible-collections/community.general/issues/7916).
- redfish_info - add boolean return value ``MultipartHttpPush`` to ``GetFirmwareUpdateCapabilities`` (https://github.com/ansible-collections/community.general/issues/8194, https://github.com/ansible-collections/community.general/pull/8195).
- redfish_info - add command ``GetServiceIdentification`` to get service identification (https://github.com/ansible-collections/community.general/issues/7882).
- redfish_info - adding the ``BootProgress`` property when getting ``Systems`` info (https://github.com/ansible-collections/community.general/pull/7626).
- revbitspss lookup plugin - removed a redundant unicode prefix. The prefix was not necessary for Python 3 and has been cleaned up to streamline the code (https://github.com/ansible-collections/community.general/pull/8087).
- rundeck module utils - allow to pass ``Content-Type`` to API requests (https://github.com/ansible-collections/community.general/pull/7684).
- slackpkg - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- ssh_config - adds ``controlmaster``, ``controlpath`` and ``controlpersist`` parameters (https://github.com/ansible-collections/community.general/pull/7456).
- ssh_config - allow ``accept-new`` as valid value for ``strict_host_key_checking`` (https://github.com/ansible-collections/community.general/pull/8257).
- ssh_config - new feature to set ``AddKeysToAgent`` option to ``yes`` or ``no`` (https://github.com/ansible-collections/community.general/pull/7703).
- ssh_config - new feature to set ``IdentitiesOnly`` option to ``yes`` or ``no`` (https://github.com/ansible-collections/community.general/pull/7704).
- sudoers - add support for the ``NOEXEC`` tag in sudoers rules (https://github.com/ansible-collections/community.general/pull/7983).
- svr4pkg - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- swdepot - refactor module to pass list of arguments to ``module.run_command()`` instead of relying on interpretation by a shell (https://github.com/ansible-collections/community.general/pull/8264).
- terraform - add support for ``diff_mode`` for terraform resource_changes (https://github.com/ansible-collections/community.general/pull/7896).
- terraform - fix ``diff_mode`` in state ``absent`` and when terraform ``resource_changes`` does not exist (https://github.com/ansible-collections/community.general/pull/7963).
- xcc_redfish_command - added support for raw POSTs (``command=PostResource`` in ``category=Raw``) without a specific action info (https://github.com/ansible-collections/community.general/pull/7746).
- xfconf - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
- xfconf_info - use ``ModuleHelper`` with ``VarDict`` (https://github.com/ansible-collections/community.general/pull/8226).
Breaking Changes / Porting Guide
--------------------------------
- cpanm - the default of the ``mode`` option changed from ``compatibility`` to ``new`` (https://github.com/ansible-collections/community.general/pull/8198).
- django_manage - the module now requires Django >= 4.1 (https://github.com/ansible-collections/community.general/pull/8198).
- django_manage - the module will now fail if ``virtualenv`` is specified but no virtual environment exists at that location (https://github.com/ansible-collections/community.general/pull/8198).
- redfish_command, redfish_config, redfish_info - change the default for ``timeout`` from 10 to 60 (https://github.com/ansible-collections/community.general/pull/8198).
Deprecated Features
-------------------
- MH DependencyCtxMgr module_utils - deprecate ``module_utils.mh.mixin.deps.DependencyCtxMgr`` in favour of ``module_utils.deps`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.AnsibleModule`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.DependencyCtxMgr`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.StateMixin`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.VarDict,`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.VarMeta`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate ``plugins.module_utils.module_helper.VarsMixin`` (https://github.com/ansible-collections/community.general/pull/8280).
- ModuleHelper module_utils - deprecate use of ``VarsMixin`` in favor of using the ``VardDict`` module_utils (https://github.com/ansible-collections/community.general/pull/8226).
- ModuleHelper vars module_utils - bump deprecation of ``VarMeta``, ``VarDict`` and ``VarsMixin`` to version 11.0.0 (https://github.com/ansible-collections/community.general/pull/8226).
- apt_rpm - the behavior of ``state=present`` and ``state=installed`` is deprecated and will change in community.general 11.0.0. Right now the module will upgrade a package to the latest version if one of these two states is used. You should explicitly use ``state=latest`` if you want this behavior, and switch to ``state=present_not_latest`` if you do not want to upgrade the package if it is already installed. In community.general 11.0.0 the behavior of ``state=present`` and ``state=installed`` will change to that of ``state=present_not_latest`` (https://github.com/ansible-collections/community.general/issues/8217, https://github.com/ansible-collections/community.general/pull/8285).
- consul_acl - the module has been deprecated and will be removed in community.general 10.0.0. ``consul_token`` and ``consul_policy`` can be used instead (https://github.com/ansible-collections/community.general/pull/7901).
- django_manage - the ``ack_venv_creation_deprecation`` option has no more effect and will be removed from community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/8198).
- gitlab modules - the basic auth method on GitLab API have been deprecated and will be removed in community.general 10.0.0 (https://github.com/ansible-collections/community.general/pull/8383).
- hipchat callback plugin - the hipchat service has been discontinued and the self-hosted variant has been End of Life since 2020. The callback plugin is therefore deprecated and will be removed from community.general 10.0.0 if nobody provides compelling reasons to still keep it (https://github.com/ansible-collections/community.general/issues/8184, https://github.com/ansible-collections/community.general/pull/8189).
- irc - the defaults ``false`` for ``use_tls`` and ``validate_certs`` have been deprecated and will change to ``true`` in community.general 10.0.0 to improve security. You can already improve security now by explicitly setting them to ``true``. Specifying values now disables the deprecation warning (https://github.com/ansible-collections/community.general/pull/7578).
Removed Features (previously deprecated)
----------------------------------------
- The deprecated redirects for internal module names have been removed. These internal redirects were extra-long FQCNs like ``community.general.packaging.os.apt_rpm`` that redirect to the short FQCN ``community.general.apt_rpm``. They were originally needed to implement flatmapping; as various tooling started to recommend users to use the long names flatmapping was removed from the collection and redirects were added for users who already followed these incorrect recommendations (https://github.com/ansible-collections/community.general/pull/7835).
- ansible_galaxy_install - the ``ack_ansible29`` and ``ack_min_ansiblecore211`` options have been removed. They no longer had any effect (https://github.com/ansible-collections/community.general/pull/8198).
- cloudflare_dns - remove support for SPF records. These are no longer supported by CloudFlare (https://github.com/ansible-collections/community.general/pull/7782).
- django_manage - support for the ``command`` values ``cleanup``, ``syncdb``, and ``validate`` were removed. Use ``clearsessions``, ``migrate``, and ``check`` instead, respectively (https://github.com/ansible-collections/community.general/pull/8198).
- flowdock - this module relied on HTTPS APIs that do not exist anymore and was thus removed (https://github.com/ansible-collections/community.general/pull/8198).
- mh.mixins.deps module utils - the ``DependencyMixin`` has been removed. Use the ``deps`` module utils instead (https://github.com/ansible-collections/community.general/pull/8198).
- proxmox - the ``proxmox_default_behavior`` option has been removed (https://github.com/ansible-collections/community.general/pull/8198).
- rax* modules, rax module utils, rax docs fragment - the Rackspace modules relied on the deprecated package ``pyrax`` and were thus removed (https://github.com/ansible-collections/community.general/pull/8198).
- redhat module utils - the classes ``Rhsm``, ``RhsmPool``, and ``RhsmPools`` have been removed (https://github.com/ansible-collections/community.general/pull/8198).
- redhat_subscription - the alias ``autosubscribe`` of the ``auto_attach`` option was removed (https://github.com/ansible-collections/community.general/pull/8198).
- stackdriver - this module relied on HTTPS APIs that do not exist anymore and was thus removed (https://github.com/ansible-collections/community.general/pull/8198).
- webfaction_* modules - these modules relied on HTTPS APIs that do not exist anymore and were thus removed (https://github.com/ansible-collections/community.general/pull/8198).
Security Fixes
--------------
- cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin - make sure all data received from the remote servers is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.general/pull/8098).
- keycloak_identity_provider - the client secret was not correctly sanitized by the module. The return values ``proposed``, ``existing``, and ``end_state``, as well as the diff, did contain the client secret unmasked (https://github.com/ansible-collections/community.general/pull/8355).
Bugfix release for inclusion in Ansible 9.0.0rc1.
Bugfixes
--------
- ocapi_utils, oci_utils, redfish_utils module utils - replace ``type()`` calls with ``isinstance()`` calls (https://github.com/ansible-collections/community.general/pull/7501).
- pipx module utils - change the CLI argument formatter for the ``pip_args`` parameter (https://github.com/ansible-collections/community.general/issues/7497, https://github.com/ansible-collections/community.general/pull/7506).
v8.0.1
======
Release Summary
---------------
Bugfix release for inclusion in Ansible 9.0.0b1.
Bugfixes
--------
- aix_filesystem - fix ``_validate_vg`` not passing VG name to ``lsvg_cmd`` (https://github.com/ansible-collections/community.general/issues/8151).
- aix_filesystem - fix issue with empty list items in crfs logic and option order (https://github.com/ansible-collections/community.general/pull/8052).
- apt-rpm - the module did not upgrade packages if a newer version exists. Now the package will be reinstalled if the candidate is newer than the installed version (https://github.com/ansible-collections/community.general/issues/7414).
- apt_rpm - when checking whether packages were installed after running ``apt-get -y install <packages>``, only the last package name was checked (https://github.com/ansible-collections/community.general/pull/8263).
- bitwarden_secrets_manager lookup plugin - implements retry with exponential backoff to avoid lookup errors when Bitwardn's API rate limiting is encountered (https://github.com/ansible-collections/community.general/issues/8230, https://github.com/ansible-collections/community.general/pull/8238).
- cargo - fix idempotency issues when using a custom installation path for packages (using the ``--path`` parameter). The initial installation runs fine, but subsequent runs use the ``get_installed()`` function which did not check the given installation location, before running ``cargo install``. This resulted in a false ``changed`` state. Also the removal of packeges using ``state: absent`` failed, as the installation check did not use the given parameter (https://github.com/ansible-collections/community.general/pull/7970).
- cloudflare_dns - fix Cloudflare lookup of SHFP records (https://github.com/ansible-collections/community.general/issues/7652).
- consul_token - fix token creation without ``accessor_id`` (https://github.com/ansible-collections/community.general/pull/8091).
- from_ini filter plugin - disabling interpolation of ``ConfigParser`` to allow converting values with a ``%`` sign (https://github.com/ansible-collections/community.general/issues/8183, https://github.com/ansible-collections/community.general/pull/8185).
- gitlab_group_members - fix gitlab constants call in ``gitlab_group_members`` module (https://github.com/ansible-collections/community.general/issues/7467).
- gitlab_issue - fix behavior to search GitLab issue, using ``search`` keyword instead of ``title`` (https://github.com/ansible-collections/community.general/issues/7846).
- gitlab_issue, gitlab_label, gitlab_milestone - avoid crash during version comparison when the python-gitlab Python module is not installed (https://github.com/ansible-collections/community.general/pull/8158).
- gitlab_project_members - fix gitlab constants call in ``gitlab_project_members`` module (https://github.com/ansible-collections/community.general/issues/7467).
- gitlab_protected_branches - fix gitlab constants call in ``gitlab_protected_branches`` module (https://github.com/ansible-collections/community.general/issues/7467).
- gitlab_runner - fix pagination when checking for existing runners (https://github.com/ansible-collections/community.general/pull/7790).
- gitlab_user - fix gitlab constants call in ``gitlab_user`` module (https://github.com/ansible-collections/community.general/issues/7467).
- haproxy - fix an issue where HAProxy could get stuck in DRAIN mode when the backend was unreachable (https://github.com/ansible-collections/community.general/issues/8092).
- homebrew - detect already installed formulae and casks using JSON output from ``brew info`` (https://github.com/ansible-collections/community.general/issues/864).
- homebrew - error returned from brew command was ignored and tried to parse empty JSON. Fix now checks for an error and raises it to give accurate error message to users (https://github.com/ansible-collections/community.general/issues/8047).
- incus connection plugin - treats ``inventory_hostname`` as a variable instead of a literal in remote connections (https://github.com/ansible-collections/community.general/issues/7874).
- interface_files - also consider ``address_family`` when changing ``option=method`` (https://github.com/ansible-collections/community.general/issues/7610, https://github.com/ansible-collections/community.general/pull/7612).
- inventory plugins - add unsafe wrapper to avoid marking strings that do not contain ``{`` or ``}`` as unsafe, to work around a bug in AWX ((https://github.com/ansible-collections/community.general/issues/8212, https://github.com/ansible-collections/community.general/pull/8225).
- ipa - fix get version regex in IPA module_utils (https://github.com/ansible-collections/community.general/pull/8175).
- ipa_hbacrule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
- ipa_otptoken - the module expect ``ipatokendisabled`` as string but the ``ipatokendisabled`` value is returned as a boolean (https://github.com/ansible-collections/community.general/pull/7795).
- ipa_sudorule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
- iptables_state - fix idempotency issues when restoring incomplete iptables dumps (https://github.com/ansible-collections/community.general/issues/8029).
- irc - replace ``ssl.wrap_socket`` that was removed from Python 3.12 with code for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
- keycloak_* - fix Keycloak API client to quote ``/`` properly (https://github.com/ansible-collections/community.general/pull/7641).
- keycloak_authz_permission - resource payload variable for scope-based permission was constructed as a string, when it needs to be a list, even for a single item (https://github.com/ansible-collections/community.general/issues/7151).
- keycloak_client - add sorted ``defaultClientScopes`` and ``optionalClientScopes`` to normalizations (https://github.com/ansible-collections/community.general/pull/8223).
- keycloak_client - fixes issue when metadata is provided in desired state when task is in check mode (https://github.com/ansible-collections/community.general/issues/1226, https://github.com/ansible-collections/community.general/pull/7881).
- keycloak_identity_provider - ``mappers`` processing was not idempotent if the mappers configuration list had not been sorted by name (in ascending order). Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state (https://github.com/ansible-collections/community.general/pull/7418).
- keycloak_identity_provider - it was not possible to reconfigure (add, remove) ``mappers`` once they were created initially. Removal was ignored, adding new ones resulted in dropping the pre-existing unmodified mappers. Fix resolves the issue by supplying correct input to the internal update call (https://github.com/ansible-collections/community.general/pull/7418).
- keycloak_realm - add normalizations for ``enabledEventTypes`` and ``supportedLocales`` (https://github.com/ansible-collections/community.general/pull/8224).
- keycloak_user - when ``force`` is set, but user does not exist, do not try to delete it (https://github.com/ansible-collections/community.general/pull/7696).
- keycloak_user_federation - fix diff of empty ``krbPrincipalAttribute`` (https://github.com/ansible-collections/community.general/pull/8320).
- ldap - previously the order number (if present) was expected to follow an equals sign in the DN. This makes it so the order number string is identified correctly anywhere within the DN (https://github.com/ansible-collections/community.general/issues/7646).
- linode inventory plugin - add descriptive error message for linode inventory plugin (https://github.com/ansible-collections/community.general/pull/8133).
- log_entries callback plugin - replace ``ssl.wrap_socket`` that was removed from Python 3.12 with code for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
- lvol - test for output messages in both ``stdout`` and ``stderr`` (https://github.com/ansible-collections/community.general/pull/7601, https://github.com/ansible-collections/community.general/issues/7182).
- merge_variables lookup plugin - fixing cross host merge: providing access to foreign hosts variables to the perspective of the host that is performing the merge (https://github.com/ansible-collections/community.general/pull/8303).
- modprobe - listing modules files or modprobe files could trigger a FileNotFoundError if ``/etc/modprobe.d`` or ``/etc/modules-load.d`` did not exist. Relevant functions now return empty lists if the directories do not exist to avoid crashing the module (https://github.com/ansible-collections/community.general/issues/7717).
- mssql_script - make the module work with Python 2 (https://github.com/ansible-collections/community.general/issues/7818, https://github.com/ansible-collections/community.general/pull/7821).
- nmcli - fix ``connection.slave-type`` wired to ``bond`` and not with parameter ``slave_type`` in case of connection type ``wifi`` (https://github.com/ansible-collections/community.general/issues/7389).
- ocapi_utils, oci_utils, redfish_utils module utils - replace ``type()`` calls with ``isinstance()`` calls (https://github.com/ansible-collections/community.general/pull/7501).
- onepassword lookup plugin - failed for fields that were in sections and had uppercase letters in the label/ID. Field lookups are now case insensitive in all cases (https://github.com/ansible-collections/community.general/pull/7919).
- onepassword lookup plugin - field and section titles are now case insensitive when using op CLI version two or later. This matches the behavior of version one (https://github.com/ansible-collections/community.general/pull/7564).
- opentelemetry callback plugin - close spans always (https://github.com/ansible-collections/community.general/pull/8367).
- opentelemetry callback plugin - honour the ``disable_logs`` option to avoid storing task results since they are not used regardless (https://github.com/ansible-collections/community.general/pull/8373).
- pacemaker_cluster - actually implement check mode, which the module claims to support. This means that until now the module also did changes in check mode (https://github.com/ansible-collections/community.general/pull/8081).
- pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057).
- pipx module utils - change the CLI argument formatter for the ``pip_args`` parameter (https://github.com/ansible-collections/community.general/issues/7497, https://github.com/ansible-collections/community.general/pull/7506).
- pkgin - pkgin (pkgsrc package manager used by SmartOS) raises erratic exceptions and spurious ``changed=true`` (https://github.com/ansible-collections/community.general/pull/7971).
- proxmox - fix updating a container config if the setting does not already exist (https://github.com/ansible-collections/community.general/pull/7872).
- proxmox_kvm - fixed status check getting from node-specific API endpoint (https://github.com/ansible-collections/community.general/issues/7817).
- proxmox_kvm - running ``state=template`` will first check whether VM is already a template (https://github.com/ansible-collections/community.general/pull/7792).
- proxmox_pool_member - absent state for type VM did not delete VMs from the pools (https://github.com/ansible-collections/community.general/pull/7464).
- puppet - add option ``environment_lang`` to set the environment language encoding. Defaults to lang ``C``. It is recommended to set it to ``C.UTF-8`` or ``en_US.UTF-8`` depending on what is available on your system. (https://github.com/ansible-collections/community.general/issues/8000)
- redfish_command - fix usage of message parsing in ``SimpleUpdate`` and ``MultipartHTTPPushUpdate`` commands to treat the lack of a ``MessageId`` as no message (https://github.com/ansible-collections/community.general/issues/7465, https://github.com/ansible-collections/community.general/pull/7471).
- redfish_info - allow for a GET operation invoked by ``GetUpdateStatus`` to allow for an empty response body for cases where a service returns 204 No Content (https://github.com/ansible-collections/community.general/issues/8003).
- redfish_info - correct uncaught exception when attempting to retrieve ``Chassis`` information (https://github.com/ansible-collections/community.general/pull/7952).
- redhat_subscription - use the D-Bus registration on RHEL 7 only on 7.4 and
greater; older versions of RHEL 7 do not have it
(https://github.com/ansible-collections/community.general/issues/7622,
https://github.com/ansible-collections/community.general/pull/7624).
- riak - support ``riak admin`` sub-command in newer Riak KV versions beside the legacy ``riak-admin`` main command (https://github.com/ansible-collections/community.general/pull/8211).
- statusio_maintenance - fix error caused by incorrectly formed API data payload. Was raising "Failed to create maintenance HTTP Error 400 Bad Request" caused by bad data type for date/time and deprecated dict keys (https://github.com/ansible-collections/community.general/pull/7754).
- terraform - fix multiline string handling in complex variables (https://github.com/ansible-collections/community.general/pull/7535).
- to_ini filter plugin - disabling interpolation of ``ConfigParser`` to allow converting values with a ``%`` sign (https://github.com/ansible-collections/community.general/issues/8183, https://github.com/ansible-collections/community.general/pull/8185).
- xml - make module work with lxml 5.1.1, which removed some internals that the module was relying on (https://github.com/ansible-collections/community.general/pull/8169).
v8.0.0
======
Release Summary
---------------
This is release 8.0.0 of ``community.general``, released on 2023-11-01.
Minor Changes
-------------
- The collection will start using semantic markup (https://github.com/ansible-collections/community.general/pull/6539).
- VarDict module utils - add method ``VarDict.as_dict()`` to convert to a plain ``dict`` object (https://github.com/ansible-collections/community.general/pull/6602).
- apt_rpm - extract package name from local ``.rpm`` path when verifying
installation success. Allows installing packages from local ``.rpm`` files
(https://github.com/ansible-collections/community.general/pull/7396).
- cargo - add option ``executable``, which allows user to specify path to the cargo binary (https://github.com/ansible-collections/community.general/pull/7352).
- cargo - add option ``locked`` which allows user to specify install the locked version of dependency instead of latest compatible version (https://github.com/ansible-collections/community.general/pull/6134).
- chroot connection plugin - add ``disable_root_check`` option (https://github.com/ansible-collections/community.general/pull/7099).
- cloudflare_dns - add CAA record support (https://github.com/ansible-collections/community.general/pull/7399).
- cobbler inventory plugin - add ``exclude_mgmt_classes`` and ``include_mgmt_classes`` options to exclude or include hosts based on management classes (https://github.com/ansible-collections/community.general/pull/7184).
- cobbler inventory plugin - add ``inventory_hostname`` option to allow using the system name for the inventory hostname (https://github.com/ansible-collections/community.general/pull/6502).
- cobbler inventory plugin - add ``want_ip_addresses`` option to collect all interface DNS name to IP address mapping (https://github.com/ansible-collections/community.general/pull/6711).
- cobbler inventory plugin - add primary IP addess to ``cobbler_ipv4_address`` and IPv6 address to ``cobbler_ipv6_address`` host variable (https://github.com/ansible-collections/community.general/pull/6711).
- cobbler inventory plugin - add warning for systems with empty profiles (https://github.com/ansible-collections/community.general/pull/6502).
- cobbler inventory plugin - convert Ansible unicode strings to native Python unicode strings before passing user/password to XMLRPC client (https://github.com/ansible-collections/community.general/pull/6923).
- consul_session - drops requirement for the ``python-consul`` library to communicate with the Consul API, instead relying on the existing ``requests`` library requirement (https://github.com/ansible-collections/community.general/pull/6755).
- copr - respawn module to use the system python interpreter when the ``dnf`` python module is not available in ``ansible_python_interpreter`` (https://github.com/ansible-collections/community.general/pull/6522).
- cpanm - minor refactor when creating the ``CmdRunner`` object (https://github.com/ansible-collections/community.general/pull/7231).
- datadog_monitor - adds ``notification_preset_name``, ``renotify_occurrences`` and ``renotify_statuses`` parameters (https://github.com/ansible-collections/community.general/issues/6521,https://github.com/ansible-collections/community.general/issues/5823).
- dig lookup plugin - add TCP option to enable the use of TCP connection during DNS lookup (https://github.com/ansible-collections/community.general/pull/7343).
- ejabberd_user - module now using ``CmdRunner`` to execute external command (https://github.com/ansible-collections/community.general/pull/7075).
- filesystem - add ``uuid`` parameter for UUID change feature (https://github.com/ansible-collections/community.general/pull/6680).
- gitlab_group - add option ``force_delete`` (default: false) which allows delete group even if projects exists in it (https://github.com/ansible-collections/community.general/pull/7364).
- gitlab_group_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
- gitlab_project_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
- gitlab_project_variable - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6928).
- gitlab_runner - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6927).
- htpasswd - minor code improvements in the module (https://github.com/ansible-collections/community.general/pull/6901).
- htpasswd - the parameter ``crypt_scheme`` is being renamed as ``hash_scheme`` and added as an alias to it (https://github.com/ansible-collections/community.general/pull/6841).
- icinga2_host - the ``ip`` option is no longer required, since Icinga 2 allows for an empty address attribute (https://github.com/ansible-collections/community.general/pull/7452).
- ini_file - add ``ignore_spaces`` option (https://github.com/ansible-collections/community.general/pull/7273).
- ini_file - add ``modify_inactive_option`` option (https://github.com/ansible-collections/community.general/pull/7401).
- ipa_config - add module parameters to manage FreeIPA user and group objectclasses (https://github.com/ansible-collections/community.general/pull/7019).
- ipa_config - adds ``idp`` choice to ``ipauserauthtype`` parameter's choices (https://github.com/ansible-collections/community.general/pull/7051).
- jenkins_build - add new ``detach`` option, which allows the module to exit successfully as long as the build is created (default functionality is still waiting for the build to end before exiting) (https://github.com/ansible-collections/community.general/pull/7204).
- jenkins_build - add new ``time_between_checks`` option, which allows to configure the wait time between requests to the Jenkins server (https://github.com/ansible-collections/community.general/pull/7204).
- keycloak_authentication - added provider ID choices, since Keycloak supports only those two specific ones (https://github.com/ansible-collections/community.general/pull/6763).
- keycloak_client_rolemapping - adds support for subgroups with additional parameter ``parents`` (https://github.com/ansible-collections/community.general/pull/6687).
- keycloak_role - add composite roles support for realm and client roles (https://github.com/ansible-collections/community.general/pull/6469).
- keyring - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6927).
- ldap_* - add new arguments ``client_cert`` and ``client_key`` to the LDAP modules in order to allow certificate authentication (https://github.com/ansible-collections/community.general/pull/6668).
- ldap_search - add a new ``page_size`` option to enable paged searches (https://github.com/ansible-collections/community.general/pull/6648).
- locale_gen - module has been refactored to use ``ModuleHelper`` and ``CmdRunner`` (https://github.com/ansible-collections/community.general/pull/6903).
- locale_gen - module now using ``CmdRunner`` to execute external commands (https://github.com/ansible-collections/community.general/pull/6820).
- lvg - add ``active`` and ``inactive`` values to the ``state`` option for active state management feature (https://github.com/ansible-collections/community.general/pull/6682).
- lvg - add ``reset_vg_uuid``, ``reset_pv_uuid`` options for UUID reset feature (https://github.com/ansible-collections/community.general/pull/6682).
- lxc connection plugin - properly handle a change of the ``remote_addr`` option (https://github.com/ansible-collections/community.general/pull/7373).
- lxd connection plugin - automatically translate ``remote_addr`` from FQDN to (short) hostname (https://github.com/ansible-collections/community.general/pull/7360).
- lxd connection plugin - update error parsing to work with newer messages mentioning instances (https://github.com/ansible-collections/community.general/pull/7360).
- lxd inventory plugin - add ``server_cert`` option for trust anchor to use for TLS verification of server certificates (https://github.com/ansible-collections/community.general/pull/7392).
- lxd inventory plugin - add ``server_check_hostname`` option to disable hostname verification of server certificates (https://github.com/ansible-collections/community.general/pull/7392).
- make - add new ``targets`` parameter allowing multiple targets to be used with ``make`` (https://github.com/ansible-collections/community.general/pull/6882, https://github.com/ansible-collections/community.general/issues/4919).
- make - allows ``params`` to be used without value (https://github.com/ansible-collections/community.general/pull/7180).
- mas - disable sign-in check for macOS 12+ as ``mas account`` is non-functional (https://github.com/ansible-collections/community.general/pull/6520).
- newrelic_deployment - add option ``app_name_exact_match``, which filters results for the exact app_name provided (https://github.com/ansible-collections/community.general/pull/7355).
- nmap inventory plugin - now has a ``use_arp_ping`` option to allow the user to disable the default ARP ping query for a more reliable form (https://github.com/ansible-collections/community.general/pull/7119).
- nmcli - add support for ``ipv4.dns-options`` and ``ipv6.dns-options`` (https://github.com/ansible-collections/community.general/pull/6902).
- nomad_job, nomad_job_info - add ``port`` parameter (https://github.com/ansible-collections/community.general/pull/7412).
- npm - minor improvement on parameter validation (https://github.com/ansible-collections/community.general/pull/6848).
- npm - module now using ``CmdRunner`` to execute external commands (https://github.com/ansible-collections/community.general/pull/6989).
- onepassword lookup plugin - add service account support (https://github.com/ansible-collections/community.general/issues/6635, https://github.com/ansible-collections/community.general/pull/6660).
- onepassword lookup plugin - introduce ``account_id`` option which allows specifying which account to use (https://github.com/ansible-collections/community.general/pull/7308).
- onepassword_raw lookup plugin - add service account support (https://github.com/ansible-collections/community.general/issues/6635, https://github.com/ansible-collections/community.general/pull/6660).
- onepassword_raw lookup plugin - introduce ``account_id`` option which allows specifying which account to use (https://github.com/ansible-collections/community.general/pull/7308).
- opentelemetry callback plugin - add span attributes in the span event (https://github.com/ansible-collections/community.general/pull/6531).
- opkg - add ``executable`` parameter allowing to specify the path of the ``opkg`` command (https://github.com/ansible-collections/community.general/pull/6862).
- opkg - remove default value ``""`` for parameter ``force`` as it causes the same behaviour of not having that parameter (https://github.com/ansible-collections/community.general/pull/6513).
- pagerduty - adds in option to use v2 API for creating pagerduty incidents (https://github.com/ansible-collections/community.general/issues/6151)
- parted - on resize, use ``--fix`` option if available (https://github.com/ansible-collections/community.general/pull/7304).
- pnpm - set correct version when state is latest or version is not mentioned. Resolves previous idempotency problem (https://github.com/ansible-collections/community.general/pull/7339).
- pritunl module utils - ensure ``validate_certs`` parameter is honoured in all methods (https://github.com/ansible-collections/community.general/pull/7156).
- proxmox - add ``vmid`` (and ``taskid`` when possible) to return values (https://github.com/ansible-collections/community.general/pull/7263).
- proxmox - support ``timezone`` parameter at container creation (https://github.com/ansible-collections/community.general/pull/6510).
- proxmox inventory plugin - add composite variables support for Proxmox nodes (https://github.com/ansible-collections/community.general/issues/6640).
- proxmox_kvm - added support for ``tpmstate0`` parameter to configure TPM (Trusted Platform Module) disk. TPM is required for Windows 11 installations (https://github.com/ansible-collections/community.general/pull/6533).
- proxmox_kvm - enabled force restart of VM, bringing the ``force`` parameter functionality in line with what is described in the docs (https://github.com/ansible-collections/community.general/pull/6914).
- proxmox_kvm - re-use ``timeout`` module param to forcefully shutdown a virtual machine when ``state`` is ``stopped`` (https://github.com/ansible-collections/community.general/issues/6257).
- proxmox_snap - add ``retention`` parameter to delete old snapshots (https://github.com/ansible-collections/community.general/pull/6576).
- proxmox_vm_info - ``node`` parameter is no longer required. Information can be obtained for the whole cluster (https://github.com/ansible-collections/community.general/pull/6976).
- proxmox_vm_info - non-existing provided by name/vmid VM would return empty results instead of failing (https://github.com/ansible-collections/community.general/pull/7049).
- pubnub_blocks - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6928).
- random_string - added new ``ignore_similar_chars`` and ``similar_chars`` option to ignore certain chars (https://github.com/ansible-collections/community.general/pull/7242).
- redfish_command - add ``MultipartHTTPPushUpdate`` command (https://github.com/ansible-collections/community.general/issues/6471, https://github.com/ansible-collections/community.general/pull/6612).
- redfish_command - add ``account_types`` and ``oem_account_types`` as optional inputs to ``AddUser`` (https://github.com/ansible-collections/community.general/issues/6823, https://github.com/ansible-collections/community.general/pull/6871).
- redfish_command - add new option ``update_oem_params`` for the ``MultipartHTTPPushUpdate`` command (https://github.com/ansible-collections/community.general/issues/7331).
- redfish_config - add ``CreateVolume`` command to allow creation of volumes on servers (https://github.com/ansible-collections/community.general/pull/6813).
- redfish_config - add ``DeleteAllVolumes`` command to allow deletion of all volumes on servers (https://github.com/ansible-collections/community.general/pull/6814).
- redfish_config - adding ``SetSecureBoot`` command (https://github.com/ansible-collections/community.general/pull/7129).
- redfish_info - add ``AccountTypes`` and ``OEMAccountTypes`` to the output of ``ListUsers`` (https://github.com/ansible-collections/community.general/issues/6823, https://github.com/ansible-collections/community.general/pull/6871).
- redfish_info - add support for ``GetBiosRegistries`` command (https://github.com/ansible-collections/community.general/pull/7144).
- redfish_info - adds ``LinkStatus`` to NIC inventory (https://github.com/ansible-collections/community.general/pull/7318).
- redfish_info - adds ``ProcessorArchitecture`` to CPU inventory (https://github.com/ansible-collections/community.general/pull/6864).
- redfish_info - fix for ``GetVolumeInventory``, Controller name was getting populated incorrectly and duplicates were seen in the volumes retrieved (https://github.com/ansible-collections/community.general/pull/6719).
- redfish_info - report ``Id`` in the output of ``GetManagerInventory`` (https://github.com/ansible-collections/community.general/pull/7140).
- redfish_utils - use ``Controllers`` key in redfish data to obtain Storage controllers properties (https://github.com/ansible-collections/community.general/pull/7081).
- redfish_utils module utils - add support for ``PowerCycle`` reset type for ``redfish_command`` responses feature (https://github.com/ansible-collections/community.general/issues/7083).
- redfish_utils module utils - add support for following ``@odata.nextLink`` pagination in ``software_inventory`` responses feature (https://github.com/ansible-collections/community.general/pull/7020).
- redfish_utils module utils - support ``Volumes`` in response for ``GetDiskInventory`` (https://github.com/ansible-collections/community.general/pull/6819).
- redhat_subscription - the internal ``RegistrationBase`` class was folded
into the other internal ``Rhsm`` class, as the separation had no purpose
anymore
(https://github.com/ansible-collections/community.general/pull/6658).
- redis_info - refactor the redis_info module to use the redis module_utils enabling to pass TLS parameters to the Redis client (https://github.com/ansible-collections/community.general/pull/7267).
- rhsm_release - improve/harden the way ``subscription-manager`` is run;
no behaviour change is expected
(https://github.com/ansible-collections/community.general/pull/6669).
- rhsm_repository - the interaction with ``subscription-manager`` was
refactored by grouping things together, removing unused bits, and hardening
the way it is run; also, the parsing of ``subscription-manager repos --list``
was improved and made slightly faster; no behaviour change is expected
(https://github.com/ansible-collections/community.general/pull/6783,
https://github.com/ansible-collections/community.general/pull/6837).
- scaleway_security_group_rule - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6928).
- shutdown - use ``shutdown -p ...`` with FreeBSD to halt and power off machine (https://github.com/ansible-collections/community.general/pull/7102).
- snap - add option ``dangerous`` to the module, that will map into the command line argument ``--dangerous``, allowing unsigned snap files to be installed (https://github.com/ansible-collections/community.general/pull/6908, https://github.com/ansible-collections/community.general/issues/5715).
- snap - module is now aware of channel when deciding whether to install or refresh the snap (https://github.com/ansible-collections/community.general/pull/6435, https://github.com/ansible-collections/community.general/issues/1606).
- sorcery - add grimoire (repository) management support (https://github.com/ansible-collections/community.general/pull/7012).
- sorcery - minor refactor (https://github.com/ansible-collections/community.general/pull/6525).
- supervisorctl - allow to stop matching running processes before removing them with ``stop_before_removing=true`` (https://github.com/ansible-collections/community.general/pull/7284).
- tss lookup plugin - allow to fetch secret IDs which are in a folder based on folder ID. Previously, we could not fetch secrets based on folder ID but now use ``fetch_secret_ids_from_folder`` option to indicate to fetch secret IDs based on folder ID (https://github.com/ansible-collections/community.general/issues/6223).
- tss lookup plugin - allow to fetch secret by path. Previously, we could not fetch secret by path but now use ``secret_path`` option to indicate to fetch secret by secret path (https://github.com/ansible-collections/community.general/pull/6881).
- unixy callback plugin - add support for ``check_mode_markers`` option (https://github.com/ansible-collections/community.general/pull/7179).
- vardict module utils - added convenience methods to ``VarDict`` (https://github.com/ansible-collections/community.general/pull/6647).
- xenserver_guest_info - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6928).
- xenserver_guest_powerstate - minor refactor removing unnecessary code statements (https://github.com/ansible-collections/community.general/pull/6928).
- yum_versionlock - add support to pin specific package versions instead of only the package itself (https://github.com/ansible-collections/community.general/pull/6861, https://github.com/ansible-collections/community.general/issues/4470).
Breaking Changes / Porting Guide
--------------------------------
- collection_version lookup plugin - remove compatibility code for ansible-base 2.10 and ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/7269).
- gitlab_project - add ``default_branch`` support for project update. If you used the module so far with ``default_branch`` to update a project, the value of ``default_branch`` was ignored. Make sure that you either do not pass a value if you are not sure whether it is the one you want to have to avoid unexpected breaking changes (https://github.com/ansible-collections/community.general/pull/7158).
- selective callback plugin - remove compatibility code for Ansible 2.9 and ansible-core 2.10 (https://github.com/ansible-collections/community.general/pull/7269).
- vardict module utils - ``VarDict`` will no longer accept variables named ``_var``, ``get_meta``, and ``as_dict`` (https://github.com/ansible-collections/community.general/pull/6647).
- version module util - remove fallback for ansible-core 2.11. All modules and plugins that do version collections no longer work with ansible-core 2.11 (https://github.com/ansible-collections/community.general/pull/7269).
Deprecated Features
-------------------
- CmdRunner module utils - deprecate ``cmd_runner_fmt.as_default_type()`` formatter (https://github.com/ansible-collections/community.general/pull/6601).
- MH VarsMixin module utils - deprecates ``VarsMixin`` and supporting classes in favor of plain ``vardict`` module util (https://github.com/ansible-collections/community.general/pull/6649).
- ansible_galaxy_install - the ``ack_ansible29`` and ``ack_min_ansiblecore211`` options have been deprecated and will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/7358).
- consul - the ``ack_params_state_absent`` option has been deprecated and will be removed in community.general 10.0.0 (https://github.com/ansible-collections/community.general/pull/7358).
- cpanm - value ``compatibility`` is deprecated as default for parameter ``mode`` (https://github.com/ansible-collections/community.general/pull/6512).
- ejabberd_user - deprecate the parameter ``logging`` in favour of producing more detailed information in the module output (https://github.com/ansible-collections/community.general/pull/7043).
- flowdock - module relies entirely on no longer responsive API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6930).
- proxmox - old feature flag ``proxmox_default_behavior`` will be removed in community.general 10.0.0 (https://github.com/ansible-collections/community.general/pull/6836).
- proxmox_kvm - deprecate the option ``proxmox_default_behavior`` (https://github.com/ansible-collections/community.general/pull/7377).
- redfish_info, redfish_config, redfish_command - the default value ``10`` for the ``timeout`` option is deprecated and will change to ``60`` in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/7295).
- redhat module utils - the ``module_utils.redhat`` module is deprecated, as
effectively unused: the ``Rhsm``, ``RhsmPool``, and ``RhsmPools`` classes
will be removed in community.general 9.0.0; the ``RegistrationBase`` class
will be removed in community.general 10.0.0 together with the
``rhn_register`` module, as it is the only user of this class; this means
that the whole ``module_utils.redhat`` module will be dropped in
community.general 10.0.0, so importing it without even using anything of it
will fail
(https://github.com/ansible-collections/community.general/pull/6663).
- redhat_subscription - the ``autosubscribe`` alias for the ``auto_attach`` option has been
deprecated for many years, although only in the documentation. Officially mark this alias
as deprecated, and it will be removed in community.general 9.0.0
(https://github.com/ansible-collections/community.general/pull/6646).
- redhat_subscription - the ``pool`` option is deprecated in favour of the
more precise and flexible ``pool_ids`` option
(https://github.com/ansible-collections/community.general/pull/6650).
- rhsm_repository - ``state=present`` has not been working as expected for many years,
and it seems it was not noticed so far; also, "presence" is not really a valid concept
for subscription repositories, which can only be enabled or disabled. Hence, mark the
``present`` and ``absent`` values of the ``state`` option as deprecated, slating them
for removal in community.general 10.0.0
(https://github.com/ansible-collections/community.general/pull/6673).
- stackdriver - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6887).
- webfaction_app - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6909).
- webfaction_db - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6909).
- webfaction_domain - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6909).
- webfaction_mailbox - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6909).
- webfaction_site - module relies entirely on no longer existent API endpoints, and it will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/6909).
Removed Features (previously deprecated)
----------------------------------------
- The collection no longer supports ansible-core 2.11 and ansible-core 2.12. Parts of the collection might still work on these ansible-core versions, but others might not (https://github.com/ansible-collections/community.general/pull/7269).
- ansible_galaxy_install - support for Ansible 2.9 and ansible-base 2.10 has been removed (https://github.com/ansible-collections/community.general/pull/7358).
- consul - when ``state=absent``, the options ``script``, ``ttl``, ``tcp``, ``http``, and ``interval`` can no longer be specified (https://github.com/ansible-collections/community.general/pull/7358).
- gconftool2 - ``state=get`` has been removed. Use the module ``community.general.gconftool2_info`` instead (https://github.com/ansible-collections/community.general/pull/7358).
- gitlab_runner - remove the default value for the ``access_level`` option. To restore the previous behavior, explicitly set it to ``ref_protected`` (https://github.com/ansible-collections/community.general/pull/7358).
- htpasswd - removed code for passlib <1.6 (https://github.com/ansible-collections/community.general/pull/6901).
- manageiq_polices - ``state=list`` has been removed. Use the module ``community.general.manageiq_policies_info`` instead (https://github.com/ansible-collections/community.general/pull/7358).
- manageiq_tags - ``state=list`` has been removed. Use the module ``community.general.manageiq_tags_info`` instead (https://github.com/ansible-collections/community.general/pull/7358).
- mh.mixins.cmd module utils - the ``ArgFormat`` class has been removed (https://github.com/ansible-collections/community.general/pull/7358).
- mh.mixins.cmd module utils - the ``CmdMixin`` mixin has been removed. Use ``community.general.plugins.module_utils.cmd_runner.CmdRunner`` instead (https://github.com/ansible-collections/community.general/pull/7358).
- mh.mixins.cmd module utils - the mh.mixins.cmd module utils has been removed after all its contents were removed (https://github.com/ansible-collections/community.general/pull/7358).
- mh.module_helper module utils - the ``CmdModuleHelper`` and ``CmdStateModuleHelper`` classes have been removed. Use ``community.general.plugins.module_utils.cmd_runner.CmdRunner`` instead (https://github.com/ansible-collections/community.general/pull/7358).
- proxmox module utils - removed unused imports (https://github.com/ansible-collections/community.general/pull/6873).
- xfconf - the deprecated ``disable_facts`` option was removed (https://github.com/ansible-collections/community.general/pull/7358).
Bugfixes
--------
- CmdRunner module utils - does not attempt to resolve path if executable is a relative or absolute path (https://github.com/ansible-collections/community.general/pull/7200).
- MH DependencyMixin module utils - deprecation notice was popping up for modules not using dependencies (https://github.com/ansible-collections/community.general/pull/6644, https://github.com/ansible-collections/community.general/issues/6639).
- bitwarden lookup plugin - the plugin made assumptions about the structure of a Bitwarden JSON object which may have been broken by an update in the Bitwarden API. Remove assumptions, and allow queries for general fields such as ``notes`` (https://github.com/ansible-collections/community.general/pull/7061).
- cmd_runner module utils - when a parameter in ``argument_spec`` has no type, meaning it is implicitly a ``str``, ``CmdRunner`` would fail trying to find the ``type`` key in that dictionary (https://github.com/ansible-collections/community.general/pull/6968).
- cobbler inventory plugin - fix calculation of cobbler_ipv4/6_address (https://github.com/ansible-collections/community.general/pull/6925).
- composer - fix impossible to run ``working_dir`` dependent commands. The module was throwing an error when trying to run a ``working_dir`` dependent command, because it tried to get the command help without passing the ``working_dir`` (https://github.com/ansible-collections/community.general/issues/3787).
- csv module utils - detects and remove unicode BOM markers from incoming CSV content (https://github.com/ansible-collections/community.general/pull/6662).
- datadog_downtime - presence of ``rrule`` param lead to the Datadog API returning Bad Request due to a missing recurrence type (https://github.com/ansible-collections/community.general/pull/6811).
- ejabberd_user - module was failing to detect whether user was already created and/or password was changed (https://github.com/ansible-collections/community.general/pull/7033).
- ejabberd_user - provide meaningful error message when the ``ejabberdctl`` command is not found (https://github.com/ansible-collections/community.general/pull/7028, https://github.com/ansible-collections/community.general/issues/6949).
- github_deploy_key - fix pagination behaviour causing a crash when only a single page of deploy keys exist (https://github.com/ansible-collections/community.general/pull/7375).
- gitlab_group - the module passed parameters to the API call even when not set. The module is now filtering out ``None`` values to remediate this (https://github.com/ansible-collections/community.general/pull/6712).
- gitlab_group_variable - deleted all variables when used with ``purge=true`` due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
- gitlab_project_variable - deleted all variables when used with ``purge=true`` due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
- icinga2_host - fix a key error when updating an existing host (https://github.com/ansible-collections/community.general/pull/6748).
- ini_file - add the ``follow`` paramter to follow the symlinks instead of replacing them (https://github.com/ansible-collections/community.general/pull/6546).
- ini_file - fix a bug where the inactive options were not used when possible (https://github.com/ansible-collections/community.general/pull/6575).
- ipa_dnszone - fix 'idnsallowsyncptr' key error for reverse zone (https://github.com/ansible-collections/community.general/pull/6906, https://github.com/ansible-collections/community.general/issues/6905).
- kernel_blacklist - simplified the mechanism to update the file, fixing the error (https://github.com/ansible-collections/community.general/pull/7382, https://github.com/ansible-collections/community.general/issues/7362).
- keycloak module util - fix missing ``http_agent``, ``timeout``, and ``validate_certs`` ``open_url()`` parameters (https://github.com/ansible-collections/community.general/pull/7067).
- keycloak module utils - fix ``is_struct_included`` handling of lists of lists/dictionaries (https://github.com/ansible-collections/community.general/pull/6688).
- keycloak module utils - the function ``get_user_by_username`` now return the user representation or ``None`` as stated in the documentation (https://github.com/ansible-collections/community.general/pull/6758).
- keycloak_authentication - fix Keycloak authentication flow (step or sub-flow) indexing during update, if not specified by the user (https://github.com/ansible-collections/community.general/pull/6734).
- keycloak_client inventory plugin - fix missing client secret (https://github.com/ansible-collections/community.general/pull/6931).
- ldap_search - fix string normalization and the ``base64_attributes`` option on Python 3 (https://github.com/ansible-collections/community.general/issues/5704, https://github.com/ansible-collections/community.general/pull/7264).
- locale_gen - now works for locales without the underscore character such as ``C.UTF-8`` (https://github.com/ansible-collections/community.general/pull/6774, https://github.com/ansible-collections/community.general/issues/5142, https://github.com/ansible-collections/community.general/issues/4305).
- lvol - add support for percentage of origin size specification when creating snapshot volumes (https://github.com/ansible-collections/community.general/issues/1630, https://github.com/ansible-collections/community.general/pull/7053).
- lxc connection plugin - now handles ``remote_addr`` defaulting to ``inventory_hostname`` correctly (https://github.com/ansible-collections/community.general/pull/7104).
- lxc connection plugin - properly evaluate options (https://github.com/ansible-collections/community.general/pull/7369).
- machinectl become plugin - mark plugin as ``require_tty`` to automatically disable pipelining, with which this plugin is not compatible (https://github.com/ansible-collections/community.general/issues/6932, https://github.com/ansible-collections/community.general/pull/6935).
- mail - skip headers containing equals characters due to missing ``maxsplit`` on header key/value parsing (https://github.com/ansible-collections/community.general/pull/7303).
- memset module utils - make compatible with ansible-core 2.17 (https://github.com/ansible-collections/community.general/pull/7379).
- nmap inventory plugin - fix ``get_option`` calls (https://github.com/ansible-collections/community.general/pull/7323).
- nmap inventory plugin - now uses ``get_option`` in all cases to get its configuration information (https://github.com/ansible-collections/community.general/pull/7119).
- nmcli - fix bond option ``xmit_hash_policy`` (https://github.com/ansible-collections/community.general/pull/6527).
- nmcli - fix support for empty list (in compare and scrape) (https://github.com/ansible-collections/community.general/pull/6769).
- nsupdate - fix a possible ``list index out of range`` exception (https://github.com/ansible-collections/community.general/issues/836).
- oci_utils module util - fix inappropriate logical comparison expressions and makes them simpler. The previous checks had logical short circuits (https://github.com/ansible-collections/community.general/pull/7125).
- oci_utils module utils - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
- onepassword - fix KeyError exception when trying to access value of a field that is not filled out in OnePassword item (https://github.com/ansible-collections/community.general/pull/7241).
- openbsd_pkg - the pkg_info(1) behavior has changed in OpenBSD >7.3. The error message ``Can't find`` should not lead to an error case (https://github.com/ansible-collections/community.general/pull/6785).
- pacman - module recognizes the output of ``yay`` running as ``root`` (https://github.com/ansible-collections/community.general/pull/6713).
- portage - fix ``changed_use`` and ``newuse`` not triggering rebuilds (https://github.com/ansible-collections/community.general/issues/6008, https://github.com/ansible-collections/community.general/pull/6548).
- pritunl module utils - fix incorrect URL parameter for orgnization add method (https://github.com/ansible-collections/community.general/pull/7161).
- proxmox - fix error when a configuration had no ``template`` field (https://github.com/ansible-collections/community.general/pull/6838, https://github.com/ansible-collections/community.general/issues/5372).
- proxmox module utils - add logic to detect whether an old Promoxer complains about the ``token_name`` and ``token_value`` parameters and provide a better error message when that happens (https://github.com/ansible-collections/community.general/pull/6839, https://github.com/ansible-collections/community.general/issues/5371).
- proxmox module utils - fix proxmoxer library version check (https://github.com/ansible-collections/community.general/issues/6974, https://github.com/ansible-collections/community.general/issues/6975, https://github.com/ansible-collections/community.general/pull/6980).
- proxmox_disk - fix unable to create ``cdrom`` media due to ``size`` always being appended (https://github.com/ansible-collections/community.general/pull/6770).
- proxmox_kvm - ``absent`` state with ``force`` specified failed to stop the VM due to the ``timeout`` value not being passed to ``stop_vm`` (https://github.com/ansible-collections/community.general/pull/6827).
- proxmox_kvm - ``restarted`` state did not actually restart a VM in some VM configurations. The state now uses the Proxmox reboot endpoint instead of calling the ``stop_vm`` and ``start_vm`` functions (https://github.com/ansible-collections/community.general/pull/6773).
- proxmox_kvm - allow creation of VM with existing name but new vmid (https://github.com/ansible-collections/community.general/issues/6155, https://github.com/ansible-collections/community.general/pull/6709).
- proxmox_kvm - when ``name`` option is provided without ``vmid`` and VM with that name already exists then no new VM will be created (https://github.com/ansible-collections/community.general/issues/6911, https://github.com/ansible-collections/community.general/pull/6981).
- proxmox_tasks_info - remove ``api_user`` + ``api_password`` constraint from ``required_together`` as it causes to require ``api_password`` even when API token param is used (https://github.com/ansible-collections/community.general/issues/6201).
- proxmox_template - require ``requests_toolbelt`` module to fix issue with uploading large templates (https://github.com/ansible-collections/community.general/issues/5579, https://github.com/ansible-collections/community.general/pull/6757).
- proxmox_user_info - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
- redfish_info - fix ``ListUsers`` to not show empty account slots (https://github.com/ansible-collections/community.general/issues/6771, https://github.com/ansible-collections/community.general/pull/6772).
- redhat_subscription - use the right D-Bus options for the consumer type when
registering a RHEL system older than 9 or a RHEL 9 system older than 9.2
and using ``consumer_type``
(https://github.com/ansible-collections/community.general/pull/7378).
- refish_utils module utils - changing variable names to avoid issues occuring when fetching Volumes data (https://github.com/ansible-collections/community.general/pull/6883).
- rhsm_repository - when using the ``purge`` option, the ``repositories``
dictionary element in the returned JSON is now properly updated according
to the pruning operation
(https://github.com/ansible-collections/community.general/pull/6676).
- rundeck - fix ``TypeError`` on 404 API response (https://github.com/ansible-collections/community.general/pull/6983).
- selective callback plugin - fix length of task name lines in output always being 3 characters longer than desired (https://github.com/ansible-collections/community.general/pull/7374).
- snap - an exception was being raised when snap list was empty (https://github.com/ansible-collections/community.general/pull/7124, https://github.com/ansible-collections/community.general/issues/7120).
- snap - assume default track ``latest`` in parameter ``channel`` when not specified (https://github.com/ansible-collections/community.general/pull/6835, https://github.com/ansible-collections/community.general/issues/6821).
- snap - change the change detection mechanism from "parsing installation" to "comparing end state with initial state" (https://github.com/ansible-collections/community.general/pull/7340, https://github.com/ansible-collections/community.general/issues/7265).
- snap - fix crash when multiple snaps are specified and one has ``---`` in its description (https://github.com/ansible-collections/community.general/pull/7046).
- snap - fix the processing of the commands' output, stripping spaces and newlines from it (https://github.com/ansible-collections/community.general/pull/6826, https://github.com/ansible-collections/community.general/issues/6803).
- sorcery - fix interruption of the multi-stage process (https://github.com/ansible-collections/community.general/pull/7012).
- sorcery - fix queue generation before the whole system rebuild (https://github.com/ansible-collections/community.general/pull/7012).
- sorcery - latest state no longer triggers update_cache (https://github.com/ansible-collections/community.general/pull/7012).
- terraform - prevents ``-backend-config`` option double encapsulating with ``shlex_quote`` function. (https://github.com/ansible-collections/community.general/pull/7301).
- tss lookup plugin - fix multiple issues when using ``fetch_attachments=true`` (https://github.com/ansible-collections/community.general/pull/6720).
- zypper - added handling of zypper exitcode 102. Changed state is set correctly now and rc 102 is still preserved to be evaluated by the playbook (https://github.com/ansible-collections/community.general/pull/6534).
Known Issues
------------
- Ansible markup will show up in raw form on ansible-doc text output for ansible-core before 2.15. If you have trouble deciphering the documentation markup, please upgrade to ansible-core 2.15 (or newer), or read the HTML documentation on https://docs.ansible.com/ansible/devel/collections/community/general/ (https://github.com/ansible-collections/community.general/pull/6539).
New Plugins
-----------
Become
~~~~~~
- community.general.run0 - Systemd's run0.
Callback
~~~~~~~~
- community.general.default_without_diff - The default ansible callback without diff output.
- community.general.timestamp - Adds simple timestamp for each header.
Connection
~~~~~~~~~~
- community.general.incus - Run tasks in Incus instances via the Incus CLI.
Filter
~~~~~~
- community.general.from_ini - Converts INI text input into a dictionary.
- community.general.lists_difference - Difference of lists with a predictive order.
- community.general.lists_intersect - Intersection of lists with a predictive order.
- community.general.lists_symmetric_difference - Symmetric Difference of lists with a predictive order.
- community.general.lists_union - Union of lists with a predictive order.
- community.general.to_ini - Converts a dictionary to the INI file format.
Lookup
~~~~~~
- community.general.github_app_access_token - Obtain short-lived Github App Access tokens.
- community.general.onepassword_doc - Fetch documents stored in 1Password.
Test
~~~~
- community.general.fqdn_valid - Validates fully-qualified domain names against RFC 1123.
- bitwarden_secrets_manager - Retrieve secrets from Bitwarden Secrets Manager
New Modules
-----------
- community.general.consul_acl_bootstrap - Bootstrap ACLs in Consul.
- community.general.consul_auth_method - Manipulate Consul auth methods.
- community.general.consul_binding_rule - Manipulate Consul binding rules.
- community.general.consul_token - Manipulate Consul tokens.
- community.general.django_command - Run Django admin commands.
- community.general.dnf_config_manager - Enable or disable dnf repositories using config-manager.
- community.general.git_config_info - Read git configuration.
- community.general.gitlab_group_access_token - Manages GitLab group access tokens.
- community.general.gitlab_issue - Create, update, or delete GitLab issues.
- community.general.gitlab_label - Creates/updates/deletes GitLab Labels belonging to project or group.
- community.general.gitlab_milestone - Creates/updates/deletes GitLab Milestones belonging to project or group.
- community.general.gitlab_project_access_token - Manages GitLab project access tokens.
- community.general.keycloak_client_rolescope - Allows administration of Keycloak client roles scope to restrict the usage of certain roles to a other specific client applications.
- community.general.keycloak_component_info - Retrive component info in Keycloak.
- community.general.keycloak_realm_rolemapping - Allows administration of Keycloak realm role mappings into groups with the Keycloak API.
- community.general.nomad_token - Manage Nomad ACL tokens.
- community.general.proxmox_node_info - Retrieve information about one or more Proxmox VE nodes.
- community.general.proxmox_storage_contents_info - List content from a Proxmox VE storage.
- community.general.usb_facts - Allows listing information about USB devices.
- consul_policy - Manipulate Consul policies
- consul_role - Manipulate Consul roles
- facter_facts - Runs the discovery program C(facter) on the remote system and return Ansible facts
- gio_mime - Set default handler for MIME type, for applications using Gnome GIO
- gitlab_instance_variable - Creates, updates, or deletes GitLab instance variables
- gitlab_merge_request - Create, update, or delete GitLab merge requests
- jenkins_build_info - Get information about Jenkins builds
- keycloak_authentication_required_actions - Allows administration of Keycloak authentication required actions
- keycloak_authz_custom_policy - Allows administration of Keycloak client custom Javascript policies via Keycloak API
- keycloak_authz_permission - Allows administration of Keycloak client authorization permissions via Keycloak API
- keycloak_authz_permission_info - Query Keycloak client authorization permissions information
- keycloak_realm_key - Allows administration of Keycloak realm keys via Keycloak API
- keycloak_user - Create and configure a user in Keycloak
- lvg_rename - Renames LVM volume groups
- pnpm - Manage node.js packages with pnpm
- proxmox_pool - Pool management for Proxmox VE cluster
- proxmox_pool_member - Add or delete members from Proxmox VE cluster pools
- proxmox_vm_info - Retrieve information about one or more Proxmox VE virtual machines
- simpleinit_msb - Manage services on Source Mage GNU/Linux

4
CONTRIBUTING.md
View File

@@ -31,9 +31,7 @@ Also, consider taking up a valuable, reviewed, but abandoned pull request which
* Try committing your changes with an informative but short commit message.
* Do not squash your commits and force-push to your branch if not needed. Reviews of your pull request are much easier with individual commits to comprehend the pull request history. All commits of your pull request branch will be squashed into one commit by GitHub upon merge.
* Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the repository checkout.
* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/collection_development_process.html#creating-a-changelog-fragment).
* You must not include a fragment for new modules or new plugins. Also you shouldn't include one for docs-only changes. (If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
* Please always include a link to the pull request itself, and if the PR is about an issue, also a link to the issue. Also make sure the fragment ends with a period, and begins with a lower-case letter after `-`. (Again, if you don't do this, we'll add suggestions to fix it, so don't worry too much :) )
* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/development_process.html#creating-changelog-fragments). (You must not include a fragment for new modules or new plugins. Also you shouldn't include one for docs-only changes. If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
* Avoid reformatting unrelated parts of the codebase in your PR. These types of changes will likely be requested for reversion, create additional work for reviewers, and may cause approval to be delayed.
You can also read [our Quick-start development guide](https://github.com/ansible/community-docs/blob/main/create_pr_quick_start_guide.rst).

11
README.md
View File

@@ -6,10 +6,9 @@ SPDX-License-Identifier: GPL-3.0-or-later
# Community General Collection
[![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-9)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
[![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-8)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
[![EOL CI](https://github.com/ansible-collections/community.general/workflows/EOL%20CI/badge.svg?event=push)](https://github.com/ansible-collections/community.general/actions)
[![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.general)](https://codecov.io/gh/ansible-collections/community.general)
[![REUSE status](https://api.reuse.software/badge/github.com/ansible-collections/community.general)](https://api.reuse.software/info/github.com/ansible-collections/community.general)
This repository contains the `community.general` Ansible Collection. The collection is a part of the Ansible package and includes many modules and plugins supported by Ansible community which are not part of more specialized community collections.
@@ -25,7 +24,7 @@ If you encounter abusive behavior violating the [Ansible Code of Conduct](https:
## Tested with Ansible
Tested with the current ansible-core 2.13, ansible-core 2.14, ansible-core 2.15, ansible-core 2.16, ansible-core 2.17 releases and the current development version of ansible-core. Ansible-core versions before 2.13.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
Tested with the current ansible-core 2.13, ansible-core 2.14, ansible-core 2.15, ansible-core 2.16 releases and the current development version of ansible-core. Ansible-core versions before 2.13.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
## External requirements
@@ -116,7 +115,7 @@ See the [Releasing guidelines](https://github.com/ansible/community-docs/blob/ma
## Release notes
See the [changelog](https://github.com/ansible-collections/community.general/blob/stable-9/CHANGELOG.md).
See the [changelog](https://github.com/ansible-collections/community.general/blob/stable-8/CHANGELOG.rst).
## Roadmap
@@ -135,8 +134,8 @@ See [this issue](https://github.com/ansible-collections/community.general/issues
This collection is primarily licensed and distributed as a whole under the GNU General Public License v3.0 or later.
See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/community.general/blob/stable-9/COPYING) for the full text.
See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/community.general/blob/main/COPYING) for the full text.
Parts of the collection are licensed under the [BSD 2-Clause license](https://github.com/ansible-collections/community.general/blob/stable-9/LICENSES/BSD-2-Clause.txt), the [MIT license](https://github.com/ansible-collections/community.general/blob/stable-9/LICENSES/MIT.txt), and the [PSF 2.0 license](https://github.com/ansible-collections/community.general/blob/stable-9/LICENSES/PSF-2.0.txt).
Parts of the collection are licensed under the [BSD 2-Clause license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/BSD-2-Clause.txt), the [MIT license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/MIT.txt), and the [PSF 2.0 license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/PSF-2.0.txt).
All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. This conforms to the [REUSE specification](https://reuse.software/spec/).

1538
changelogs/changelog.yaml
View File

File diff suppressed because it is too large Load Diff

6
changelogs/config.yaml
View File

@@ -12,9 +12,6 @@ mention_ancestor: true
flatmap: true
new_plugins_after_name: removed_features
notesdir: fragments
output_formats:
- md
- rst
prelude_section_name: release_summary
prelude_section_title: Release Summary
sections:
@@ -35,6 +32,3 @@ sections:
- - known_issues
- Known Issues
title: Community General
trivial_section_name: trivial
use_fqcn: true
add_plugin_period: true

7
docs/docsite/config.yml
View File

@@ -1,7 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
changelog:
write_changelog: true

6
docs/docsite/extra-docs.yml
View File

@@ -8,9 +8,3 @@ sections:
toctree:
- filter_guide
- test_guide
- title: Cloud Guides
toctree:
- guide_alicloud
- guide_online
- guide_packet
- guide_scaleway

1
docs/docsite/rst/filter_guide_abstract_informations.rst
View File

@@ -12,5 +12,4 @@ Abstract transformations
filter_guide_abstract_informations_dictionaries
filter_guide_abstract_informations_grouping
filter_guide_abstract_informations_merging_lists_of_dictionaries
filter_guide_abstract_informations_lists_helper
filter_guide_abstract_informations_counting_elements_in_sequence

81
docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst
View File

@@ -1,81 +0,0 @@
..
Copyright (c) Ansible Project
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
SPDX-License-Identifier: GPL-3.0-or-later
Union, intersection and difference of lists
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Starting with Ansible Core 2.16, the builtin filters :ansplugin:`ansible.builtin.union#filter`, :ansplugin:`ansible.builtin.intersect#filter`, :ansplugin:`ansible.builtin.difference#filter` and :ansplugin:`ansible.builtin.symmetric_difference#filter` began to behave differently and do no longer preserve the item order. Items in the resulting lists are returned in arbitrary order and the order can vary between subsequent runs.
The Ansible community.general collection provides the following additional list filters:
- :ansplugin:`community.general.lists_union#filter`
- :ansplugin:`community.general.lists_intersect#filter`
- :ansplugin:`community.general.lists_difference#filter`
- :ansplugin:`community.general.lists_symmetric_difference#filter`
These filters preserve the item order, eliminate duplicates and are an extended version of the builtin ones, because they can operate on more than two lists.
.. note:: Stick to the builtin filters, when item order is not important or when you do not need the n-ary operating mode. The builtin filters are faster, because they rely mostly on sets as their underlying datastructure.
Let us use the lists below in the following examples:
.. code-block:: yaml
A: [9, 5, 7, 1, 9, 4, 10, 5, 9, 7]
B: [4, 1, 2, 8, 3, 1, 7]
C: [10, 2, 1, 9, 1]
The union of ``A`` and ``B`` can be written as:
.. code-block:: yaml+jinja
result: "{{ A | community.general.lists_union(B) }}"
This statement produces:
.. code-block:: yaml
result: [9, 5, 7, 1, 4, 10, 2, 8, 3]
If you want to calculate the intersection of ``A``, ``B`` and ``C``, you can use the following statement:
.. code-block:: yaml+jinja
result: "{{ A | community.general.lists_intersect(B, C) }}"
Alternatively, you can use a list of lists as an input of the filter
.. code-block:: yaml+jinja
result: "{{ [A, B] | community.general.lists_intersect(C) }}"
or
.. code-block:: yaml+jinja
result: "{{ [A, B, C] | community.general.lists_intersect(flatten=true) }}"
All three statements are equivalent and give:
.. code-block:: yaml
result: [1]
.. note:: Be aware that in most cases, filter calls without any argument require ``flatten=true``, otherwise the input is returned as result. The reason for this is, that the input is considered as a variable argument and is wrapped by an additional outer list. ``flatten=true`` ensures that this list is removed before the input is processed by the filter logic.
The filters ansplugin:`community.general.lists_difference#filter` or :ansplugin:`community.general.lists_symmetric_difference#filter` can be used in the same way as the filters in the examples above. They calculate the difference or the symmetric difference between two or more lists and preserve the item order.
For example, the symmetric difference of ``A``, ``B`` and ``C`` may be written as:
.. code-block:: yaml+jinja
result: "{{ A | community.general.lists_symmetric_difference(B, C) }}"
This gives:
.. code-block:: yaml
result: [5, 8, 3, 1]

96
docs/docsite/rst/guide_alicloud.rst
View File

@@ -1,96 +0,0 @@
..
Copyright (c) Ansible Project
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
SPDX-License-Identifier: GPL-3.0-or-later
.. _ansible_collections.community.general.docsite.guide_alicloud:
Alibaba Cloud Compute Services Guide
====================================
Introduction
````````````
The community.general collection contains several modules for controlling and managing Alibaba Cloud Compute Services (Alicloud). This guide
explains how to use the Alicloud Ansible modules together.
All Alicloud modules require ``footmark`` - install it on your control machine with ``pip install footmark``.
Cloud modules, including Alicloud modules, are usually executed on your local machine (the control machine) with ``connection: local``, rather than on remote machines defined in your hosts.
Normally, you'll use the following pattern for plays that provision Alicloud resources:
.. code-block:: yaml
- hosts: localhost
connection: local
vars:
- ...
tasks:
- ...
Authentication
``````````````
You can specify your Alicloud authentication credentials (access key and secret key) by passing them as
environment variables or by storing them in a vars file.
To pass authentication credentials as environment variables:
.. code-block:: console
export ALICLOUD_ACCESS_KEY='Alicloud123'
export ALICLOUD_SECRET_KEY='AlicloudSecret123'
To store authentication credentials in a vars file, encrypt them with :ref:`Ansible Vault <vault>` to keep them secure, then list them:
.. code-block:: yaml
---
alicloud_access_key: "--REMOVED--"
alicloud_secret_key: "--REMOVED--"
Note that if you store your credentials in a vars file, you need to refer to them in each Alicloud module. For example:
.. code-block:: yaml+jinja
- community.general.ali_instance:
alicloud_access_key: "{{ alicloud_access_key }}"
alicloud_secret_key: "{{ alicloud_secret_key }}"
image_id: "..."
Provisioning
````````````
Alicloud modules create Alicloud ECS instances (:ansplugin:`community.general.ali_instance#module`) and retrieve information on these (:ansplugin:`community.general.ali_instance_info#module`).
You can use the ``count`` parameter to control the number of resources you create or terminate. For example, if you want exactly 5 instances tagged ``NewECS``, set the ``count`` of instances to 5 and the ``count_tag`` to ``NewECS``, as shown in the last task of the example playbook below. If there are no instances with the tag ``NewECS``, the task creates 5 new instances. If there are 2 instances with that tag, the task creates 3 more. If there are 8 instances with that tag, the task terminates 3 of those instances.
If you do not specify a ``count_tag``, the task creates the number of instances you specify in ``count`` with the ``instance_name`` you provide.
.. code-block:: yaml+jinja
# alicloud_setup.yml
- hosts: localhost
connection: local
tasks:
- name: Create a set of instances
community.general.ali_instance:
instance_type: ecs.n4.small
image_id: "{{ ami_id }}"
instance_name: "My-new-instance"
instance_tags:
Name: NewECS
Version: 0.0.1
count: 5
count_tag:
Name: NewECS
allocate_public_ip: true
max_bandwidth_out: 50
register: create_instance
In the example playbook above, data about the instances created by this playbook is saved in the variable defined by the ``register`` keyword in the task.
Each Alicloud module offers a variety of parameter options. Not all options are demonstrated in the above example. See each individual module for further details and examples.

49
docs/docsite/rst/guide_online.rst
View File

@@ -1,49 +0,0 @@
..
Copyright (c) Ansible Project
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
SPDX-License-Identifier: GPL-3.0-or-later
.. _ansible_collections.community.general.docsite.guide_online:
****************
Online.net Guide
****************
Introduction
============
Online is a French hosting company mainly known for providing bare-metal servers named Dedibox.
Check it out: `https://www.online.net/en <https://www.online.net/en>`_
Dynamic inventory for Online resources
--------------------------------------
Ansible has a dynamic inventory plugin that can list your resources.
1. Create a YAML configuration such as ``online_inventory.yml`` with this content:
.. code-block:: yaml
plugin: community.general.online
2. Set your ``ONLINE_TOKEN`` environment variable with your token.
You need to open an account and log into it before you can get a token.
You can find your token at the following page: `https://console.online.net/en/api/access <https://console.online.net/en/api/access>`_
3. You can test that your inventory is working by running:
.. code-block:: console
$ ansible-inventory -v -i online_inventory.yml --list
4. Now you can run your playbook or any other module with this inventory:
.. code-block:: ansible-output
$ ansible all -i online_inventory.yml -m ping
sd-96735 | SUCCESS => {
"changed": false,
"ping": "pong"
}

214
docs/docsite/rst/guide_packet.rst
View File

@@ -1,214 +0,0 @@
..
Copyright (c) Ansible Project
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
SPDX-License-Identifier: GPL-3.0-or-later
.. _ansible_collections.community.general.docsite.guide_packet:
**********************************
Packet.net Guide
**********************************
Introduction
============
`Packet.net <https://packet.net>`_ is a bare metal infrastructure host that is supported by the community.general collection through six cloud modules. The six modules are:
- :ansplugin:`community.general.packet_device#module`: manages servers on Packet. You can use this module to create, restart and delete devices.
- :ansplugin:`community.general.packet_ip_subnet#module`: assign IP subnet to a bare metal server
- :ansplugin:`community.general.packet_project#module`: create/delete a project in Packet host
- :ansplugin:`community.general.packet_sshkey#module`: adds a public SSH key from file or value to the Packet infrastructure. Every subsequently-created device will have this public key installed in .ssh/authorized_keys.
- :ansplugin:`community.general.packet_volume#module`: create/delete a volume in Packet host
- :ansplugin:`community.general.packet_volume_attachment#module`: attach/detach a volume to a device in the Packet host
Note, this guide assumes you are familiar with Ansible and how it works. If you are not, have a look at their :ref:`docs <ansible_documentation>` before getting started.
Requirements
============
The Packet modules connect to the Packet API using the `packet-python package <https://pypi.org/project/packet-python/>`_. You can install it with pip:
.. code-block:: console
$ pip install packet-python
In order to check the state of devices created by Ansible on Packet, it is a good idea to install one of the `Packet CLI clients <https://www.packet.net/developers/integrations/>`_. Otherwise you can check them through the `Packet portal <https://app.packet.net/portal>`_.
To use the modules you will need a Packet API token. You can generate an API token through the Packet portal `here <https://app.packet.net/portal#/api-keys>`__. The simplest way to authenticate yourself is to set the Packet API token in an environment variable:
.. code-block:: console
$ export PACKET_API_TOKEN=Bfse9F24SFtfs423Gsd3ifGsd43sSdfs
If you are not comfortable exporting your API token, you can pass it as a parameter to the modules.
On Packet, devices and reserved IP addresses belong to `projects <https://www.packet.com/developers/api/#projects>`_. In order to use the packet_device module, you need to specify the UUID of the project in which you want to create or manage devices. You can find a project's UUID in the Packet portal `here <https://app.packet.net/portal#/projects/list/table/>`_ (it is just under the project table) or through one of the available `CLIs <https://www.packet.net/developers/integrations/>`_.
If you want to use a new SSH key pair in this tutorial, you can generate it to ``./id_rsa`` and ``./id_rsa.pub`` as:
.. code-block:: console
$ ssh-keygen -t rsa -f ./id_rsa
If you want to use an existing key pair, just copy the private and public key over to the playbook directory.
Device Creation
===============
The following code block is a simple playbook that creates one `Type 0 <https://www.packet.com/cloud/servers/t1-small/>`_ server (the ``plan`` parameter). You have to supply ``plan`` and ``operating_system``. ``location`` defaults to ``ewr1`` (Parsippany, NJ). You can find all the possible values for the parameters through a `CLI client <https://www.packet.net/developers/integrations/>`_.
.. code-block:: yaml+jinja
# playbook_create.yml
- name: Create Ubuntu device
hosts: localhost
tasks:
- community.general.packet_sshkey:
key_file: ./id_rsa.pub
label: tutorial key
- community.general.packet_device:
project_id: <your_project_id>
hostnames: myserver
operating_system: ubuntu_16_04
plan: baremetal_0
facility: sjc1
After running ``ansible-playbook playbook_create.yml``, you should have a server provisioned on Packet. You can verify through a CLI or in the `Packet portal <https://app.packet.net/portal#/projects/list/table>`__.
If you get an error with the message "failed to set machine state present, error: Error 404: Not Found", please verify your project UUID.
Updating Devices
================
The two parameters used to uniquely identify Packet devices are: "device_ids" and "hostnames". Both parameters accept either a single string (later converted to a one-element list), or a list of strings.
The ``device_ids`` and ``hostnames`` parameters are mutually exclusive. The following values are all acceptable:
- device_ids: ``a27b7a83-fc93-435b-a128-47a5b04f2dcf``
- hostnames: ``mydev1``
- device_ids: ``[a27b7a83-fc93-435b-a128-47a5b04f2dcf, 4887130f-0ccd-49a0-99b0-323c1ceb527b]``
- hostnames: ``[mydev1, mydev2]``
In addition, hostnames can contain a special ``%d`` formatter along with a ``count`` parameter that lets you easily expand hostnames that follow a simple name and number pattern; in other words, ``hostnames: "mydev%d", count: 2`` will expand to [mydev1, mydev2].
If your playbook acts on existing Packet devices, you can only pass the ``hostname`` and ``device_ids`` parameters. The following playbook shows how you can reboot a specific Packet device by setting the ``hostname`` parameter:
.. code-block:: yaml+jinja
# playbook_reboot.yml
- name: reboot myserver
hosts: localhost
tasks:
- community.general.packet_device:
project_id: <your_project_id>
hostnames: myserver
state: rebooted
You can also identify specific Packet devices with the ``device_ids`` parameter. The device's UUID can be found in the `Packet Portal <https://app.packet.net/portal>`_ or by using a `CLI <https://www.packet.net/developers/integrations/>`_. The following playbook removes a Packet device using the ``device_ids`` field:
.. code-block:: yaml+jinja
# playbook_remove.yml
- name: remove a device
hosts: localhost
tasks:
- community.general.packet_device:
project_id: <your_project_id>
device_ids: <myserver_device_id>
state: absent
More Complex Playbooks
======================
In this example, we will create a CoreOS cluster with `user data <https://packet.com/developers/docs/servers/key-features/user-data/>`_.
The CoreOS cluster will use `etcd <https://etcd.io/>`_ for discovery of other servers in the cluster. Before provisioning your servers, you will need to generate a discovery token for your cluster:
.. code-block:: console
$ curl -w "\n" 'https://discovery.etcd.io/new?size=3'
The following playbook will create an SSH key, 3 Packet servers, and then wait until SSH is ready (or until 5 minutes passed). Make sure to substitute the discovery token URL in ``user_data``, and the ``project_id`` before running ``ansible-playbook``. Also, feel free to change ``plan`` and ``facility``.
.. code-block:: yaml+jinja
# playbook_coreos.yml
- name: Start 3 CoreOS nodes in Packet and wait until SSH is ready
hosts: localhost
tasks:
- community.general.packet_sshkey:
key_file: ./id_rsa.pub
label: new
- community.general.packet_device:
hostnames: [coreos-one, coreos-two, coreos-three]
operating_system: coreos_beta
plan: baremetal_0
facility: ewr1
project_id: <your_project_id>
wait_for_public_IPv: 4
user_data: |
#cloud-config
coreos:
etcd2:
discovery: https://discovery.etcd.io/<token>
advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
initial-advertise-peer-urls: http://$private_ipv4:2380
listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
listen-peer-urls: http://$private_ipv4:2380
fleet:
public-ip: $private_ipv4
units:
- name: etcd2.service
command: start
- name: fleet.service
command: start
register: newhosts
- name: wait for ssh
ansible.builtin.wait_for:
delay: 1
host: "{{ item.public_ipv4 }}"
port: 22
state: started
timeout: 500
loop: "{{ newhosts.results[0].devices }}"
As with most Ansible modules, the default states of the Packet modules are idempotent, meaning the resources in your project will remain the same after re-runs of a playbook. Thus, we can keep the ``packet_sshkey`` module call in our playbook. If the public key is already in your Packet account, the call will have no effect.
The second module call provisions 3 Packet Type 0 (specified using the ``plan`` parameter) servers in the project identified by the ``project_id`` parameter. The servers are all provisioned with CoreOS beta (the ``operating_system`` parameter) and are customized with cloud-config user data passed to the ``user_data`` parameter.
The ``packet_device`` module has a ``wait_for_public_IPv`` that is used to specify the version of the IP address to wait for (valid values are ``4`` or ``6`` for IPv4 or IPv6). If specified, Ansible will wait until the GET API call for a device contains an Internet-routeable IP address of the specified version. When referring to an IP address of a created device in subsequent module calls, it is wise to use the ``wait_for_public_IPv`` parameter, or ``state: active`` in the packet_device module call.
Run the playbook:
.. code-block:: console
$ ansible-playbook playbook_coreos.yml
Once the playbook quits, your new devices should be reachable through SSH. Try to connect to one and check if etcd has started properly:
.. code-block:: console
tomk@work $ ssh -i id_rsa core@$one_of_the_servers_ip
core@coreos-one ~ $ etcdctl cluster-health
If you have any questions or comments let us know! help@packet.net

320
docs/docsite/rst/guide_scaleway.rst
View File

@@ -1,320 +0,0 @@
..
Copyright (c) Ansible Project
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
SPDX-License-Identifier: GPL-3.0-or-later
.. _ansible_collections.community.general.docsite.guide_scaleway:
**************
Scaleway Guide
**************
Introduction
============
`Scaleway <https://scaleway.com>`_ is a cloud provider supported by the community.general collection through a set of plugins and modules.
Those modules are:
- :ansplugin:`community.general.scaleway_compute#module`: manages servers on Scaleway. You can use this module to create, restart and delete servers.
- :ansplugin:`community.general.scaleway_compute_private_network#module`
- :ansplugin:`community.general.scaleway_container#module`
- :ansplugin:`community.general.scaleway_container_info#module`
- :ansplugin:`community.general.scaleway_container_namespace_info#module`
- :ansplugin:`community.general.scaleway_container_namespace#module`
- :ansplugin:`community.general.scaleway_container_registry_info#module`
- :ansplugin:`community.general.scaleway_container_registry#module`
- :ansplugin:`community.general.scaleway_database_backup#module`
- :ansplugin:`community.general.scaleway_function#module`
- :ansplugin:`community.general.scaleway_function_info#module`
- :ansplugin:`community.general.scaleway_function_namespace_info#module`
- :ansplugin:`community.general.scaleway_function_namespace#module`
- :ansplugin:`community.general.scaleway_image_info#module`
- :ansplugin:`community.general.scaleway_ip#module`
- :ansplugin:`community.general.scaleway_ip_info#module`
- :ansplugin:`community.general.scaleway_lb#module`
- :ansplugin:`community.general.scaleway_organization_info#module`
- :ansplugin:`community.general.scaleway_private_network#module`
- :ansplugin:`community.general.scaleway_security_group#module`
- :ansplugin:`community.general.scaleway_security_group_info#module`
- :ansplugin:`community.general.scaleway_security_group_rule#module`
- :ansplugin:`community.general.scaleway_server_info#module`
- :ansplugin:`community.general.scaleway_snapshot_info#module`
- :ansplugin:`community.general.scaleway_sshkey#module`: adds a public SSH key from a file or value to the Packet infrastructure. Every subsequently-created device will have this public key installed in .ssh/authorized_keys.
- :ansplugin:`community.general.scaleway_user_data#module`
- :ansplugin:`community.general.scaleway_volume#module`: manages volumes on Scaleway.
- :ansplugin:`community.general.scaleway_volume_info#module`
The plugins are:
- :ansplugin:`community.general.scaleway#inventory`: inventory plugin
.. note::
This guide assumes you are familiar with Ansible and how it works.
If you are not, have a look at :ref:`ansible_documentation` before getting started.
Requirements
============
The Scaleway modules and inventory script connect to the Scaleway API using `Scaleway REST API <https://developer.scaleway.com>`_.
To use the modules and inventory script you will need a Scaleway API token.
You can generate an API token through the `Scaleway console's credential page <https://cloud.scaleway.com/#/credentials>`__.
The simplest way to authenticate yourself is to set the Scaleway API token in an environment variable:
.. code-block:: console
$ export SCW_TOKEN=00000000-1111-2222-3333-444444444444
If you are not comfortable exporting your API token, you can pass it as a parameter to the modules using the ``api_token`` argument.
If you want to use a new SSH key pair in this tutorial, you can generate it to ``./id_rsa`` and ``./id_rsa.pub`` as:
.. code-block:: console
$ ssh-keygen -t rsa -f ./id_rsa
If you want to use an existing key pair, just copy the private and public key over to the playbook directory.
How to add an SSH key?
======================
Connection to Scaleway Compute nodes use Secure Shell.
SSH keys are stored at the account level, which means that you can reuse the same SSH key in multiple nodes.
The first step to configure Scaleway compute resources is to have at least one SSH key configured.
:ansplugin:`community.general.scaleway_sshkey#module` is a module that manages SSH keys on your Scaleway account.
You can add an SSH key to your account by including the following task in a playbook:
.. code-block:: yaml+jinja
- name: "Add SSH key"
community.general.scaleway_sshkey:
ssh_pub_key: "ssh-rsa AAAA..."
state: "present"
The ``ssh_pub_key`` parameter contains your ssh public key as a string. Here is an example inside a playbook:
.. code-block:: yaml+jinja
- name: Test SSH key lifecycle on a Scaleway account
hosts: localhost
gather_facts: false
environment:
SCW_API_KEY: ""
tasks:
- community.general.scaleway_sshkey:
ssh_pub_key: "ssh-rsa AAAAB...424242 developer@example.com"
state: present
register: result
- ansible.builtin.assert:
that:
- result is success and result is changed
How to create a compute instance?
=================================
Now that we have an SSH key configured, the next step is to spin up a server!
:ansplugin:`community.general.scaleway_compute#module` is a module that can create, update and delete Scaleway compute instances:
.. code-block:: yaml+jinja
- name: Create a server
community.general.scaleway_compute:
name: foobar
state: present
image: 00000000-1111-2222-3333-444444444444
organization: 00000000-1111-2222-3333-444444444444
region: ams1
commercial_type: START1-S
Here are the parameter details for the example shown above:
- ``name`` is the name of the instance (the one that will show up in your web console).
- ``image`` is the UUID of the system image you would like to use.
A list of all images is available for each availability zone.
- ``organization`` represents the organization that your account is attached to.
- ``region`` represents the Availability Zone which your instance is in (for this example, ``par1`` and ``ams1``).
- ``commercial_type`` represents the name of the commercial offers.
You can check out the Scaleway pricing page to find which instance is right for you.
Take a look at this short playbook to see a working example using ``scaleway_compute``:
.. code-block:: yaml+jinja
- name: Test compute instance lifecycle on a Scaleway account
hosts: localhost
gather_facts: false
environment:
SCW_API_KEY: ""
tasks:
- name: Create a server
register: server_creation_task
community.general.scaleway_compute:
name: foobar
state: present
image: 00000000-1111-2222-3333-444444444444
organization: 00000000-1111-2222-3333-444444444444
region: ams1
commercial_type: START1-S
wait: true
- ansible.builtin.debug:
var: server_creation_task
- ansible.builtin.assert:
that:
- server_creation_task is success
- server_creation_task is changed
- name: Run it
community.general.scaleway_compute:
name: foobar
state: running
image: 00000000-1111-2222-3333-444444444444
organization: 00000000-1111-2222-3333-444444444444
region: ams1
commercial_type: START1-S
wait: true
tags:
- web_server
register: server_run_task
- ansible.builtin.debug:
var: server_run_task
- ansible.builtin.assert:
that:
- server_run_task is success
- server_run_task is changed
Dynamic Inventory Plugin
========================
Ansible ships with :ansplugin:`community.general.scaleway#inventory`.
You can now get a complete inventory of your Scaleway resources through this plugin and filter it on
different parameters (``regions`` and ``tags`` are currently supported).
Let us create an example!
Suppose that we want to get all hosts that got the tag web_server.
Create a file named ``scaleway_inventory.yml`` with the following content:
.. code-block:: yaml+jinja
plugin: community.general.scaleway
regions:
- ams1
- par1
tags:
- web_server
This inventory means that we want all hosts that got the tag ``web_server`` on the zones ``ams1`` and ``par1``.
Once you have configured this file, you can get the information using the following command:
.. code-block:: console
$ ansible-inventory --list -i scaleway_inventory.yml
The output will be:
.. code-block:: json
{
"_meta": {
"hostvars": {
"dd8e3ae9-0c7c-459e-bc7b-aba8bfa1bb8d": {
"ansible_verbosity": 6,
"arch": "x86_64",
"commercial_type": "START1-S",
"hostname": "foobar",
"ipv4": "192.0.2.1",
"organization": "00000000-1111-2222-3333-444444444444",
"state": "running",
"tags": [
"web_server"
]
}
}
},
"all": {
"children": [
"ams1",
"par1",
"ungrouped",
"web_server"
]
},
"ams1": {},
"par1": {
"hosts": [
"dd8e3ae9-0c7c-459e-bc7b-aba8bfa1bb8d"
]
},
"ungrouped": {},
"web_server": {
"hosts": [
"dd8e3ae9-0c7c-459e-bc7b-aba8bfa1bb8d"
]
}
}
As you can see, we get different groups of hosts.
``par1`` and ``ams1`` are groups based on location.
``web_server`` is a group based on a tag.
In case a filter parameter is not defined, the plugin supposes all values possible are wanted.
This means that for each tag that exists on your Scaleway compute nodes, a group based on each tag will be created.
Scaleway S3 object storage
==========================
`Object Storage <https://www.scaleway.com/object-storage>`_ allows you to store any kind of objects (documents, images, videos, and so on).
As the Scaleway API is S3 compatible, Ansible supports it natively through the amazon.aws modules: :ansplugin:`amazon.aws.s3_bucket#module`, :ansplugin:`amazon.aws.s3_object#module`.
You can find many examples in the `scaleway_s3 integration tests <https://github.com/ansible/ansible-legacy-tests/tree/devel/test/legacy/roles/scaleway_s3>`_.
.. code-block:: yaml+jinja
- hosts: myserver
vars:
scaleway_region: nl-ams
s3_url: https://s3.nl-ams.scw.cloud
environment:
# AWS_ACCESS_KEY matches your scaleway organization id available at https://cloud.scaleway.com/#/account
AWS_ACCESS_KEY: 00000000-1111-2222-3333-444444444444
# AWS_SECRET_KEY matches a secret token that you can retrieve at https://cloud.scaleway.com/#/credentials
AWS_SECRET_KEY: aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
module_defaults:
group/amazon.aws.aws:
s3_url: '{{ s3_url }}'
region: '{{ scaleway_region }}'
tasks:
# use a fact instead of a variable, otherwise template is evaluate each time variable is used
- ansible.builtin.set_fact:
bucket_name: "{{ 99999999 | random | to_uuid }}"
# "requester_pays:" is mandatory because Scaleway does not implement related API
# another way is to use amazon.aws.s3_object and "mode: create" !
- amazon.aws.s3_bucket:
name: '{{ bucket_name }}'
requester_pays:
- name: Another way to create the bucket
amazon.aws.s3_object:
bucket: '{{ bucket_name }}'
mode: create
encrypt: false
register: bucket_creation_check
- name: add something in the bucket
amazon.aws.s3_object:
mode: put
bucket: '{{ bucket_name }}'
src: /tmp/test.txt # needs to be created before
object: test.txt
encrypt: false # server side encryption must be disabled

12
galaxy.yml
View File

@@ -5,17 +5,17 @@
namespace: community
name: general
version: 9.0.0
version: 8.0.2
readme: README.md
authors:
- Ansible (https://github.com/ansible)
description: >-
The community.general collection is a part of the Ansible package and includes many modules and
plugins supported by Ansible community which are not part of more specialized community collections.
description: null
license_file: COPYING
tags:
- community
tags: [community]
# NOTE: No dependencies are expected to be added here
# dependencies:
repository: https://github.com/ansible-collections/community.general
documentation: https://docs.ansible.com/ansible/latest/collections/community/general/
homepage: https://github.com/ansible-collections/community.general
issues: https://github.com/ansible-collections/community.general/issues
#type: flatmap

4166
meta/runtime.yml
View File

File diff suppressed because it is too large Load Diff

13
plugins/become/machinectl.py
View File

@@ -78,13 +78,12 @@ DOCUMENTATION = '''
EXAMPLES = r'''
# A polkit rule needed to use the module with a non-root user.
# See the Notes section for details.
/etc/polkit-1/rules.d/60-machinectl-fast-user-auth.rules: |
polkit.addRule(function(action, subject) {
if(action.id == "org.freedesktop.machine1.host-shell" &&
subject.isInGroup("wheel")) {
return polkit.Result.AUTH_SELF_KEEP;
}
});
60-machinectl-fast-user-auth.rules: |
polkit.addRule(function(action, subject) {
if(action.id == "org.freedesktop.machine1.host-shell" && subject.isInGroup("wheel")) {
return polkit.Result.AUTH_SELF_KEEP;
}
});
'''
from re import compile as re_compile

128
plugins/become/run0.py
View File

@@ -1,128 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2024, Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = """
name: run0
short_description: Systemd's run0
description:
- This become plugins allows your remote/login user to execute commands as another user via the C(run0) utility.
author:
- Thomas Sjögren (@konstruktoid)
version_added: '9.0.0'
options:
become_user:
description: User you 'become' to execute the task.
default: root
ini:
- section: privilege_escalation
key: become_user
- section: run0_become_plugin
key: user
vars:
- name: ansible_become_user
- name: ansible_run0_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_RUN0_USER
type: string
become_exe:
description: The C(run0) executable.
default: run0
ini:
- section: privilege_escalation
key: become_exe
- section: run0_become_plugin
key: executable
vars:
- name: ansible_become_exe
- name: ansible_run0_exe
env:
- name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_RUN0_EXE
type: string
become_flags:
description: Options to pass to run0.
default: ''
ini:
- section: privilege_escalation
key: become_flags
- section: run0_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_run0_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_RUN0_FLAGS
type: string
notes:
- This plugin will only work when a polkit rule is in place.
"""
EXAMPLES = r"""
# An example polkit rule that allows the user 'ansible' in the 'wheel' group
# to execute commands using run0 without authentication.
/etc/polkit-1/rules.d/60-run0-fast-user-auth.rules: |
polkit.addRule(function(action, subject) {
if(action.id == "org.freedesktop.systemd1.manage-units" &&
subject.isInGroup("wheel") &&
subject.user == "ansible") {
return polkit.Result.YES;
}
});
"""
from re import compile as re_compile
from ansible.plugins.become import BecomeBase
from ansible.module_utils._text import to_bytes
ansi_color_codes = re_compile(to_bytes(r"\x1B\[[0-9;]+m"))
class BecomeModule(BecomeBase):
name = "community.general.run0"
prompt = "Password: "
fail = ("==== AUTHENTICATION FAILED ====",)
success = ("==== AUTHENTICATION COMPLETE ====",)
require_tty = (
True # see https://github.com/ansible-collections/community.general/issues/6932
)
@staticmethod
def remove_ansi_codes(line):
return ansi_color_codes.sub(b"", line)
def build_become_command(self, cmd, shell):
super().build_become_command(cmd, shell)
if not cmd:
return cmd
become = self.get_option("become_exe")
flags = self.get_option("become_flags")
user = self.get_option("become_user")
return (
f"{become} --user={user} {flags} {self._build_success_command(cmd, shell)}"
)
def check_success(self, b_output):
b_output = self.remove_ansi_codes(b_output)
return super().check_success(b_output)
def check_incorrect_password(self, b_output):
b_output = self.remove_ansi_codes(b_output)
return super().check_incorrect_password(b_output)
def check_missing_password(self, b_output):
b_output = self.remove_ansi_codes(b_output)
return super().check_missing_password(b_output)

46
plugins/callback/default_without_diff.py
View File

@@ -1,46 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2024, Felix Fontein <felix@fontein.de>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = r'''
name: default_without_diff
type: stdout
short_description: The default ansible callback without diff output
version_added: 8.4.0
description:
- This is basically the default ansible callback plugin (P(ansible.builtin.default#callback)) without
showing diff output. This can be useful when using another callback which sends more detailed information
to another service, like the L(ARA, https://ara.recordsansible.org/) callback, and you want diff output
sent to that plugin but not shown on the console output.
author: Felix Fontein (@felixfontein)
extends_documentation_fragment:
- ansible.builtin.default_callback
- ansible.builtin.result_format_callback
'''
EXAMPLES = r'''
# Enable callback in ansible.cfg:
ansible_config: |
[defaults]
stdout_callback = community.general.default_without_diff
# Enable callback with environment variables:
environment_variable: |
ANSIBLE_STDOUT_CALLBACK=community.general.default_without_diff
'''
from ansible.plugins.callback.default import CallbackModule as Default
class CallbackModule(Default):
CALLBACK_VERSION = 2.0
CALLBACK_TYPE = 'stdout'
CALLBACK_NAME = 'community.general.default_without_diff'
def v2_on_file_diff(self, result):
pass

34
plugins/callback/elastic.py
View File

@@ -84,7 +84,6 @@ import time
import uuid
from collections import OrderedDict
from contextlib import closing
from os.path import basename
from ansible.errors import AnsibleError, AnsibleRuntimeError
@@ -202,25 +201,24 @@ class ElasticSource(object):
apm_cli = self.init_apm_client(apm_server_url, apm_service_name, apm_verify_server_cert, apm_secret_token, apm_api_key)
if apm_cli:
with closing(apm_cli):
instrument() # Only call this once, as early as possible.
if traceparent:
parent = trace_parent_from_string(traceparent)
apm_cli.begin_transaction("Session", trace_parent=parent, start=parent_start_time)
else:
apm_cli.begin_transaction("Session", start=parent_start_time)
# Populate trace metadata attributes
if self.ansible_version is not None:
label(ansible_version=self.ansible_version)
label(ansible_session=self.session, ansible_host_name=self.host, ansible_host_user=self.user)
if self.ip_address is not None:
label(ansible_host_ip=self.ip_address)
instrument() # Only call this once, as early as possible.
if traceparent:
parent = trace_parent_from_string(traceparent)
apm_cli.begin_transaction("Session", trace_parent=parent, start=parent_start_time)
else:
apm_cli.begin_transaction("Session", start=parent_start_time)
# Populate trace metadata attributes
if self.ansible_version is not None:
label(ansible_version=self.ansible_version)
label(ansible_session=self.session, ansible_host_name=self.host, ansible_host_user=self.user)
if self.ip_address is not None:
label(ansible_host_ip=self.ip_address)
for task_data in tasks:
for host_uuid, host_data in task_data.host_data.items():
self.create_span_data(apm_cli, task_data, host_data)
for task_data in tasks:
for host_uuid, host_data in task_data.host_data.items():
self.create_span_data(apm_cli, task_data, host_data)
apm_cli.end_transaction(name=__name__, result=status, duration=end_time - parent_start_time)
apm_cli.end_transaction(name=__name__, result=status, duration=end_time - parent_start_time)
def create_span_data(self, apm_cli, task_data, host_data):
""" create the span with the given TaskData and HostData """

4
plugins/callback/hipchat.py
View File

@@ -18,10 +18,6 @@ DOCUMENTATION = '''
description:
- This callback plugin sends status updates to a HipChat channel during playbook execution.
- Before 2.4 only environment variables were available for configuring this plugin.
deprecated:
removed_in: 10.0.0
why: The hipchat service has been discontinued and the self-hosted variant has been End of Life since 2020.
alternative: There is none.
options:
token:
description: HipChat API token for v1 or v2 API.

13
plugins/callback/loganalytics.py
View File

@@ -59,16 +59,13 @@ import uuid
import socket
import getpass
from datetime import datetime
from os.path import basename
from ansible.module_utils.urls import open_url
from ansible.parsing.ajson import AnsibleJSONEncoder
from ansible.plugins.callback import CallbackBase
from ansible_collections.community.general.plugins.module_utils.datetime import (
now,
)
class AzureLogAnalyticsSource(object):
def __init__(self):
@@ -96,7 +93,7 @@ class AzureLogAnalyticsSource(object):
return "https://{0}.ods.opinsights.azure.com/api/logs?api-version=2016-04-01".format(workspace_id)
def __rfc1123date(self):
return now().strftime('%a, %d %b %Y %H:%M:%S GMT')
return datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
def send_event(self, workspace_id, shared_key, state, result, runtime):
if result._task_fields['args'].get('_ansible_check_mode') is True:
@@ -170,7 +167,7 @@ class CallbackModule(CallbackBase):
def _seconds_since_start(self, result):
return (
now() -
datetime.utcnow() -
self.start_datetimes[result._task._uuid]
).total_seconds()
@@ -188,10 +185,10 @@ class CallbackModule(CallbackBase):
self.loganalytics.ansible_playbook = basename(playbook._file_name)
def v2_playbook_on_task_start(self, task, is_conditional):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_playbook_on_handler_task_start(self, task):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_runner_on_ok(self, result, **kwargs):
self.loganalytics.send_event(

18
plugins/callback/logentries.py
View File

@@ -18,7 +18,7 @@ DOCUMENTATION = '''
requirements:
- whitelisting in configuration
- certifi (Python library)
- flatdict (Python library), if you want to use the O(flatten) option
- flatdict (Python library), if you want to use the 'flatten' option
options:
api:
description: URI to the Logentries API.
@@ -90,9 +90,9 @@ examples: >
api = data.logentries.com
port = 10000
tls_port = 20000
use_tls = true
use_tls = no
token = dd21fc88-f00a-43ff-b977-e3a4233c53af
flatten = false
flatten = False
'''
import os
@@ -196,11 +196,15 @@ else:
class TLSSocketAppender(PlainTextSocketAppender):
def open_connection(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
context = ssl.create_default_context(
purpose=ssl.Purpose.SERVER_AUTH,
cafile=certifi.where(), )
sock = context.wrap_socket(
sock = ssl.wrap_socket(
sock=sock,
keyfile=None,
certfile=None,
server_side=False,
cert_reqs=ssl.CERT_REQUIRED,
ssl_version=getattr(
ssl, 'PROTOCOL_TLSv1_2', ssl.PROTOCOL_TLSv1),
ca_certs=certifi.where(),
do_handshake_on_connect=True,
suppress_ragged_eofs=True, )
sock.connect((self.LE_API, self.LE_TLS_PORT))

9
plugins/callback/logstash.py
View File

@@ -99,6 +99,7 @@ from ansible import context
import socket
import uuid
import logging
from datetime import datetime
try:
import logstash
@@ -108,10 +109,6 @@ except ImportError:
from ansible.plugins.callback import CallbackBase
from ansible_collections.community.general.plugins.module_utils.datetime import (
now,
)
class CallbackModule(CallbackBase):
@@ -129,7 +126,7 @@ class CallbackModule(CallbackBase):
"pip install python-logstash for Python 2"
"pip install python3-logstash for Python 3")
self.start_time = now()
self.start_time = datetime.utcnow()
def _init_plugin(self):
if not self.disabled:
@@ -188,7 +185,7 @@ class CallbackModule(CallbackBase):
self.logger.info("ansible start", extra=data)
def v2_playbook_on_stats(self, stats):
end_time = now()
end_time = datetime.utcnow()
runtime = end_time - self.start_time
summarize_stat = {}
for host in stats.processed.keys():

12
plugins/callback/mail.py
View File

@@ -71,16 +71,6 @@ options:
ini:
- section: callback_mail
key: bcc
message_id_domain:
description:
- The domain name to use for the L(Message-ID header, https://en.wikipedia.org/wiki/Message-ID).
- The default is the hostname of the control node.
type: str
ini:
- section: callback_mail
key: message_id_domain
version_added: 8.2.0
'''
import json
@@ -141,7 +131,7 @@ class CallbackModule(CallbackBase):
content += 'To: %s\n' % ', '.join([email.utils.formataddr(pair) for pair in to_addresses])
if self.cc:
content += 'Cc: %s\n' % ', '.join([email.utils.formataddr(pair) for pair in cc_addresses])
content += 'Message-ID: %s\n' % email.utils.make_msgid(domain=self.get_option('message_id_domain'))
content += 'Message-ID: %s\n' % email.utils.make_msgid()
content += 'Subject: %s\n\n' % subject.strip()
content += body

94
plugins/callback/opentelemetry.py
View File

@@ -84,33 +84,6 @@ DOCUMENTATION = '''
- section: callback_opentelemetry
key: disable_attributes_in_logs
version_added: 7.1.0
store_spans_in_file:
default: None
type: str
description:
- It stores the exported spans in the given file
env:
- name: ANSIBLE_OPENTELEMETRY_STORE_SPANS_IN_FILE
ini:
- section: callback_opentelemetry
key: store_spans_in_file
version_added: 9.0.0
otel_exporter_otlp_traces_protocol:
type: str
description:
- E(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL) represents the the transport protocol for spans.
- See
U(https://opentelemetry-python.readthedocs.io/en/latest/sdk/environment_variables.html#envvar-OTEL_EXPORTER_OTLP_TRACES_PROTOCOL).
default: grpc
choices:
- grpc
- http/protobuf
env:
- name: OTEL_EXPORTER_OTLP_TRACES_PROTOCOL
ini:
- section: callback_opentelemetry
key: otel_exporter_otlp_traces_protocol
version_added: 9.0.0
requirements:
- opentelemetry-api (Python library)
- opentelemetry-exporter-otlp (Python library)
@@ -134,7 +107,6 @@ examples: |
'''
import getpass
import json
import os
import socket
import sys
@@ -152,19 +124,15 @@ from ansible.plugins.callback import CallbackBase
try:
from opentelemetry import trace
from opentelemetry.trace import SpanKind
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter as GRPCOTLPSpanExporter
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter as HTTPOTLPSpanExporter
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter
from opentelemetry.sdk.resources import SERVICE_NAME, Resource
from opentelemetry.trace.status import Status, StatusCode
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator
from opentelemetry.sdk.trace import TracerProvider
from opentelemetry.sdk.trace.export import (
BatchSpanProcessor,
SimpleSpanProcessor
)
from opentelemetry.sdk.trace.export.in_memory_span_exporter import (
InMemorySpanExporter
BatchSpanProcessor
)
# Support for opentelemetry-api <= 1.12
try:
from opentelemetry.util._time import _time_ns
@@ -287,16 +255,7 @@ class OpenTelemetrySource(object):
task.dump = dump
task.add_host(HostData(host_uuid, host_name, status, result))
def generate_distributed_traces(self,
otel_service_name,
ansible_playbook,
tasks_data,
status,
traceparent,
disable_logs,
disable_attributes_in_logs,
otel_exporter_otlp_traces_protocol,
store_spans_in_file):
def generate_distributed_traces(self, otel_service_name, ansible_playbook, tasks_data, status, traceparent, disable_logs, disable_attributes_in_logs):
""" generate distributed traces from the collected TaskData and HostData """
tasks = []
@@ -312,16 +271,7 @@ class OpenTelemetrySource(object):
)
)
otel_exporter = None
if store_spans_in_file:
otel_exporter = InMemorySpanExporter()
processor = SimpleSpanProcessor(otel_exporter)
else:
if otel_exporter_otlp_traces_protocol == 'grpc':
otel_exporter = GRPCOTLPSpanExporter()
else:
otel_exporter = HTTPOTLPSpanExporter()
processor = BatchSpanProcessor(otel_exporter)
processor = BatchSpanProcessor(OTLPSpanExporter())
trace.get_tracer_provider().add_span_processor(processor)
@@ -343,8 +293,6 @@ class OpenTelemetrySource(object):
with tracer.start_as_current_span(task.name, start_time=task.start, end_on_exit=False) as span:
self.update_span_data(task, host_data, span, disable_logs, disable_attributes_in_logs)
return otel_exporter
def update_span_data(self, task_data, host_data, span, disable_logs, disable_attributes_in_logs):
""" update the span with the given TaskData and HostData """
@@ -402,8 +350,7 @@ class OpenTelemetrySource(object):
if not disable_logs:
# This will avoid populating span attributes to the logs
span.add_event(task_data.dump, attributes={} if disable_attributes_in_logs else attributes)
# Close span always
span.end(end_time=host_data.finish)
span.end(end_time=host_data.finish)
def set_span_attributes(self, span, attributes):
""" update the span attributes with the given attributes if not None """
@@ -515,8 +462,6 @@ class CallbackModule(CallbackBase):
self.errors = 0
self.disabled = False
self.traceparent = False
self.store_spans_in_file = False
self.otel_exporter_otlp_traces_protocol = None
if OTEL_LIBRARY_IMPORT_ERROR:
raise_from(
@@ -544,8 +489,6 @@ class CallbackModule(CallbackBase):
self.disable_logs = self.get_option('disable_logs')
self.store_spans_in_file = self.get_option('store_spans_in_file')
self.otel_service_name = self.get_option('otel_service_name')
if not self.otel_service_name:
@@ -554,14 +497,6 @@ class CallbackModule(CallbackBase):
# See https://github.com/open-telemetry/opentelemetry-specification/issues/740
self.traceparent = self.get_option('traceparent')
self.otel_exporter_otlp_traces_protocol = self.get_option('otel_exporter_otlp_traces_protocol')
def dump_results(self, result):
""" dump the results if disable_logs is not enabled """
if self.disable_logs:
return ""
return self._dump_results(result._result)
def v2_playbook_on_start(self, playbook):
self.ansible_playbook = basename(playbook._file_name)
@@ -611,7 +546,7 @@ class CallbackModule(CallbackBase):
self.tasks_data,
status,
result,
self.dump_results(result)
self._dump_results(result._result)
)
def v2_runner_on_ok(self, result):
@@ -619,7 +554,7 @@ class CallbackModule(CallbackBase):
self.tasks_data,
'ok',
result,
self.dump_results(result)
self._dump_results(result._result)
)
def v2_runner_on_skipped(self, result):
@@ -627,7 +562,7 @@ class CallbackModule(CallbackBase):
self.tasks_data,
'skipped',
result,
self.dump_results(result)
self._dump_results(result._result)
)
def v2_playbook_on_include(self, included_file):
@@ -643,22 +578,15 @@ class CallbackModule(CallbackBase):
status = Status(status_code=StatusCode.OK)
else:
status = Status(status_code=StatusCode.ERROR)
otel_exporter = self.opentelemetry.generate_distributed_traces(
self.opentelemetry.generate_distributed_traces(
self.otel_service_name,
self.ansible_playbook,
self.tasks_data,
status,
self.traceparent,
self.disable_logs,
self.disable_attributes_in_logs,
self.otel_exporter_otlp_traces_protocol,
self.store_spans_in_file
self.disable_attributes_in_logs
)
if self.store_spans_in_file:
spans = [json.loads(span.to_json()) for span in otel_exporter.get_finished_spans()]
with open(self.store_spans_in_file, "w", encoding="utf-8") as output:
json.dump({"spans": spans}, output, indent=4)
def v2_runner_on_async_failed(self, result, **kwargs):
self.errors += 1

2
plugins/callback/say.py
View File

@@ -18,6 +18,8 @@ DOCUMENTATION = '''
short_description: notify using software speech synthesizer
description:
- This plugin will use the C(say) or C(espeak) program to "speak" about play events.
notes:
- In Ansible 2.8, this callback has been renamed from C(osx_say) into M(community.general.say).
'''
import platform

1
plugins/callback/slack.py
View File

@@ -18,6 +18,7 @@ DOCUMENTATION = '''
short_description: Sends play events to a Slack channel
description:
- This is an ansible callback plugin that sends status updates to a Slack channel during playbook execution.
- Before Ansible 2.4 only environment variables were available for configuring this plugin.
options:
webhook_url:
required: true

13
plugins/callback/splunk.py
View File

@@ -88,16 +88,13 @@ import uuid
import socket
import getpass
from datetime import datetime
from os.path import basename
from ansible.module_utils.urls import open_url
from ansible.parsing.ajson import AnsibleJSONEncoder
from ansible.plugins.callback import CallbackBase
from ansible_collections.community.general.plugins.module_utils.datetime import (
now,
)
class SplunkHTTPCollectorSource(object):
def __init__(self):
@@ -137,7 +134,7 @@ class SplunkHTTPCollectorSource(object):
else:
time_format = '%Y-%m-%d %H:%M:%S +0000'
data['timestamp'] = now().strftime(time_format)
data['timestamp'] = datetime.utcnow().strftime(time_format)
data['host'] = self.host
data['ip_address'] = self.ip_address
data['user'] = self.user
@@ -184,7 +181,7 @@ class CallbackModule(CallbackBase):
def _runtime(self, result):
return (
now() -
datetime.utcnow() -
self.start_datetimes[result._task._uuid]
).total_seconds()
@@ -223,10 +220,10 @@ class CallbackModule(CallbackBase):
self.splunk.ansible_playbook = basename(playbook._file_name)
def v2_playbook_on_task_start(self, task, is_conditional):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_playbook_on_handler_task_start(self, task):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_runner_on_ok(self, result, **kwargs):
self.splunk.send_event(

14
plugins/callback/sumologic.py
View File

@@ -46,16 +46,13 @@ import uuid
import socket
import getpass
from datetime import datetime
from os.path import basename
from ansible.module_utils.urls import open_url
from ansible.parsing.ajson import AnsibleJSONEncoder
from ansible.plugins.callback import CallbackBase
from ansible_collections.community.general.plugins.module_utils.datetime import (
now,
)
class SumologicHTTPCollectorSource(object):
def __init__(self):
@@ -87,7 +84,8 @@ class SumologicHTTPCollectorSource(object):
data['uuid'] = result._task._uuid
data['session'] = self.session
data['status'] = state
data['timestamp'] = now().strftime('%Y-%m-%d %H:%M:%S +0000')
data['timestamp'] = datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S '
'+0000')
data['host'] = self.host
data['ip_address'] = self.ip_address
data['user'] = self.user
@@ -125,7 +123,7 @@ class CallbackModule(CallbackBase):
def _runtime(self, result):
return (
now() -
datetime.utcnow() -
self.start_datetimes[result._task._uuid]
).total_seconds()
@@ -146,10 +144,10 @@ class CallbackModule(CallbackBase):
self.sumologic.ansible_playbook = basename(playbook._file_name)
def v2_playbook_on_task_start(self, task, is_conditional):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_playbook_on_handler_task_start(self, task):
self.start_datetimes[task._uuid] = now()
self.start_datetimes[task._uuid] = datetime.utcnow()
def v2_runner_on_ok(self, result, **kwargs):
self.sumologic.send_event(

1
plugins/callback/syslog_json.py
View File

@@ -16,6 +16,7 @@ DOCUMENTATION = '''
short_description: sends JSON events to syslog
description:
- This plugin logs ansible-playbook and ansible runs to a syslog server in JSON format.
- Before Ansible 2.9 only environment variables were available for configuration.
options:
server:
description: Syslog server that will receive the event.

127
plugins/callback/timestamp.py
View File

@@ -1,127 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2024, kurokobo <kurokobo@protonmail.com>
# Copyright (c) 2014, Michael DeHaan <michael.dehaan@gmail.com>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = r"""
name: timestamp
type: stdout
short_description: Adds simple timestamp for each header
version_added: 9.0.0
description:
- This callback adds simple timestamp for each header.
author: kurokobo (@kurokobo)
options:
timezone:
description:
- Timezone to use for the timestamp in IANA time zone format.
- For example C(America/New_York), C(Asia/Tokyo)). Ignored on Python < 3.9.
ini:
- section: callback_timestamp
key: timezone
env:
- name: ANSIBLE_CALLBACK_TIMESTAMP_TIMEZONE
type: string
format_string:
description:
- Format of the timestamp shown to user in 1989 C standard format.
- >
Refer to L(the Python documentation,https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes)
for the available format codes.
ini:
- section: callback_timestamp
key: format_string
env:
- name: ANSIBLE_CALLBACK_TIMESTAMP_FORMAT_STRING
default: "%H:%M:%S"
type: string
seealso:
- plugin: ansible.posix.profile_tasks
plugin_type: callback
description: >
You can use P(ansible.posix.profile_tasks#callback) callback plugin to time individual tasks and overall execution time
with detailed timestamps.
extends_documentation_fragment:
- ansible.builtin.default_callback
- ansible.builtin.result_format_callback
"""
from ansible.plugins.callback.default import CallbackModule as Default
from ansible.utils.display import get_text_width
from ansible.module_utils.common.text.converters import to_text
from datetime import datetime
import types
import sys
# Store whether the zoneinfo module is available
_ZONEINFO_AVAILABLE = sys.version_info >= (3, 9)
def get_datetime_now(tz):
"""
Returns the current timestamp with the specified timezone
"""
return datetime.now(tz=tz)
def banner(self, msg, color=None, cows=True):
"""
Prints a header-looking line with cowsay or stars with length depending on terminal width (3 minimum) with trailing timestamp
Based on the banner method of Display class from ansible.utils.display
https://github.com/ansible/ansible/blob/4403519afe89138042108e237aef317fd5f09c33/lib/ansible/utils/display.py#L511
"""
timestamp = get_datetime_now(self.timestamp_tzinfo).strftime(self.timestamp_format_string)
timestamp_len = get_text_width(timestamp) + 1 # +1 for leading space
msg = to_text(msg)
if self.b_cowsay and cows:
try:
self.banner_cowsay("%s @ %s" % (msg, timestamp))
return
except OSError:
self.warning("somebody cleverly deleted cowsay or something during the PB run. heh.")
msg = msg.strip()
try:
star_len = self.columns - get_text_width(msg) - timestamp_len
except EnvironmentError:
star_len = self.columns - len(msg) - timestamp_len
if star_len <= 3:
star_len = 3
stars = "*" * star_len
self.display("\n%s %s %s" % (msg, stars, timestamp), color=color)
class CallbackModule(Default):
CALLBACK_VERSION = 2.0
CALLBACK_TYPE = "stdout"
CALLBACK_NAME = "community.general.timestamp"
def __init__(self):
super(CallbackModule, self).__init__()
# Replace the banner method of the display object with the custom one
self._display.banner = types.MethodType(banner, self._display)
def set_options(self, task_keys=None, var_options=None, direct=None):
super(CallbackModule, self).set_options(task_keys=task_keys, var_options=var_options, direct=direct)
# Store zoneinfo for specified timezone if available
tzinfo = None
if _ZONEINFO_AVAILABLE and self.get_option("timezone"):
from zoneinfo import ZoneInfo
tzinfo = ZoneInfo(self.get_option("timezone"))
# Inject options into the display object
setattr(self._display, "timestamp_tzinfo", tzinfo)
setattr(self._display, "timestamp_format_string", self.get_option("format_string"))

169
plugins/connection/incus.py
View File

@@ -1,169 +0,0 @@
# -*- coding: utf-8 -*-
# Based on lxd.py (c) 2016, Matt Clay <matt@mystile.com>
# (c) 2023, Stephane Graber <stgraber@stgraber.org>
# Copyright (c) 2023 Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = """
author: Stéphane Graber (@stgraber)
name: incus
short_description: Run tasks in Incus instances via the Incus CLI.
description:
- Run commands or put/fetch files to an existing Incus instance using Incus CLI.
version_added: "8.2.0"
options:
remote_addr:
description:
- The instance identifier.
default: inventory_hostname
vars:
- name: inventory_hostname
- name: ansible_host
- name: ansible_incus_host
executable:
description:
- The shell to use for execution inside the instance.
default: /bin/sh
vars:
- name: ansible_executable
- name: ansible_incus_executable
remote:
description:
- The name of the Incus remote to use (per C(incus remote list)).
- Remotes are used to access multiple servers from a single client.
default: local
vars:
- name: ansible_incus_remote
project:
description:
- The name of the Incus project to use (per C(incus project list)).
- Projects are used to divide the instances running on a server.
default: default
vars:
- name: ansible_incus_project
"""
import os
from subprocess import call, Popen, PIPE
from ansible.errors import AnsibleError, AnsibleConnectionFailure, AnsibleFileNotFound
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils._text import to_bytes, to_text
from ansible.plugins.connection import ConnectionBase
class Connection(ConnectionBase):
""" Incus based connections """
transport = "incus"
has_pipelining = True
default_user = 'root'
def __init__(self, play_context, new_stdin, *args, **kwargs):
super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
self._incus_cmd = get_bin_path("incus")
if not self._incus_cmd:
raise AnsibleError("incus command not found in PATH")
def _connect(self):
"""connect to Incus (nothing to do here) """
super(Connection, self)._connect()
if not self._connected:
self._display.vvv(u"ESTABLISH Incus CONNECTION FOR USER: root",
host=self._instance())
self._connected = True
def _instance(self):
# Return only the leading part of the FQDN as the instance name
# as Incus instance names cannot be a FQDN.
return self.get_option('remote_addr').split(".")[0]
def exec_command(self, cmd, in_data=None, sudoable=True):
""" execute a command on the Incus host """
super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
self._display.vvv(u"EXEC {0}".format(cmd),
host=self._instance())
local_cmd = [
self._incus_cmd,
"--project", self.get_option("project"),
"exec",
"%s:%s" % (self.get_option("remote"), self._instance()),
"--",
self._play_context.executable, "-c", cmd]
local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
in_data = to_bytes(in_data, errors='surrogate_or_strict', nonstring='passthru')
process = Popen(local_cmd, stdin=PIPE, stdout=PIPE, stderr=PIPE)
stdout, stderr = process.communicate(in_data)
stdout = to_text(stdout)
stderr = to_text(stderr)
if stderr == "Error: Instance is not running.\n":
raise AnsibleConnectionFailure("instance not running: %s" %
self._instance())
if stderr == "Error: Instance not found\n":
raise AnsibleConnectionFailure("instance not found: %s" %
self._instance())
return process.returncode, stdout, stderr
def put_file(self, in_path, out_path):
""" put a file from local to Incus """
super(Connection, self).put_file(in_path, out_path)
self._display.vvv(u"PUT {0} TO {1}".format(in_path, out_path),
host=self._instance())
if not os.path.isfile(to_bytes(in_path, errors='surrogate_or_strict')):
raise AnsibleFileNotFound("input path is not a file: %s" % in_path)
local_cmd = [
self._incus_cmd,
"--project", self.get_option("project"),
"file", "push", "--quiet",
in_path,
"%s:%s/%s" % (self.get_option("remote"),
self._instance(),
out_path)]
local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
call(local_cmd)
def fetch_file(self, in_path, out_path):
""" fetch a file from Incus to local """
super(Connection, self).fetch_file(in_path, out_path)
self._display.vvv(u"FETCH {0} TO {1}".format(in_path, out_path),
host=self._instance())
local_cmd = [
self._incus_cmd,
"--project", self.get_option("project"),
"file", "pull", "--quiet",
"%s:%s/%s" % (self.get_option("remote"),
self._instance(),
in_path),
out_path]
local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
call(local_cmd)
def close(self):
""" close the connection (nothing to do here) """
super(Connection, self).close()
self._connected = False

14
plugins/connection/lxd.py
View File

@@ -10,9 +10,9 @@ __metaclass__ = type
DOCUMENTATION = '''
author: Matt Clay (@mattclay) <matt@mystile.com>
name: lxd
short_description: Run tasks in LXD instances via C(lxc) CLI
short_description: Run tasks in lxc containers via lxc CLI
description:
- Run commands or put/fetch files to an existing instance using C(lxc) CLI.
- Run commands or put/fetch files to an existing lxc container using lxc CLI
options:
remote_addr:
description:
@@ -26,7 +26,7 @@ DOCUMENTATION = '''
- name: ansible_lxd_host
executable:
description:
- Shell to use for execution inside instance.
- shell to use for execution inside container
default: /bin/sh
vars:
- name: ansible_executable
@@ -71,7 +71,7 @@ class Connection(ConnectionBase):
raise AnsibleError("lxc command not found in PATH")
if self._play_context.remote_user is not None and self._play_context.remote_user != 'root':
self._display.warning('lxd does not support remote_user, using default: root')
self._display.warning('lxd does not support remote_user, using container default: root')
def _host(self):
""" translate remote_addr to lxd (short) hostname """
@@ -101,8 +101,6 @@ class Connection(ConnectionBase):
self.get_option("executable"), "-c", cmd
])
self._display.vvvvv(u"EXEC {0}".format(local_cmd), host=self._host())
local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
in_data = to_bytes(in_data, errors='surrogate_or_strict', nonstring='passthru')
@@ -112,12 +110,10 @@ class Connection(ConnectionBase):
stdout = to_text(stdout)
stderr = to_text(stderr)
self._display.vvvvv(u"EXEC lxc output: {0} {1}".format(stdout, stderr), host=self._host())
if "is not running" in stderr:
raise AnsibleConnectionFailure("instance not running: %s" % self._host())
if stderr.strip() == "Error: Instance not found" or stderr.strip() == "error: not found":
if "not found" in stderr:
raise AnsibleConnectionFailure("instance not found: %s" % self._host())
return process.returncode, stdout, stderr

12
plugins/doc_fragments/alicloud.py
View File

@@ -47,7 +47,7 @@ options:
aliases: ['assume_role']
alicloud_assume_role_arn:
description:
- The Alibaba Cloud C(role_arn). The ARN of the role to assume. If ARN is set to an empty string,
- The Alibaba Cloud role_arn. The ARN of the role to assume. If ARN is set to an empty string,
it does not perform role switching. It supports environment variable E(ALICLOUD_ASSUME_ROLE_ARN).
ansible will execute with provided credentials.
aliases: ['assume_role_arn']
@@ -61,7 +61,7 @@ options:
type: str
alicloud_assume_role_session_expiration:
description:
- The Alibaba Cloud C(session_expiration). The time after which the established session for assuming
- The Alibaba Cloud session_expiration. The time after which the established session for assuming
role expires. Valid value range 900-3600 seconds. Default to 3600 (in this case Alicloud use own default
value). It supports environment variable E(ALICLOUD_ASSUME_ROLE_SESSION_EXPIRATION).
aliases: ['assume_role_session_expiration']
@@ -85,12 +85,12 @@ options:
description:
- This is the path to the shared credentials file. It can also be sourced from the E(ALICLOUD_SHARED_CREDENTIALS_FILE)
environment variable.
- If this is not set and a profile is specified, C(~/.aliyun/config.json) will be used.
- If this is not set and a profile is specified, ~/.aliyun/config.json will be used.
type: str
author:
- "He Guimin (@xiaozhu36)"
requirements:
- "Python >= 3.6"
- "python >= 3.6"
notes:
- If parameters are not set within the module, the following
environment variables can be used in decreasing order of precedence
@@ -103,7 +103,7 @@ notes:
E(ALICLOUD_PROFILE),
E(ALICLOUD_ASSUME_ROLE_ARN),
E(ALICLOUD_ASSUME_ROLE_SESSION_NAME),
E(ALICLOUD_ASSUME_ROLE_SESSION_EXPIRATION).
E(ALICLOUD_ASSUME_ROLE_SESSION_EXPIRATION),
- E(ALICLOUD_REGION) or E(ALICLOUD_REGION_ID) can be typically be used to specify the
Alicloud region, when required, but this can also be configured in the footmark config file
ALICLOUD region, when required, but this can also be configured in the footmark config file
'''

8
plugins/doc_fragments/auth_basic.py
View File

@@ -14,19 +14,19 @@ class ModuleDocFragment(object):
options:
api_url:
description:
- The resolvable endpoint for the API.
- The resolvable endpoint for the API
type: str
api_username:
description:
- The username to use for authentication against the API.
- The username to use for authentication against the API
type: str
api_password:
description:
- The password to use for authentication against the API.
- The password to use for authentication against the API
type: str
validate_certs:
description:
- Whether or not to validate SSL certs when supplying a HTTPS endpoint.
- Whether or not to validate SSL certs when supplying a https endpoint.
type: bool
default: true
'''

59
plugins/doc_fragments/consul.py
View File

@@ -1,59 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) Ansible project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
class ModuleDocFragment:
# Common parameters for Consul modules
DOCUMENTATION = r"""
options:
host:
description:
- Host of the consul agent, defaults to V(localhost).
default: localhost
type: str
port:
type: int
description:
- The port on which the consul agent is running.
default: 8500
scheme:
description:
- The protocol scheme on which the consul agent is running.
Defaults to V(http) and can be set to V(https) for secure connections.
default: http
type: str
validate_certs:
type: bool
description:
- Whether to verify the TLS certificate of the consul agent.
default: true
ca_path:
description:
- The CA bundle to use for https connections
type: str
"""
TOKEN = r"""
options:
token:
description:
- The token to use for authorization.
type: str
"""
ACTIONGROUP_CONSUL = r"""
options: {}
attributes:
action_group:
description: Use C(group/community.general.consul) in C(module_defaults) to set defaults for this module.
support: full
membership:
- community.general.consul
"""

8
plugins/doc_fragments/dimensiondata.py
View File

@@ -20,10 +20,10 @@ options:
region:
description:
- The target region.
- Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py].
- They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html).
- Note that the default value C(na) stands for "North America".
- The module prepends C(dd-) to the region choice.
- Regions are defined in Apache libcloud project [libcloud/common/dimensiondata.py]
- They are also listed in U(https://libcloud.readthedocs.io/en/latest/compute/drivers/dimensiondata.html)
- Note that the default value "na" stands for "North America".
- The module prepends 'dd-' to the region choice.
type: str
default: na
mcp_user:

2
plugins/doc_fragments/dimensiondata_wait.py
View File

@@ -34,4 +34,4 @@ options:
- Only applicable if O(wait=true).
type: int
default: 2
'''
'''

53
plugins/doc_fragments/django.py
View File

@@ -1,53 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2024, Alexei Znamensky <russoz@gmail.com>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
class ModuleDocFragment(object):
DOCUMENTATION = r'''
options:
venv:
description:
- Use the the Python interpreter from this virtual environment.
- Pass the path to the root of the virtualenv, not the C(bin/) directory nor the C(python) executable.
type: path
settings:
description:
- Specifies the settings module to use.
- The value will be passed as is to the C(--settings) argument in C(django-admin).
type: str
required: true
pythonpath:
description:
- Adds the given filesystem path to the Python import search path.
- The value will be passed as is to the C(--pythonpath) argument in C(django-admin).
type: path
traceback:
description:
- Provides a full stack trace in the output when a C(CommandError) is raised.
type: bool
verbosity:
description:
- Specifies the amount of notification and debug information in the output of C(django-admin).
type: int
choices: [0, 1, 2, 3]
skip_checks:
description:
- Skips running system checks prior to running the command.
type: bool
notes:
- The C(django-admin) command is always executed using the C(C) locale, and the option C(--no-color) is always passed.
seealso:
- name: django-admin and manage.py in official Django documentation
description: >-
Refer to this documentation for the builtin commands and options of C(django-admin).
Please make sure that you select the right version of Django in the version selector on that page.
link: https://docs.djangoproject.com/en/5.0/ref/django-admin/
'''

5
plugins/doc_fragments/emc.py
View File

@@ -39,7 +39,8 @@ options:
default: sysadmin
requirements:
- An EMC VNX Storage device.
- storops (0.5.10 or greater). Install using C(pip install storops).
- Ansible 2.7.
- storops (0.5.10 or greater). Install using 'pip install storops'.
notes:
- The modules prefixed with C(emc_vnx) are built to support the EMC VNX storage platform.
- The modules prefixed with emc_vnx are built to support the EMC VNX storage platform.
'''

5
plugins/doc_fragments/gitlab.py
View File

@@ -29,9 +29,4 @@ options:
- GitLab CI job token for logging in.
type: str
version_added: 4.2.0
ca_path:
description:
- The CA certificates bundle to use to verify GitLab server certificate.
type: str
version_added: 8.1.0
'''

23
plugins/doc_fragments/hwc.py
View File

@@ -19,8 +19,8 @@ options:
required: true
user:
description:
- The user name to login with.
- Currently only user names are supported, and not user IDs.
- The user name to login with (currently only user names are
supported, and not user IDs).
type: str
required: true
password:
@@ -31,13 +31,14 @@ options:
domain:
description:
- The name of the Domain to scope to (Identity v3).
- Currently only domain names are supported, and not domain IDs.
(currently only domain names are supported, and not domain IDs).
type: str
required: true
project:
description:
- The name of the Tenant (Identity v2) or Project (Identity v3).
- Currently only project names are supported, and not project IDs.
(currently only project names are supported, and not
project IDs).
type: str
required: true
region:
@@ -46,20 +47,20 @@ options:
type: str
id:
description:
- The ID of resource to be managed.
- The id of resource to be managed.
type: str
notes:
- For authentication, you can set identity_endpoint using the
E(ANSIBLE_HWC_IDENTITY_ENDPOINT) environment variable.
E(ANSIBLE_HWC_IDENTITY_ENDPOINT) env variable.
- For authentication, you can set user using the
E(ANSIBLE_HWC_USER) environment variable.
- For authentication, you can set password using the E(ANSIBLE_HWC_PASSWORD) environment
E(ANSIBLE_HWC_USER) env variable.
- For authentication, you can set password using the E(ANSIBLE_HWC_PASSWORD) env
variable.
- For authentication, you can set domain using the E(ANSIBLE_HWC_DOMAIN) environment
- For authentication, you can set domain using the E(ANSIBLE_HWC_DOMAIN) env
variable.
- For authentication, you can set project using the E(ANSIBLE_HWC_PROJECT) environment
- For authentication, you can set project using the E(ANSIBLE_HWC_PROJECT) env
variable.
- For authentication, you can set region using the E(ANSIBLE_HWC_REGION) environment variable.
- For authentication, you can set region using the E(ANSIBLE_HWC_REGION) env variable.
- Environment variables values will only be used if the playbook values are
not set.
'''

3
plugins/doc_fragments/ibm_storage.py
View File

@@ -31,7 +31,8 @@ options:
required: true
notes:
- This module requires pyxcli python library.
Use C(pip install pyxcli) in order to get pyxcli.
Use 'pip install pyxcli' in order to get pyxcli.
requirements:
- python >= 2.7
- pyxcli
'''

11
plugins/doc_fragments/influxdb.py
View File

@@ -16,29 +16,32 @@ options:
hostname:
description:
- The hostname or IP address on which InfluxDB server is listening.
- Since Ansible 2.5, defaulted to localhost.
type: str
default: localhost
username:
description:
- Username that will be used to authenticate against InfluxDB server.
- Alias O(login_username) added in Ansible 2.5.
type: str
default: root
aliases: [ login_username ]
password:
description:
- Password that will be used to authenticate against InfluxDB server.
- Alias O(login_password) added in Ansible 2.5.
type: str
default: root
aliases: [ login_password ]
port:
description:
- The port on which InfluxDB server is listening.
- The port on which InfluxDB server is listening
type: int
default: 8086
path:
description:
- The path on which InfluxDB server is accessible.
- Only available when using python-influxdb >= 5.1.0.
- The path on which InfluxDB server is accessible
- Only available when using python-influxdb >= 5.1.0
type: str
default: ''
version_added: '0.2.0'
@@ -61,7 +64,7 @@ options:
description:
- Number of retries client will try before aborting.
- V(0) indicates try until success.
- Only available when using python-influxdb >= 4.1.0.
- Only available when using python-influxdb >= 4.1.0
type: int
default: 3
use_udp:

7
plugins/doc_fragments/ipa.py
View File

@@ -18,6 +18,7 @@ options:
- Port of FreeIPA / IPA server.
- If the value is not specified in the task, the value of environment variable E(IPA_PORT) will be used instead.
- If both the environment variable E(IPA_PORT) and the value are not specified in the task, then default value is set.
- Environment variable fallback mechanism is added in Ansible 2.5.
type: int
default: 443
ipa_host:
@@ -25,8 +26,9 @@ options:
- IP or hostname of IPA server.
- If the value is not specified in the task, the value of environment variable E(IPA_HOST) will be used instead.
- If both the environment variable E(IPA_HOST) and the value are not specified in the task, then DNS will be used to try to discover the FreeIPA server.
- The relevant entry needed in FreeIPA is the C(ipa-ca) entry.
- The relevant entry needed in FreeIPA is the 'ipa-ca' entry.
- If neither the DNS entry, nor the environment E(IPA_HOST), nor the value are available in the task, then the default value will be used.
- Environment variable fallback mechanism is added in Ansible 2.5.
type: str
default: ipa.example.com
ipa_user:
@@ -34,6 +36,7 @@ options:
- Administrative account used on IPA server.
- If the value is not specified in the task, the value of environment variable E(IPA_USER) will be used instead.
- If both the environment variable E(IPA_USER) and the value are not specified in the task, then default value is set.
- Environment variable fallback mechanism is added in Ansible 2.5.
type: str
default: admin
ipa_pass:
@@ -44,12 +47,14 @@ options:
- If the environment variable E(KRB5CCNAME) is available, the module will use this kerberos credentials cache to authenticate to the FreeIPA server.
- If the environment variable E(KRB5_CLIENT_KTNAME) is available, and E(KRB5CCNAME) is not; the module will use this kerberos keytab to authenticate.
- If GSSAPI is not available, the usage of O(ipa_pass) is required.
- Environment variable fallback mechanism is added in Ansible 2.5.
type: str
ipa_prot:
description:
- Protocol used by IPA server.
- If the value is not specified in the task, the value of environment variable E(IPA_PROT) will be used instead.
- If both the environment variable E(IPA_PROT) and the value are not specified in the task, then default value is set.
- Environment variable fallback mechanism is added in Ansible 2.5.
type: str
choices: [ http, https ]
default: https

1
plugins/doc_fragments/keycloak.py
View File

@@ -69,7 +69,6 @@ options:
type: int
default: 10
version_added: 4.5.0
http_agent:
description:
- Configures the HTTP User-Agent header.

7
plugins/doc_fragments/lxca_common.py
View File

@@ -30,7 +30,7 @@ options:
auth_url:
description:
- lxca HTTPS full web address.
- lxca https full web address
type: str
required: true
@@ -38,6 +38,7 @@ requirements:
- pylxca
notes:
- Additional detail about pylxca can be found at U(https://github.com/lenovo/pylxca).
- Playbooks using these modules can be found at U(https://github.com/lenovo/ansible.lenovo-lxca).
- Additional detail about pylxca can be found at U(https://github.com/lenovo/pylxca)
- Playbooks using these modules can be found at U(https://github.com/lenovo/ansible.lenovo-lxca)
- Check mode is not supported.
'''

79
plugins/doc_fragments/onepassword.py
View File

@@ -1,79 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2023, Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
class ModuleDocFragment(object):
DOCUMENTATION = r'''
requirements:
- See U(https://support.1password.com/command-line/)
options:
master_password:
description: The password used to unlock the specified vault.
aliases: ['vault_password']
type: str
section:
description: Item section containing the field to retrieve (case-insensitive). If absent will return first match from any section.
domain:
description: Domain of 1Password.
default: '1password.com'
type: str
subdomain:
description: The 1Password subdomain to authenticate against.
type: str
account_id:
description: The account ID to target.
type: str
username:
description: The username used to sign in.
type: str
secret_key:
description: The secret key used when performing an initial sign in.
type: str
service_account_token:
description:
- The access key for a service account.
- Only works with 1Password CLI version 2 or later.
type: str
vault:
description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults.
type: str
connect_host:
description: The host for 1Password Connect. Must be used in combination with O(connect_token).
type: str
env:
- name: OP_CONNECT_HOST
version_added: 8.1.0
connect_token:
description: The token for 1Password Connect. Must be used in combination with O(connect_host).
type: str
env:
- name: OP_CONNECT_TOKEN
version_added: 8.1.0
'''
LOOKUP = r'''
options:
service_account_token:
env:
- name: OP_SERVICE_ACCOUNT_TOKEN
version_added: 8.2.0
notes:
- This lookup will use an existing 1Password session if one exists. If not, and you have already
performed an initial sign in (meaning C(~/.op/config), C(~/.config/op/config) or C(~/.config/.op/config) exists), then only the
O(master_password) is required. You may optionally specify O(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
- This lookup can perform an initial login by providing O(subdomain), O(username), O(secret_key), and O(master_password).
- Can target a specific account by providing the O(account_id).
- Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
to the 1Password master password.
- This lookup stores potentially sensitive data from 1Password as Ansible facts.
Facts are subject to caching if enabled, which means this data could be stored in clear text
on disk or in a database.
- Tested with C(op) version 2.7.2.
'''

16
plugins/doc_fragments/oneview.py
View File

@@ -15,7 +15,7 @@ class ModuleDocFragment(object):
options:
config:
description:
- Path to a JSON configuration file containing the OneView client configuration.
- Path to a .json configuration file containing the OneView client configuration.
The configuration file is optional and when used should be present in the host running the ansible commands.
If the file path is not provided, the configuration will be loaded from environment variables.
For links to example configuration files or how to use the environment variables verify the notes section.
@@ -42,7 +42,7 @@ options:
type: str
requirements:
- Python >= 2.7.9
- python >= 2.7.9
notes:
- "A sample configuration file for the config parameter can be found at:
@@ -70,11 +70,11 @@ options:
options:
params:
description:
- List of parameters to delimit, filter and sort the list of resources.
- "Parameter keys allowed are:"
- "C(start): The first item to return, using 0-based indexing."
- "C(count): The number of resources to return."
- "C(filter): A general filter/query string to narrow the list of items returned."
- "C(sort): The sort order of the returned data set."
- List of params to delimit, filter and sort the list of resources.
- "params allowed:
- C(start): The first item to return, using 0-based indexing.
- C(count): The number of resources to return.
- C(filter): A general filter/query string to narrow the list of items returned.
- C(sort): The sort order of the returned data set."
type: dict
'''

4
plugins/doc_fragments/online.py
View File

@@ -20,7 +20,7 @@ options:
aliases: [ oauth_token ]
api_url:
description:
- Online API URL.
- Online API URL
type: str
default: 'https://api.online.net'
aliases: [ base_url ]
@@ -36,7 +36,7 @@ options:
type: bool
default: true
notes:
- Also see the API documentation on U(https://console.online.net/en/api/).
- Also see the API documentation on U(https://console.online.net/en/api/)
- If O(api_token) is not set within the module, the following
environment variables can be used in decreasing order of precedence
E(ONLINE_TOKEN), E(ONLINE_API_KEY), E(ONLINE_OAUTH_TOKEN), E(ONLINE_API_TOKEN).

2
plugins/doc_fragments/openswitch.py
View File

@@ -64,7 +64,7 @@ options:
description:
- Configures the transport connection to use when connecting to the
remote device. The transport argument supports connectivity to the
device over SSH (V(ssh)), CLI (V(cli)), or REST (V(rest)).
device over ssh, cli or REST.
required: true
type: str
choices: [ cli, rest, ssh ]

15
plugins/doc_fragments/oracle.py
View File

@@ -10,21 +10,22 @@ __metaclass__ = type
class ModuleDocFragment(object):
DOCUMENTATION = """
requirements:
- Python SDK for Oracle Cloud Infrastructure U(https://oracle-cloud-infrastructure-python-sdk.readthedocs.io)
- "python >= 2.7"
- Python SDK for Oracle Cloud Infrastructure U(https://oracle-cloud-infrastructure-python-sdk.readthedocs.io)
notes:
- For OCI Python SDK configuration, please refer to
U(https://oracle-cloud-infrastructure-python-sdk.readthedocs.io/en/latest/configuration.html).
- For OCI python sdk configuration, please refer to
U(https://oracle-cloud-infrastructure-python-sdk.readthedocs.io/en/latest/configuration.html)
options:
config_file_location:
description:
- Path to configuration file. If not set then the value of the E(OCI_CONFIG_FILE) environment variable,
if any, is used. Otherwise, defaults to C(~/.oci/config).
if any, is used. Otherwise, defaults to ~/.oci/config.
type: str
config_profile_name:
description:
- The profile to load from the config file referenced by O(config_file_location). If not set, then the
value of the E(OCI_CONFIG_PROFILE) environment variable, if any, is used. Otherwise, defaults to the
C(DEFAULT) profile in O(config_file_location).
"DEFAULT" profile in O(config_file_location).
default: "DEFAULT"
type: str
api_user:
@@ -69,8 +70,8 @@ class ModuleDocFragment(object):
description:
- OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if any, is
used. This option is required if the tenancy OCID is not specified through a configuration file
(See O(config_file_location)). To get the tenancy OCID, please refer to
U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
(See O(config_file_location)). To get the tenancy OCID, please refer
U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm)
type: str
region:
description:

2
plugins/doc_fragments/oracle_wait_options.py
View File

@@ -21,7 +21,7 @@ class ModuleDocFragment(object):
wait_until:
description: The lifecycle state to wait for the resource to transition into when O(wait=true). By default,
when O(wait=true), we wait for the resource to get into ACTIVE/ATTACHED/AVAILABLE/PROVISIONED/
RUNNING applicable lifecycle state during create operation and to get into DELETED/DETACHED/
RUNNING applicable lifecycle state during create operation & to get into DELETED/DETACHED/
TERMINATED lifecycle state during delete operation.
type: str
"""

10
plugins/doc_fragments/proxmox.py
View File

@@ -65,13 +65,3 @@ options:
- Add the new VM to the specified pool.
type: str
'''
ACTIONGROUP_PROXMOX = r"""
options: {}
attributes:
action_group:
description: Use C(group/community.general.proxmox) in C(module_defaults) to set defaults for this module.
support: full
membership:
- community.general.proxmox
"""

10
plugins/doc_fragments/purestorage.py
View File

@@ -32,10 +32,11 @@ options:
- FlashBlade API token for admin privileged user.
type: str
notes:
- This module requires the C(purity_fb) Python library.
- This module requires the C(purity_fb) Python library
- You must set E(PUREFB_URL) and E(PUREFB_API) environment variables
if O(fb_url) and O(api_token) arguments are not passed to the module directly.
if O(fb_url) and O(api_token) arguments are not passed to the module directly
requirements:
- python >= 2.7
- purity_fb >= 1.1
'''
@@ -53,9 +54,10 @@ options:
type: str
required: true
notes:
- This module requires the C(purestorage) Python library.
- This module requires the C(purestorage) Python library
- You must set E(PUREFA_URL) and E(PUREFA_API) environment variables
if O(fa_url) and O(api_token) arguments are not passed to the module directly.
if O(fa_url) and O(api_token) arguments are not passed to the module directly
requirements:
- python >= 2.7
- purestorage
'''

122
plugins/doc_fragments/rackspace.py Normal file
View File

@@ -0,0 +1,122 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2014, Matt Martz <matt@sivel.net>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
class ModuleDocFragment(object):
# Standard Rackspace only documentation fragment
DOCUMENTATION = r'''
options:
api_key:
description:
- Rackspace API key, overrides O(credentials).
type: str
aliases: [ password ]
credentials:
description:
- File to find the Rackspace credentials in. Ignored if O(api_key) and
O(username) are provided.
type: path
aliases: [ creds_file ]
env:
description:
- Environment as configured in C(~/.pyrax.cfg),
see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
type: str
region:
description:
- Region to create an instance in.
type: str
username:
description:
- Rackspace username, overrides O(credentials).
type: str
validate_certs:
description:
- Whether or not to require SSL validation of API endpoints.
type: bool
aliases: [ verify_ssl ]
requirements:
- python >= 2.6
- pyrax
notes:
- The following environment variables can be used, E(RAX_USERNAME),
E(RAX_API_KEY), E(RAX_CREDS_FILE), E(RAX_CREDENTIALS), E(RAX_REGION).
- E(RAX_CREDENTIALS) and E(RAX_CREDS_FILE) point to a credentials file
appropriate for pyrax. See U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating)
- E(RAX_USERNAME) and E(RAX_API_KEY) obviate the use of a credentials file
- E(RAX_REGION) defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)
'''
# Documentation fragment including attributes to enable communication
# of other OpenStack clouds. Not all rax modules support this.
OPENSTACK = r'''
options:
api_key:
type: str
description:
- Rackspace API key, overrides O(credentials).
aliases: [ password ]
auth_endpoint:
type: str
description:
- The URI of the authentication service.
- If not specified will be set to U(https://identity.api.rackspacecloud.com/v2.0/)
credentials:
type: path
description:
- File to find the Rackspace credentials in. Ignored if O(api_key) and
O(username) are provided.
aliases: [ creds_file ]
env:
type: str
description:
- Environment as configured in C(~/.pyrax.cfg),
see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
identity_type:
type: str
description:
- Authentication mechanism to use, such as rackspace or keystone.
default: rackspace
region:
type: str
description:
- Region to create an instance in.
tenant_id:
type: str
description:
- The tenant ID used for authentication.
tenant_name:
type: str
description:
- The tenant name used for authentication.
username:
type: str
description:
- Rackspace username, overrides O(credentials).
validate_certs:
description:
- Whether or not to require SSL validation of API endpoints.
type: bool
aliases: [ verify_ssl ]
deprecated:
removed_in: 9.0.0
why: This module relies on the deprecated package pyrax.
alternative: Use the Openstack modules instead.
requirements:
- python >= 2.6
- pyrax
notes:
- The following environment variables can be used, E(RAX_USERNAME),
E(RAX_API_KEY), E(RAX_CREDS_FILE), E(RAX_CREDENTIALS), E(RAX_REGION).
- E(RAX_CREDENTIALS) and E(RAX_CREDS_FILE) points to a credentials file
appropriate for pyrax. See U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating)
- E(RAX_USERNAME) and E(RAX_API_KEY) obviate the use of a credentials file
- E(RAX_REGION) defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)
'''

2
plugins/doc_fragments/scaleway.py
View File

@@ -42,7 +42,7 @@ options:
type: bool
default: true
notes:
- Also see the API documentation on U(https://developer.scaleway.com/).
- Also see the API documentation on U(https://developer.scaleway.com/)
- If O(api_token) is not set within the module, the following
environment variables can be used in decreasing order of precedence
E(SCW_TOKEN), E(SCW_API_KEY), E(SCW_OAUTH_TOKEN) or E(SCW_API_TOKEN).

11
plugins/doc_fragments/utm.py
View File

@@ -14,7 +14,7 @@ options:
headers:
description:
- A dictionary of additional headers to be sent to POST and PUT requests.
- Is needed for some modules.
- Is needed for some modules
type: dict
required: false
default: {}
@@ -30,9 +30,8 @@ options:
default: 4444
utm_token:
description:
- "The token used to identify at the REST-API. See
U(https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en),
Chapter 2.4.2."
- "The token used to identify at the REST-API. See U(https://www.sophos.com/en-us/medialibrary/\
PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en), Chapter 2.4.2."
type: str
required: true
utm_protocol:
@@ -49,8 +48,8 @@ options:
state:
description:
- The desired state of the object.
- V(present) will create or update an object.
- V(absent) will delete an object if it was present.
- V(present) will create or update an object
- V(absent) will delete an object if it was present
type: str
choices: [ absent, present ]
default: present

5
plugins/doc_fragments/vexata.py
View File

@@ -30,13 +30,11 @@ options:
user:
description:
- Vexata API user with administrative privileges.
- Uses the E(VEXATA_USER) environment variable as a fallback.
required: false
type: str
password:
description:
- Vexata API user password.
- Uses the E(VEXATA_PASSWORD) environment variable as a fallback.
required: false
type: str
validate_certs:
@@ -50,6 +48,7 @@ options:
requirements:
- Vexata VX100 storage array with VXOS >= v3.5.0 on storage array
- vexatapi >= 0.0.1
- E(VEXATA_USER) and E(VEXATA_PASSWORD) environment variables must be set if
- python >= 2.7
- VEXATA_USER and VEXATA_PASSWORD environment variables must be set if
user and password arguments are not passed to the module directly.
'''

99
plugins/filter/from_ini.py
View File

@@ -1,99 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2023, Steffen Scheib <steffen@scheib.me>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
DOCUMENTATION = r'''
name: from_ini
short_description: Converts INI text input into a dictionary
version_added: 8.2.0
author: Steffen Scheib (@sscheib)
description:
- Converts INI text input into a dictionary.
options:
_input:
description: A string containing an INI document.
type: string
required: true
'''
EXAMPLES = r'''
- name: Slurp an INI file
ansible.builtin.slurp:
src: /etc/rhsm/rhsm.conf
register: rhsm_conf
- name: Display the INI file as dictionary
ansible.builtin.debug:
var: rhsm_conf.content | b64decode | community.general.from_ini
- name: Set a new dictionary fact with the contents of the INI file
ansible.builtin.set_fact:
rhsm_dict: >-
{{
rhsm_conf.content | b64decode | community.general.from_ini
}}
'''
RETURN = '''
_value:
description: A dictionary representing the INI file.
type: dictionary
'''
__metaclass__ = type
from ansible.errors import AnsibleFilterError
from ansible.module_utils.six import string_types
from ansible.module_utils.six.moves import StringIO
from ansible.module_utils.six.moves.configparser import ConfigParser
from ansible.module_utils.common.text.converters import to_native
class IniParser(ConfigParser):
''' Implements a configparser which is able to return a dict '''
def __init__(self):
super().__init__(interpolation=None)
self.optionxform = str
def as_dict(self):
d = dict(self._sections)
for k in d:
d[k] = dict(self._defaults, **d[k])
d[k].pop('__name__', None)
if self._defaults:
d['DEFAULT'] = dict(self._defaults)
return d
def from_ini(obj):
''' Read the given string as INI file and return a dict '''
if not isinstance(obj, string_types):
raise AnsibleFilterError(f'from_ini requires a str, got {type(obj)}')
parser = IniParser()
try:
parser.read_file(StringIO(obj))
except Exception as ex:
raise AnsibleFilterError(f'from_ini failed to parse given string: '
f'{to_native(ex)}', orig_exc=ex)
return parser.as_dict()
class FilterModule(object):
''' Query filter '''
def filters(self):
return {
'from_ini': from_ini
}

210
plugins/filter/lists.py
View File

@@ -1,210 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
from ansible.errors import AnsibleFilterError
from ansible.module_utils.common.collections import is_sequence
def remove_duplicates(lst):
seen = set()
seen_add = seen.add
result = []
for item in lst:
try:
if item not in seen:
seen_add(item)
result.append(item)
except TypeError:
# This happens for unhashable values `item`. If this happens,
# convert `seen` to a list and continue.
seen = list(seen)
seen_add = seen.append
if item not in seen:
seen_add(item)
result.append(item)
return result
def flatten_list(lst):
result = []
for sublist in lst:
if not is_sequence(sublist):
msg = ("All arguments must be lists. %s is %s")
raise AnsibleFilterError(msg % (sublist, type(sublist)))
if len(sublist) > 0:
if all(is_sequence(sub) for sub in sublist):
for item in sublist:
result.append(item)
else:
result.append(sublist)
return result
def lists_union(*args, **kwargs):
lists = args
flatten = kwargs.pop('flatten', False)
if kwargs:
# Some unused kwargs remain
raise AnsibleFilterError(
"lists_union() got unexpected keywords arguments: {0}".format(
", ".join(kwargs.keys())
)
)
if flatten:
lists = flatten_list(args)
if not lists:
return []
if len(lists) == 1:
return lists[0]
a = lists[0]
for b in lists[1:]:
a = do_union(a, b)
return remove_duplicates(a)
def do_union(a, b):
return a + b
def lists_intersect(*args, **kwargs):
lists = args
flatten = kwargs.pop('flatten', False)
if kwargs:
# Some unused kwargs remain
raise AnsibleFilterError(
"lists_intersect() got unexpected keywords arguments: {0}".format(
", ".join(kwargs.keys())
)
)
if flatten:
lists = flatten_list(args)
if not lists:
return []
if len(lists) == 1:
return lists[0]
a = remove_duplicates(lists[0])
for b in lists[1:]:
a = do_intersect(a, b)
return a
def do_intersect(a, b):
isect = []
try:
other = set(b)
isect = [item for item in a if item in other]
except TypeError:
# This happens for unhashable values,
# use a list instead and redo.
other = list(b)
isect = [item for item in a if item in other]
return isect
def lists_difference(*args, **kwargs):
lists = args
flatten = kwargs.pop('flatten', False)
if kwargs:
# Some unused kwargs remain
raise AnsibleFilterError(
"lists_difference() got unexpected keywords arguments: {0}".format(
", ".join(kwargs.keys())
)
)
if flatten:
lists = flatten_list(args)
if not lists:
return []
if len(lists) == 1:
return lists[0]
a = remove_duplicates(lists[0])
for b in lists[1:]:
a = do_difference(a, b)
return a
def do_difference(a, b):
diff = []
try:
other = set(b)
diff = [item for item in a if item not in other]
except TypeError:
# This happens for unhashable values,
# use a list instead and redo.
other = list(b)
diff = [item for item in a if item not in other]
return diff
def lists_symmetric_difference(*args, **kwargs):
lists = args
flatten = kwargs.pop('flatten', False)
if kwargs:
# Some unused kwargs remain
raise AnsibleFilterError(
"lists_difference() got unexpected keywords arguments: {0}".format(
", ".join(kwargs.keys())
)
)
if flatten:
lists = flatten_list(args)
if not lists:
return []
if len(lists) == 1:
return lists[0]
a = lists[0]
for b in lists[1:]:
a = do_symmetric_difference(a, b)
return a
def do_symmetric_difference(a, b):
sym_diff = []
union = lists_union(a, b)
try:
isect = set(a) & set(b)
sym_diff = [item for item in union if item not in isect]
except TypeError:
# This happens for unhashable values,
# build the intersection of `a` and `b` backed
# by a list instead of a set and redo.
isect = lists_intersect(a, b)
sym_diff = [item for item in union if item not in isect]
return sym_diff
class FilterModule(object):
''' Ansible lists jinja2 filters '''
def filters(self):
return {
'lists_union': lists_union,
'lists_intersect': lists_intersect,
'lists_difference': lists_difference,
'lists_symmetric_difference': lists_symmetric_difference,
}

48
plugins/filter/lists_difference.yml
View File

@@ -1,48 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
DOCUMENTATION:
name: lists_difference
short_description: Difference of lists with a predictive order
version_added: 8.4.0
description:
- Provide a unique list of all the elements from the first which do not appear in the other lists.
- The order of the items in the resulting list is preserved.
options:
_input:
description: A list.
type: list
elements: any
required: true
flatten:
description: Whether to remove one hierarchy level from the input list.
type: boolean
default: false
author:
- Christoph Fiehe (@cfiehe)
EXAMPLES: |
- name: Return the difference of list1 and list2.
ansible.builtin.debug:
msg: "{{ list1 | community.general.lists_difference(list2) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
# => [10]
- name: Return the difference of list1, list2 and list3.
ansible.builtin.debug:
msg: "{{ [list1, list2, list3] | community.general.lists_difference(flatten=true) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
list3: [1, 2, 3, 4, 5, 10, 99, 101]
# => []
RETURN:
_value:
description: A unique list of all the elements from the first list that do not appear on the other lists.
type: list
elements: any

48
plugins/filter/lists_intersect.yml
View File

@@ -1,48 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
DOCUMENTATION:
name: lists_intersect
short_description: Intersection of lists with a predictive order
version_added: 8.4.0
description:
- Provide a unique list of all the common elements of two or more lists.
- The order of the items in the resulting list is preserved.
options:
_input:
description: A list.
type: list
elements: any
required: true
flatten:
description: Whether to remove one hierarchy level from the input list.
type: boolean
default: false
author:
- Christoph Fiehe (@cfiehe)
EXAMPLES: |
- name: Return the intersection of list1 and list2.
ansible.builtin.debug:
msg: "{{ list1 | community.general.lists_intersect(list2) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
# => [1, 2, 5, 3, 4]
- name: Return the intersection of list1, list2 and list3.
ansible.builtin.debug:
msg: "{{ [list1, list2, list3] | community.general.lists_intersect(flatten=true) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
list3: [1, 2, 3, 4, 5, 10, 99, 101]
# => [1, 2, 5, 3, 4]
RETURN:
_value:
description: A unique list of all the common elements from the provided lists.
type: list
elements: any

48
plugins/filter/lists_symmetric_difference.yml
View File

@@ -1,48 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
DOCUMENTATION:
name: lists_symmetric_difference
short_description: Symmetric Difference of lists with a predictive order
version_added: 8.4.0
description:
- Provide a unique list containing the symmetric difference of two or more lists.
- The order of the items in the resulting list is preserved.
options:
_input:
description: A list.
type: list
elements: any
required: true
flatten:
description: Whether to remove one hierarchy level from the input list.
type: boolean
default: false
author:
- Christoph Fiehe (@cfiehe)
EXAMPLES: |
- name: Return the symmetric difference of list1 and list2.
ansible.builtin.debug:
msg: "{{ list1 | community.general.lists_symmetric_difference(list2) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
# => [10, 11, 99]
- name: Return the symmetric difference of list1, list2 and list3.
ansible.builtin.debug:
msg: "{{ [list1, list2, list3] | community.general.lists_symmetric_difference(flatten=true) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
list3: [1, 2, 3, 4, 5, 10, 99, 101]
# => [11, 1, 2, 3, 4, 5, 101]
RETURN:
_value:
description: A unique list containing the symmetric difference of two or more lists.
type: list
elements: any

48
plugins/filter/lists_union.yml
View File

@@ -1,48 +0,0 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
DOCUMENTATION:
name: lists_union
short_description: Union of lists with a predictive order
version_added: 8.4.0
description:
- Provide a unique list of all the elements of two or more lists.
- The order of the items in the resulting list is preserved.
options:
_input:
description: A list.
type: list
elements: any
required: true
flatten:
description: Whether to remove one hierarchy level from the input list.
type: boolean
default: false
author:
- Christoph Fiehe (@cfiehe)
EXAMPLES: |
- name: Return the union of list1, list2 and list3.
ansible.builtin.debug:
msg: "{{ list1 | community.general.lists_union(list2, list3) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
list3: [1, 2, 3, 4, 5, 10, 99, 101]
# => [1, 2, 5, 3, 4, 10, 11, 99, 101]
- name: Return the union of list1 and list2.
ansible.builtin.debug:
msg: "{{ [list1, list2] | community.general.lists_union(flatten=true) }}"
vars:
list1: [1, 2, 5, 3, 4, 10]
list2: [1, 2, 3, 4, 5, 11, 99]
# => [1, 2, 5, 3, 4, 10, 11, 99]
RETURN:
_value:
description: A unique list of all the elements from the provided lists.
type: list
elements: any

105
plugins/filter/to_ini.py
View File

@@ -1,105 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2023, Steffen Scheib <steffen@scheib.me>
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
DOCUMENTATION = r'''
name: to_ini
short_description: Converts a dictionary to the INI file format
version_added: 8.2.0
author: Steffen Scheib (@sscheib)
description:
- Converts a dictionary to the INI file format.
options:
_input:
description: The dictionary that should be converted to the INI format.
type: dictionary
required: true
'''
EXAMPLES = r'''
- name: Define a dictionary
ansible.builtin.set_fact:
my_dict:
section_name:
key_name: 'key value'
another_section:
connection: 'ssh'
- name: Write dictionary to INI file
ansible.builtin.copy:
dest: /tmp/test.ini
content: '{{ my_dict | community.general.to_ini }}'
# /tmp/test.ini will look like this:
# [section_name]
# key_name = key value
#
# [another_section]
# connection = ssh
'''
RETURN = r'''
_value:
description: A string formatted as INI file.
type: string
'''
__metaclass__ = type
from ansible.errors import AnsibleFilterError
from ansible.module_utils.common._collections_compat import Mapping
from ansible.module_utils.six.moves import StringIO
from ansible.module_utils.six.moves.configparser import ConfigParser
from ansible.module_utils.common.text.converters import to_native
class IniParser(ConfigParser):
''' Implements a configparser which sets the correct optionxform '''
def __init__(self):
super().__init__(interpolation=None)
self.optionxform = str
def to_ini(obj):
''' Read the given dict and return an INI formatted string '''
if not isinstance(obj, Mapping):
raise AnsibleFilterError(f'to_ini requires a dict, got {type(obj)}')
ini_parser = IniParser()
try:
ini_parser.read_dict(obj)
except Exception as ex:
raise AnsibleFilterError('to_ini failed to parse given dict:'
f'{to_native(ex)}', orig_exc=ex)
# catching empty dicts
if obj == dict():
raise AnsibleFilterError('to_ini received an empty dict. '
'An empty dict cannot be converted.')
config = StringIO()
ini_parser.write(config)
# config.getvalue() returns two \n at the end
# with the below insanity, we remove the very last character of
# the resulting string
return ''.join(config.getvalue().rsplit(config.getvalue()[-1], 1))
class FilterModule(object):
''' Query filter '''
def filters(self):
return {
'to_ini': to_ini
}

18
plugins/inventory/cobbler.py
View File

@@ -118,8 +118,6 @@ from ansible.module_utils.common.text.converters import to_text
from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, to_safe_group_name
from ansible.module_utils.six import text_type
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
# xmlrpc
try:
import xmlrpclib as xmlrpc_client
@@ -276,9 +274,9 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
for host in self._get_systems():
# Get the FQDN for the host and add it to the right groups
if self.inventory_hostname == 'system':
hostname = make_unsafe(host['name']) # None
hostname = host['name'] # None
else:
hostname = make_unsafe(host['hostname']) # None
hostname = host['hostname'] # None
interfaces = host['interfaces']
if set(host['mgmt_classes']) & set(self.include_mgmt_classes):
@@ -298,7 +296,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
if ivalue['management'] or not ivalue['static']:
this_dns_name = ivalue.get('dns_name', None)
if this_dns_name is not None and this_dns_name != "":
hostname = make_unsafe(this_dns_name)
hostname = this_dns_name
self.display.vvvv('Set hostname to %s from %s\n' % (hostname, iname))
if hostname == '':
@@ -363,18 +361,18 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
if ip_address is None and ip_address_first is not None:
ip_address = ip_address_first
if ip_address is not None:
self.inventory.set_variable(hostname, 'cobbler_ipv4_address', make_unsafe(ip_address))
self.inventory.set_variable(hostname, 'cobbler_ipv4_address', ip_address)
if ipv6_address is None and ipv6_address_first is not None:
ipv6_address = ipv6_address_first
if ipv6_address is not None:
self.inventory.set_variable(hostname, 'cobbler_ipv6_address', make_unsafe(ipv6_address))
self.inventory.set_variable(hostname, 'cobbler_ipv6_address', ipv6_address)
if self.get_option('want_facts'):
try:
self.inventory.set_variable(hostname, 'cobbler', make_unsafe(host))
self.inventory.set_variable(hostname, 'cobbler', host)
except ValueError as e:
self.display.warning("Could not set host info for %s: %s" % (hostname, to_text(e)))
if self.get_option('want_ip_addresses'):
self.inventory.set_variable(self.group, 'cobbler_ipv4_addresses', make_unsafe(ip_addresses))
self.inventory.set_variable(self.group, 'cobbler_ipv6_addresses', make_unsafe(ipv6_addresses))
self.inventory.set_variable(self.group, 'cobbler_ipv4_addresses', ip_addresses)
self.inventory.set_variable(self.group, 'cobbler_ipv6_addresses', ipv6_addresses)

9
plugins/inventory/gitlab_runners.py
View File

@@ -14,6 +14,7 @@ DOCUMENTATION = '''
- Stefan Heitmüller (@morph027) <stefan.heitmueller@gmx.com>
short_description: Ansible dynamic inventory plugin for GitLab runners.
requirements:
- python >= 2.7
- python-gitlab > 1.8.0
extends_documentation_fragment:
- constructed
@@ -84,8 +85,6 @@ from ansible.errors import AnsibleError, AnsibleParserError
from ansible.module_utils.common.text.converters import to_native
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
try:
import gitlab
HAS_GITLAB = True
@@ -107,11 +106,11 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
else:
runners = gl.runners.all()
for runner in runners:
host = make_unsafe(str(runner['id']))
host = str(runner['id'])
ip_address = runner['ip_address']
host_attrs = make_unsafe(vars(gl.runners.get(runner['id']))['_attrs'])
host_attrs = vars(gl.runners.get(runner['id']))['_attrs']
self.inventory.add_host(host, group='gitlab_runners')
self.inventory.set_variable(host, 'ansible_host', make_unsafe(ip_address))
self.inventory.set_variable(host, 'ansible_host', ip_address)
if self.get_option('verbose_output', True):
self.inventory.set_variable(host, 'gitlab_runner_attributes', host_attrs)

45
plugins/inventory/icinga2.py
View File

@@ -63,12 +63,6 @@ DOCUMENTATION = '''
default: address
choices: ['name', 'display_name', 'address']
version_added: 4.2.0
group_by_hostgroups:
description:
- Uses Icinga2 hostgroups as groups.
type: boolean
default: true
version_added: 8.4.0
'''
EXAMPLES = r'''
@@ -78,7 +72,7 @@ url: http://localhost:5665
user: ansible
password: secure
host_filter: \"linux-servers\" in host.groups
validate_certs: false # only do this when connecting to localhost!
validate_certs: false
inventory_attr: name
groups:
# simple name matching
@@ -103,8 +97,6 @@ from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible.module_utils.urls import open_url
from ansible.module_utils.six.moves.urllib.error import HTTPError
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
class InventoryModule(BaseInventoryPlugin, Constructable):
''' Host inventory parser for ansible using Icinga2 as source. '''
@@ -122,7 +114,6 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
self.ssl_verify = None
self.host_filter = None
self.inventory_attr = None
self.group_by_hostgroups = None
self.cache_key = None
self.use_cache = None
@@ -242,32 +233,31 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
"""Convert Icinga2 API data to JSON format for Ansible"""
groups_dict = {"_meta": {"hostvars": {}}}
for entry in json_data:
host_attrs = make_unsafe(entry['attrs'])
host_attrs = entry['attrs']
if self.inventory_attr == "name":
host_name = make_unsafe(entry.get('name'))
host_name = entry.get('name')
if self.inventory_attr == "address":
# When looking for address for inventory, if missing fallback to object name
if host_attrs.get('address', '') != '':
host_name = make_unsafe(host_attrs.get('address'))
host_name = host_attrs.get('address')
else:
host_name = make_unsafe(entry.get('name'))
host_name = entry.get('name')
if self.inventory_attr == "display_name":
host_name = host_attrs.get('display_name')
if host_attrs['state'] == 0:
host_attrs['state'] = 'on'
else:
host_attrs['state'] = 'off'
host_groups = host_attrs.get('groups')
self.inventory.add_host(host_name)
if self.group_by_hostgroups:
host_groups = host_attrs.get('groups')
for group in host_groups:
if group not in self.inventory.groups.keys():
self.inventory.add_group(group)
self.inventory.add_child(group, host_name)
for group in host_groups:
if group not in self.inventory.groups.keys():
self.inventory.add_group(group)
self.inventory.add_child(group, host_name)
# If the address attribute is populated, override ansible_host with the value
if host_attrs.get('address') != '':
self.inventory.set_variable(host_name, 'ansible_host', host_attrs.get('address'))
self.inventory.set_variable(host_name, 'hostname', make_unsafe(entry.get('name')))
self.inventory.set_variable(host_name, 'hostname', entry.get('name'))
self.inventory.set_variable(host_name, 'display_name', host_attrs.get('display_name'))
self.inventory.set_variable(host_name, 'state',
host_attrs['state'])
@@ -287,23 +277,12 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
self._read_config_data(path)
# Store the options from the YAML file
self.icinga2_url = self.get_option('url')
self.icinga2_url = self.get_option('url').rstrip('/') + '/v1'
self.icinga2_user = self.get_option('user')
self.icinga2_password = self.get_option('password')
self.ssl_verify = self.get_option('validate_certs')
self.host_filter = self.get_option('host_filter')
self.inventory_attr = self.get_option('inventory_attr')
self.group_by_hostgroups = self.get_option('group_by_hostgroups')
if self.templar.is_template(self.icinga2_url):
self.icinga2_url = self.templar.template(variable=self.icinga2_url, disable_lookups=False)
if self.templar.is_template(self.icinga2_user):
self.icinga2_user = self.templar.template(variable=self.icinga2_user, disable_lookups=False)
if self.templar.is_template(self.icinga2_password):
self.icinga2_password = self.templar.template(variable=self.icinga2_password, disable_lookups=False)
self.icinga2_url = self.icinga2_url.rstrip('/') + '/v1'
# Not currently enabled
# self.cache_key = self.get_cache_key(path)
# self.use_cache = cache and self.get_option('cache')

46
plugins/inventory/linode.py
View File

@@ -12,6 +12,7 @@ DOCUMENTATION = r'''
- Luke Murphy (@decentral1se)
short_description: Ansible dynamic inventory plugin for Linode.
requirements:
- python >= 2.7
- linode_api4 >= 2.0.0
description:
- Reads inventories from the Linode API v4.
@@ -123,8 +124,6 @@ compose:
from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
try:
from linode_api4 import LinodeClient
@@ -200,21 +199,20 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
def _add_instances_to_groups(self):
"""Add instance names to their dynamic inventory groups."""
for instance in self.instances:
self.inventory.add_host(make_unsafe(instance.label), group=instance.group)
self.inventory.add_host(instance.label, group=instance.group)
def _add_hostvars_for_instances(self):
"""Add hostvars for instances in the dynamic inventory."""
ip_style = self.get_option('ip_style')
for instance in self.instances:
hostvars = instance._raw_json
hostname = make_unsafe(instance.label)
for hostvar_key in hostvars:
if ip_style == 'api' and hostvar_key in ['ipv4', 'ipv6']:
continue
self.inventory.set_variable(
hostname,
instance.label,
hostvar_key,
make_unsafe(hostvars[hostvar_key])
hostvars[hostvar_key]
)
if ip_style == 'api':
ips = instance.ips.ipv4.public + instance.ips.ipv4.private
@@ -223,9 +221,9 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
for ip_type in set(ip.type for ip in ips):
self.inventory.set_variable(
hostname,
instance.label,
ip_type,
make_unsafe(self._ip_data([ip for ip in ips if ip.type == ip_type]))
self._ip_data([ip for ip in ips if ip.type == ip_type])
)
def _ip_data(self, ip_list):
@@ -256,44 +254,30 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
self._add_instances_to_groups()
self._add_hostvars_for_instances()
for instance in self.instances:
hostname = make_unsafe(instance.label)
variables = self.inventory.get_host(hostname).get_vars()
variables = self.inventory.get_host(instance.label).get_vars()
self._add_host_to_composed_groups(
self.get_option('groups'),
variables,
hostname,
instance.label,
strict=strict)
self._add_host_to_keyed_groups(
self.get_option('keyed_groups'),
variables,
hostname,
instance.label,
strict=strict)
self._set_composite_vars(
self.get_option('compose'),
variables,
hostname,
instance.label,
strict=strict)
def verify_file(self, path):
"""Verify the Linode configuration file.
Return true/false if the config-file is valid for this plugin
Args:
str(path): path to the config
Kwargs:
None
Raises:
None
Returns:
bool(valid): is valid config file"""
valid = False
"""Verify the Linode configuration file."""
if super(InventoryModule, self).verify_file(path):
if path.endswith(("linode.yaml", "linode.yml")):
valid = True
else:
self.display.vvv('Inventory source not ending in "linode.yaml" or "linode.yml"')
return valid
endings = ('linode.yaml', 'linode.yml')
if any((path.endswith(ending) for ending in endings)):
return True
return False
def parse(self, inventory, loader, path, cache=True):
"""Dynamically parse Linode the cloud inventory."""

33
plugins/inventory/lxd.py
View File

@@ -175,7 +175,6 @@ from ansible.module_utils.six import raise_from
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible_collections.community.general.plugins.module_utils.lxd import LXDClient, LXDClientException
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
try:
import ipaddress
@@ -471,7 +470,7 @@ class InventoryModule(BaseInventoryPlugin):
Helper to get the preferred interface provide by neme pattern from 'prefered_instance_network_interface'.
Args:
str(instance_name): name of instance
str(containe_name): name of instance
Kwargs:
None
Raises:
@@ -496,7 +495,7 @@ class InventoryModule(BaseInventoryPlugin):
Helper to get the VLAN_ID from the instance
Args:
str(instance_name): name of instance
str(containe_name): name of instance
Kwargs:
None
Raises:
@@ -671,7 +670,7 @@ class InventoryModule(BaseInventoryPlugin):
if self._get_data_entry('inventory/{0}/network_interfaces'.format(instance_name)): # instance have network interfaces
self.inventory.set_variable(instance_name, 'ansible_connection', 'ssh')
self.inventory.set_variable(instance_name, 'ansible_host', make_unsafe(interface_selection(instance_name)))
self.inventory.set_variable(instance_name, 'ansible_host', interface_selection(instance_name))
else:
self.inventory.set_variable(instance_name, 'ansible_connection', 'local')
@@ -697,39 +696,31 @@ class InventoryModule(BaseInventoryPlugin):
if self.filter.lower() != instance_state:
continue
# add instance
instance_name = make_unsafe(instance_name)
self.inventory.add_host(instance_name)
# add network information
self.build_inventory_network(instance_name)
# add os
v = self._get_data_entry('inventory/{0}/os'.format(instance_name))
if v:
self.inventory.set_variable(instance_name, 'ansible_lxd_os', make_unsafe(v.lower()))
self.inventory.set_variable(instance_name, 'ansible_lxd_os', v.lower())
# add release
v = self._get_data_entry('inventory/{0}/release'.format(instance_name))
if v:
self.inventory.set_variable(
instance_name, 'ansible_lxd_release', make_unsafe(v.lower()))
self.inventory.set_variable(instance_name, 'ansible_lxd_release', v.lower())
# add profile
self.inventory.set_variable(
instance_name, 'ansible_lxd_profile', make_unsafe(self._get_data_entry('inventory/{0}/profile'.format(instance_name))))
self.inventory.set_variable(instance_name, 'ansible_lxd_profile', self._get_data_entry('inventory/{0}/profile'.format(instance_name)))
# add state
self.inventory.set_variable(
instance_name, 'ansible_lxd_state', make_unsafe(instance_state))
self.inventory.set_variable(instance_name, 'ansible_lxd_state', instance_state)
# add type
self.inventory.set_variable(
instance_name, 'ansible_lxd_type', make_unsafe(self._get_data_entry('inventory/{0}/type'.format(instance_name))))
self.inventory.set_variable(instance_name, 'ansible_lxd_type', self._get_data_entry('inventory/{0}/type'.format(instance_name)))
# add location information
if self._get_data_entry('inventory/{0}/location'.format(instance_name)) != "none": # wrong type by lxd 'none' != 'None'
self.inventory.set_variable(
instance_name, 'ansible_lxd_location', make_unsafe(self._get_data_entry('inventory/{0}/location'.format(instance_name))))
self.inventory.set_variable(instance_name, 'ansible_lxd_location', self._get_data_entry('inventory/{0}/location'.format(instance_name)))
# add VLAN_ID information
if self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)):
self.inventory.set_variable(
instance_name, 'ansible_lxd_vlan_ids', make_unsafe(self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name))))
self.inventory.set_variable(instance_name, 'ansible_lxd_vlan_ids', self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)))
# add project
self.inventory.set_variable(
instance_name, 'ansible_lxd_project', make_unsafe(self._get_data_entry('inventory/{0}/project'.format(instance_name))))
self.inventory.set_variable(instance_name, 'ansible_lxd_project', self._get_data_entry('inventory/{0}/project'.format(instance_name)))
def build_inventory_groups_location(self, group_name):
"""create group by attribute: location
@@ -1002,7 +993,7 @@ class InventoryModule(BaseInventoryPlugin):
for group_name in self.groupby:
if not group_name.isalnum():
raise AnsibleParserError('Invalid character(s) in groupname: {0}'.format(to_native(group_name)))
group_type(make_unsafe(group_name))
group_type(group_name)
def build_inventory(self):
"""Build dynamic inventory

3
plugins/inventory/nmap.py
View File

@@ -127,8 +127,6 @@ from ansible.module_utils.common.text.converters import to_native, to_text
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
from ansible.module_utils.common.process import get_bin_path
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
@@ -145,7 +143,6 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
strict = self.get_option('strict')
for host in hosts:
host = make_unsafe(host)
hostname = host['name']
self.inventory.add_host(hostname)
for var, value in host.items():

18
plugins/inventory/online.py
View File

@@ -69,8 +69,6 @@ from ansible.module_utils.common.text.converters import to_text
from ansible.module_utils.ansible_release import __version__ as ansible_version
from ansible.module_utils.six.moves.urllib.parse import urljoin
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
class InventoryModule(BaseInventoryPlugin):
NAME = 'community.general.online'
@@ -171,20 +169,20 @@ class InventoryModule(BaseInventoryPlugin):
"support"
)
for attribute in targeted_attributes:
self.inventory.set_variable(hostname, attribute, make_unsafe(host_infos[attribute]))
self.inventory.set_variable(hostname, attribute, host_infos[attribute])
if self.extract_public_ipv4(host_infos=host_infos):
self.inventory.set_variable(hostname, "public_ipv4", make_unsafe(self.extract_public_ipv4(host_infos=host_infos)))
self.inventory.set_variable(hostname, "ansible_host", make_unsafe(self.extract_public_ipv4(host_infos=host_infos)))
self.inventory.set_variable(hostname, "public_ipv4", self.extract_public_ipv4(host_infos=host_infos))
self.inventory.set_variable(hostname, "ansible_host", self.extract_public_ipv4(host_infos=host_infos))
if self.extract_private_ipv4(host_infos=host_infos):
self.inventory.set_variable(hostname, "public_ipv4", make_unsafe(self.extract_private_ipv4(host_infos=host_infos)))
self.inventory.set_variable(hostname, "public_ipv4", self.extract_private_ipv4(host_infos=host_infos))
if self.extract_os_name(host_infos=host_infos):
self.inventory.set_variable(hostname, "os_name", make_unsafe(self.extract_os_name(host_infos=host_infos)))
self.inventory.set_variable(hostname, "os_name", self.extract_os_name(host_infos=host_infos))
if self.extract_os_version(host_infos=host_infos):
self.inventory.set_variable(hostname, "os_version", make_unsafe(self.extract_os_name(host_infos=host_infos)))
self.inventory.set_variable(hostname, "os_version", self.extract_os_name(host_infos=host_infos))
def _filter_host(self, host_infos, hostname_preferences):
@@ -203,8 +201,6 @@ class InventoryModule(BaseInventoryPlugin):
if not hostname:
return
hostname = make_unsafe(hostname)
self.inventory.add_host(host=hostname)
self._fill_host_variables(hostname=hostname, host_infos=host_infos)
@@ -214,8 +210,6 @@ class InventoryModule(BaseInventoryPlugin):
if not group:
return
group = make_unsafe(group)
self.inventory.add_group(group=group)
self.inventory.add_host(group=group, host=hostname)

3
plugins/inventory/opennebula.py
View File

@@ -98,8 +98,6 @@ from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible.module_utils.common.text.converters import to_native
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
from collections import namedtuple
import os
@@ -217,7 +215,6 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
filter_by_label = self.get_option('filter_by_label')
servers = self._retrieve_servers(filter_by_label)
for server in servers:
server = make_unsafe(server)
hostname = server['name']
# check for labels
if group_by_labels and server['LABELS']:

32
plugins/inventory/proxmox.py
View File

@@ -116,11 +116,6 @@ DOCUMENTATION = '''
- The default of this option changed from V(true) to V(false) in community.general 6.0.0.
type: bool
default: false
exclude_nodes:
description: Exclude proxmox nodes and the nodes-group from the inventory output.
type: bool
default: false
version_added: 8.1.0
filters:
version_added: 4.6.0
description: A list of Jinja templates that allow filtering hosts.
@@ -171,6 +166,7 @@ plugin: community.general.proxmox
url: http://pve.domain.com:8006
user: ansible@pve
password: secure
validate_certs: false
want_facts: true
keyed_groups:
# proxmox_tags_parsed is an example of a fact only returned when 'want_facts=true'
@@ -191,10 +187,10 @@ want_proxmox_nodes_ansible_host: true
# Note: my_inv_var demonstrates how to add a string variable to every host used by the inventory.
# my.proxmox.yml
plugin: community.general.proxmox
url: http://192.168.1.2:8006
url: http://pve.domain.com:8006
user: ansible@pve
password: secure
validate_certs: false # only do this when you trust the network!
validate_certs: false
want_facts: true
want_proxmox_nodes_ansible_host: false
compose:
@@ -228,7 +224,6 @@ from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible.utils.display import Display
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
# 3rd party imports
try:
@@ -335,7 +330,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
self._cache[self.cache_key][url] = data
return make_unsafe(self._cache[self.cache_key][url])
return self._cache[self.cache_key][url]
def _get_nodes(self):
return self._get_json("%s/api2/json/nodes" % self.proxmox_url)
@@ -570,9 +565,9 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
for group in default_groups:
self.inventory.add_group(self._group('all_%s' % (group)))
nodes_group = self._group('nodes')
if not self.exclude_nodes:
self.inventory.add_group(nodes_group)
self.inventory.add_group(nodes_group)
want_proxmox_nodes_ansible_host = self.get_option("want_proxmox_nodes_ansible_host")
@@ -582,23 +577,22 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
for node in self._get_nodes():
if not node.get('node'):
continue
if not self.exclude_nodes:
self.inventory.add_host(node['node'])
if node['type'] == 'node' and not self.exclude_nodes:
self.inventory.add_host(node['node'])
if node['type'] == 'node':
self.inventory.add_child(nodes_group, node['node'])
if node['status'] == 'offline':
continue
# get node IP address
if want_proxmox_nodes_ansible_host and not self.exclude_nodes:
if want_proxmox_nodes_ansible_host:
ip = self._get_node_ip(node['node'])
self.inventory.set_variable(node['node'], 'ansible_host', ip)
# Setting composite variables
if not self.exclude_nodes:
variables = self.inventory.get_host(node['node']).get_vars()
self._set_composite_vars(self.get_option('compose'), variables, node['node'], strict=self.strict)
variables = self.inventory.get_host(node['node']).get_vars()
self._set_composite_vars(self.get_option('compose'), variables, node['node'], strict=self.strict)
# add LXC/Qemu groups for the node
for ittype in ('lxc', 'qemu'):
@@ -641,8 +635,8 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
if self.get_option('qemu_extended_statuses') and not self.get_option('want_facts'):
raise AnsibleError('You must set want_facts to True if you want to use qemu_extended_statuses.')
# read rest of options
self.exclude_nodes = self.get_option('exclude_nodes')
self.cache_key = self.get_cache_key(path)
self.use_cache = cache and self.get_option('cache')
self.host_filters = self.get_option('filters')

5
plugins/inventory/scaleway.py
View File

@@ -121,7 +121,6 @@ else:
from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible_collections.community.general.plugins.module_utils.scaleway import SCALEWAY_LOCATION, parse_pagination_link
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
from ansible.module_utils.urls import open_url
from ansible.module_utils.common.text.converters import to_native, to_text
from ansible.module_utils.six import raise_from
@@ -280,7 +279,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
zone_info = SCALEWAY_LOCATION[zone]
url = _build_server_url(zone_info["api_endpoint"])
raw_zone_hosts_infos = make_unsafe(_fetch_information(url=url, token=token))
raw_zone_hosts_infos = _fetch_information(url=url, token=token)
for host_infos in raw_zone_hosts_infos:
@@ -342,4 +341,4 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
hostname_preference = self.get_option("hostnames")
for zone in self._get_zones(config_zones):
self.do_zone_inventory(zone=make_unsafe(zone), token=token, tags=tags, hostname_preferences=hostname_preference)
self.do_zone_inventory(zone=zone, token=token, tags=tags, hostname_preferences=hostname_preference)

4
plugins/inventory/stackpath_compute.py
View File

@@ -73,8 +73,6 @@ from ansible.plugins.inventory import (
)
from ansible.utils.display import Display
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
display = Display()
@@ -273,7 +271,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
if not cache or cache_needs_update:
results = self._query()
self._populate(make_unsafe(results))
self._populate(results)
# If the cache has expired/doesn't exist or
# if refresh_inventory/flush cache is used

14
plugins/inventory/virtualbox.py
View File

@@ -63,8 +63,6 @@ from ansible.module_utils.common._collections_compat import MutableMapping
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
from ansible.module_utils.common.process import get_bin_path
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
''' Host inventory parser for ansible using local virtualbox. '''
@@ -118,7 +116,6 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
self._add_host_to_keyed_groups(self.get_option('keyed_groups'), hostvars[host], host, strict=strict)
def _populate_from_cache(self, source_data):
source_data = make_unsafe(source_data)
hostvars = source_data.pop('_meta', {}).get('hostvars', {})
for group in source_data:
if group == 'all':
@@ -165,7 +162,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
v = v.strip()
# found host
if k.startswith('Name') and ',' not in v: # some setting strings appear in Name
current_host = make_unsafe(v)
current_host = v
if current_host not in hostvars:
hostvars[current_host] = {}
self.inventory.add_host(current_host)
@@ -173,13 +170,12 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
# try to get network info
netdata = self._query_vbox_data(current_host, netinfo)
if netdata:
self.inventory.set_variable(current_host, 'ansible_host', make_unsafe(netdata))
self.inventory.set_variable(current_host, 'ansible_host', netdata)
# found groups
elif k == 'Groups':
for group in v.split('/'):
if group:
group = make_unsafe(group)
group = self.inventory.add_group(group)
self.inventory.add_child(group, current_host)
if group not in cacheable_results:
@@ -189,17 +185,17 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
else:
# found vars, accumulate in hostvars for clean inventory set
pref_k = make_unsafe('vbox_' + k.strip().replace(' ', '_'))
pref_k = 'vbox_' + k.strip().replace(' ', '_')
leading_spaces = len(k) - len(k.lstrip(' '))
if 0 < leading_spaces <= 2:
if prevkey not in hostvars[current_host] or not isinstance(hostvars[current_host][prevkey], dict):
hostvars[current_host][prevkey] = {}
hostvars[current_host][prevkey][pref_k] = make_unsafe(v)
hostvars[current_host][prevkey][pref_k] = v
elif leading_spaces > 2:
continue
else:
if v != '':
hostvars[current_host][pref_k] = make_unsafe(v)
hostvars[current_host][pref_k] = v
if self._ungrouped_host(current_host, cacheable_results):
if 'ungrouped' not in cacheable_results:
cacheable_results['ungrouped'] = {'hosts': []}

3
plugins/inventory/xen_orchestra.py
View File

@@ -84,7 +84,6 @@ from ansible.errors import AnsibleError
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
# 3rd party imports
try:
@@ -348,4 +347,4 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
self.protocol = 'ws'
objects = self._get_objects()
self._populate(make_unsafe(objects))
self._populate(objects)

92
plugins/lookup/bitwarden.py
View File

@@ -25,11 +25,7 @@ DOCUMENTATION = """
type: list
elements: str
search:
description:
- Field to retrieve, for example V(name) or V(id).
- If set to V(id), only zero or one element can be returned.
Use the Jinja C(first) filter to get the only list element.
- If set to V(None) or V(''), or if O(_terms) is empty, records are not filtered by fields.
description: Field to retrieve, for example V(name) or V(id).
type: str
default: name
version_added: 5.7.0
@@ -40,61 +36,40 @@ DOCUMENTATION = """
description: Collection ID to filter results by collection. Leave unset to skip filtering.
type: str
version_added: 6.3.0
organization_id:
description: Organization ID to filter results by organization. Leave unset to skip filtering.
type: str
version_added: 8.5.0
bw_session:
description: Pass session key instead of reading from env.
type: str
version_added: 8.4.0
"""
EXAMPLES = """
- name: "Get 'password' from all Bitwarden records named 'a_test'"
- name: "Get 'password' from Bitwarden record named 'a_test'"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'a_test', field='password') }}
- name: "Get 'password' from Bitwarden record with ID 'bafba515-af11-47e6-abe3-af1200cd18b2'"
- name: "Get 'password' from Bitwarden record with id 'bafba515-af11-47e6-abe3-af1200cd18b2'"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'bafba515-af11-47e6-abe3-af1200cd18b2', search='id', field='password') | first }}
{{ lookup('community.general.bitwarden', 'bafba515-af11-47e6-abe3-af1200cd18b2', search='id', field='password') }}
- name: "Get 'password' from all Bitwarden records named 'a_test' from collection"
- name: "Get 'password' from Bitwarden record named 'a_test' from collection"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'a_test', field='password', collection_id='bafba515-af11-47e6-abe3-af1200cd18b2') }}
- name: "Get list of all full Bitwarden records named 'a_test'"
- name: "Get full Bitwarden record named 'a_test'"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'a_test') }}
- name: "Get custom field 'api_key' from all Bitwarden records named 'a_test'"
- name: "Get custom field 'api_key' from Bitwarden record named 'a_test'"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'a_test', field='api_key') }}
- name: "Get 'password' from all Bitwarden records named 'a_test', using given session key"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', 'a_test', field='password', bw_session='bXZ9B5TXi6...') }}
- name: "Get all Bitwarden records from collection"
ansible.builtin.debug:
msg: >-
{{ lookup('community.general.bitwarden', None, collection_id='bafba515-af11-47e6-abe3-af1200cd18b2') }}
"""
RETURN = """
_raw:
description:
- A one-element list that contains a list of requested fields or JSON objects of matches.
- If you use C(query), you get a list of lists. If you use C(lookup) without C(wantlist=true),
this always gets reduced to a list of field values or JSON objects.
description: List of requested field or JSON object of list of matches.
type: list
elements: list
elements: raw
"""
from subprocess import Popen, PIPE
@@ -113,20 +88,11 @@ class Bitwarden(object):
def __init__(self, path='bw'):
self._cli_path = path
self._session = None
@property
def cli_path(self):
return self._cli_path
@property
def session(self):
return self._session
@session.setter
def session(self, value):
self._session = value
@property
def unlocked(self):
out, err = self._run(['status'], stdin="")
@@ -134,56 +100,38 @@ class Bitwarden(object):
return decoded['status'] == 'unlocked'
def _run(self, args, stdin=None, expected_rc=0):
if self.session:
args += ['--session', self.session]
p = Popen([self.cli_path] + args, stdout=PIPE, stderr=PIPE, stdin=PIPE)
out, err = p.communicate(to_bytes(stdin))
rc = p.wait()
if rc != expected_rc:
if len(args) > 2 and args[0] == 'get' and args[1] == 'item' and b'Not found.' in err:
return 'null', ''
raise BitwardenException(err)
return to_text(out, errors='surrogate_or_strict'), to_text(err, errors='surrogate_or_strict')
def _get_matches(self, search_value, search_field, collection_id=None, organization_id=None):
def _get_matches(self, search_value, search_field, collection_id):
"""Return matching records whose search_field is equal to key.
"""
# Prepare set of params for Bitwarden CLI
if search_field == 'id':
params = ['get', 'item', search_value]
else:
params = ['list', 'items']
if search_value:
params.extend(['--search', search_value])
params = ['list', 'items', '--search', search_value]
if collection_id:
params.extend(['--collectionid', collection_id])
if organization_id:
params.extend(['--organizationid', organization_id])
out, err = self._run(params)
# This includes things that matched in different fields.
initial_matches = AnsibleJSONDecoder().raw_decode(out)[0]
if search_field == 'id':
if initial_matches is None:
initial_matches = []
else:
initial_matches = [initial_matches]
# Filter to only include results from the right field.
return [item for item in initial_matches if not search_value or item[search_field] == search_value]
return [item for item in initial_matches if item[search_field] == search_value]
def get_field(self, field, search_value, search_field="name", collection_id=None, organization_id=None):
def get_field(self, field, search_value, search_field="name", collection_id=None):
"""Return a list of the specified field for records whose search_field match search_value
and filtered by collection if collection has been provided.
If field is None, return the whole record for each match.
"""
matches = self._get_matches(search_value, search_field, collection_id, organization_id)
matches = self._get_matches(search_value, search_field, collection_id)
if not field:
return matches
field_matches = []
@@ -204,30 +152,22 @@ class Bitwarden(object):
if field in match:
field_matches.append(match[field])
continue
if matches and not field_matches:
raise AnsibleError("field {field} does not exist in {search_value}".format(field=field, search_value=search_value))
return field_matches
class LookupModule(LookupBase):
def run(self, terms=None, variables=None, **kwargs):
def run(self, terms, variables=None, **kwargs):
self.set_options(var_options=variables, direct=kwargs)
field = self.get_option('field')
search_field = self.get_option('search')
collection_id = self.get_option('collection_id')
organization_id = self.get_option('organization_id')
_bitwarden.session = self.get_option('bw_session')
if not _bitwarden.unlocked:
raise AnsibleError("Bitwarden Vault locked. Run 'bw unlock'.")
if not terms:
terms = [None]
return [_bitwarden.get_field(field, term, search_field, collection_id, organization_id) for term in terms]
return [_bitwarden.get_field(field, term, search_field, collection_id) for term in terms]
_bitwarden = Bitwarden()

21
plugins/lookup/bitwarden_secrets_manager.py
View File

@@ -70,7 +70,6 @@ RETURN = """
"""
from subprocess import Popen, PIPE
from time import sleep
from ansible.errors import AnsibleLookupError
from ansible.module_utils.common.text.converters import to_text
@@ -85,29 +84,11 @@ class BitwardenSecretsManagerException(AnsibleLookupError):
class BitwardenSecretsManager(object):
def __init__(self, path='bws'):
self._cli_path = path
self._max_retries = 3
self._retry_delay = 1
@property
def cli_path(self):
return self._cli_path
def _run_with_retry(self, args, stdin=None, retries=0):
out, err, rc = self._run(args, stdin)
if rc != 0:
if retries >= self._max_retries:
raise BitwardenSecretsManagerException("Max retries exceeded. Unable to retrieve secret.")
if "Too many requests" in err:
delay = self._retry_delay * (2 ** retries)
sleep(delay)
return self._run_with_retry(args, stdin, retries + 1)
else:
raise BitwardenSecretsManagerException(f"Command failed with return code {rc}: {err}")
return out, err, rc
def _run(self, args, stdin=None):
p = Popen([self.cli_path] + args, stdout=PIPE, stderr=PIPE, stdin=PIPE)
out, err = p.communicate(stdin)
@@ -126,7 +107,7 @@ class BitwardenSecretsManager(object):
'get', 'secret', secret_id
]
out, err, rc = self._run_with_retry(params)
out, err, rc = self._run(params)
if rc != 0:
raise BitwardenSecretsManagerException(to_text(err))

4
plugins/lookup/etcd.py
View File

@@ -54,7 +54,7 @@ EXAMPLES = '''
ansible.builtin.debug:
msg: "{{ lookup('community.general.etcd', 'foo', 'bar', 'baz') }}"
- name: "you can set server options inline"
- name: "since Ansible 2.5 you can set server options inline"
ansible.builtin.debug:
msg: "{{ lookup('community.general.etcd', 'foo', version='v2', url='http://192.168.0.27:4001') }}"
'''
@@ -62,7 +62,7 @@ EXAMPLES = '''
RETURN = '''
_raw:
description:
- List of values associated with input keys.
- list of values associated with input keys
type: list
elements: string
'''

156
plugins/lookup/github_app_access_token.py
View File

@@ -1,156 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2023, Poh Wei Sheng <weisheng-p@hotmail.sg>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = '''
name: github_app_access_token
author:
- Poh Wei Sheng (@weisheng-p)
short_description: Obtain short-lived Github App Access tokens
version_added: '8.2.0'
requirements:
- jwt (https://github.com/GehirnInc/python-jwt)
description:
- This generates a Github access token that can be used with a C(git) command, if you use a Github App.
options:
key_path:
description:
- Path to your private key.
required: true
type: path
app_id:
description:
- Your GitHub App ID, you can find this in the Settings page.
required: true
type: str
installation_id:
description:
- The installation ID that contains the git repository you would like access to.
- As of 2023-12-24, this can be found via Settings page > Integrations > Application. The last part of the URL in the
configure button is the installation ID.
- Alternatively, you can use PyGithub (U(https://github.com/PyGithub/PyGithub)) to get your installation ID.
required: true
type: str
token_expiry:
description:
- How long the token should last for in seconds.
default: 600
type: int
'''
EXAMPLES = '''
- name: Get access token to be used for git checkout with app_id=123456, installation_id=64209
ansible.builtin.git:
repo: >-
https://x-access-token:{{ github_token }}@github.com/hidden_user/super-secret-repo.git
dest: /srv/checkout
vars:
github_token: >-
lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
app_id='123456', installation_id='64209')
'''
RETURN = '''
_raw:
description: A one-element list containing your GitHub access token.
type: list
elements: str
'''
try:
from jwt import JWT, jwk_from_pem
HAS_JWT = True
except ImportError:
HAS_JWT = False
import time
import json
from ansible.module_utils.urls import open_url
from ansible.module_utils.six.moves.urllib.error import HTTPError
from ansible.errors import AnsibleError
from ansible.plugins.lookup import LookupBase
from ansible.utils.display import Display
if HAS_JWT:
jwt_instance = JWT()
else:
jwk_from_pem = None
jwt_instance = None
display = Display()
def read_key(path):
try:
with open(path, 'rb') as pem_file:
return jwk_from_pem(pem_file.read())
except Exception as e:
raise AnsibleError("Error while parsing key file: {0}".format(e))
def encode_jwt(app_id, jwk, exp=600):
now = int(time.time())
payload = {
'iat': now,
'exp': now + exp,
'iss': app_id,
}
try:
return jwt_instance.encode(payload, jwk, alg='RS256')
except Exception as e:
raise AnsibleError("Error while encoding jwt: {0}".format(e))
def post_request(generated_jwt, installation_id):
github_api_url = f'https://api.github.com/app/installations/{installation_id}/access_tokens'
headers = {
"Authorization": f'Bearer {generated_jwt}',
"Accept": "application/vnd.github.v3+json",
}
try:
response = open_url(github_api_url, headers=headers, method='POST')
except HTTPError as e:
try:
error_body = json.loads(e.read().decode())
display.vvv("Error returned: {0}".format(error_body))
except Exception:
error_body = {}
if e.code == 404:
raise AnsibleError("Github return error. Please confirm your installationd_id value is valid")
elif e.code == 401:
raise AnsibleError("Github return error. Please confirm your private key is valid")
raise AnsibleError("Unexpected data returned: {0} -- {1}".format(e, error_body))
response_body = response.read()
try:
json_data = json.loads(response_body.decode('utf-8'))
except json.decoder.JSONDecodeError as e:
raise AnsibleError("Error while dencoding JSON respone from github: {0}".format(e))
return json_data.get('token')
def get_token(key_path, app_id, installation_id, expiry=600):
jwk = read_key(key_path)
generated_jwt = encode_jwt(app_id, jwk, exp=expiry)
return post_request(generated_jwt, installation_id)
class LookupModule(LookupBase):
def run(self, terms, variables=None, **kwargs):
if not HAS_JWT:
raise AnsibleError('Python jwt library is required. '
'Please install using "pip install jwt"')
self.set_options(var_options=variables, direct=kwargs)
t = get_token(
self.get_option('key_path'),
self.get_option('app_id'),
self.get_option('installation_id'),
self.get_option('token_expiry'),
)
return [t]

37
plugins/lookup/merge_variables.py
View File

@@ -10,12 +10,11 @@ DOCUMENTATION = """
author:
- Roy Lenferink (@rlenferink)
- Mark Ettema (@m-a-r-k-e)
- Alexander Petrenz (@alpex8)
name: merge_variables
short_description: merge variables with a certain suffix
description:
- This lookup returns the merged result of all variables in scope that match the given prefixes, suffixes, or
regular expressions, optionally.
regular expressions, optionally.
version_added: 6.5.0
options:
_terms:
@@ -62,13 +61,6 @@ DOCUMENTATION = """
ini:
- section: merge_variables_lookup
key: override
groups:
description:
- Search for variables accross hosts that belong to the given groups. This allows to collect configuration pieces
accross different hosts (for example a service on a host with its database on another host).
type: list
elements: str
version_added: 8.5.0
"""
EXAMPLES = """
@@ -139,41 +131,22 @@ def _verify_and_get_type(variable):
class LookupModule(LookupBase):
def run(self, terms, variables=None, **kwargs):
self.set_options(direct=kwargs)
initial_value = self.get_option("initial_value", None)
self._override = self.get_option('override', 'error')
self._pattern_type = self.get_option('pattern_type', 'regex')
self._groups = self.get_option('groups', None)
ret = []
for term in terms:
if not isinstance(term, str):
raise AnsibleError("Non-string type '{0}' passed, only 'str' types are allowed!".format(type(term)))
if not self._groups: # consider only own variables
ret.append(self._merge_vars(term, initial_value, variables))
else: # consider variables of hosts in given groups
cross_host_merge_result = initial_value
for host in variables["hostvars"]:
if self._is_host_in_allowed_groups(variables["hostvars"][host]["group_names"]):
host_variables = dict(variables["hostvars"].raw_get(host))
host_variables["hostvars"] = variables["hostvars"] # re-add hostvars
cross_host_merge_result = self._merge_vars(term, cross_host_merge_result, host_variables)
ret.append(cross_host_merge_result)
ret.append(self._merge_vars(term, initial_value, variables))
return ret
def _is_host_in_allowed_groups(self, host_groups):
if 'all' in self._groups:
return True
group_intersection = [host_group_name for host_group_name in host_groups if host_group_name in self._groups]
if group_intersection:
return True
return False
def _var_matches(self, key, search_pattern):
if self._pattern_type == "prefix":
return key.startswith(search_pattern)
@@ -189,6 +162,7 @@ class LookupModule(LookupBase):
display.vvv("Merge variables with {0}: {1}".format(self._pattern_type, search_pattern))
var_merge_names = sorted([key for key in variables.keys() if self._var_matches(key, search_pattern)])
display.vvv("The following variables will be merged: {0}".format(var_merge_names))
prev_var_type = None
result = None
@@ -197,8 +171,7 @@ class LookupModule(LookupBase):
result = initial_value
for var_name in var_merge_names:
with self._templar.set_temporary_context(available_variables=variables): # tmp. switch renderer to context of current variables
var_value = self._templar.template(variables[var_name]) # Render jinja2 templates
var_value = self._templar.template(variables[var_name]) # Render jinja2 templates
var_type = _verify_and_get_type(var_value)
if prev_var_type is None:

131
plugins/lookup/onepassword.py
View File

@@ -14,28 +14,59 @@ DOCUMENTATION = '''
- Scott Buchanan (@scottsb)
- Andrew Zenk (@azenk)
- Sam Doran (@samdoran)
short_description: Fetch field values from 1Password
requirements:
- C(op) 1Password command line utility. See U(https://support.1password.com/command-line/)
short_description: fetch field values from 1Password
description:
- P(community.general.onepassword#lookup) wraps the C(op) command line utility to fetch specific field values from 1Password.
requirements:
- C(op) 1Password command line utility
options:
_terms:
description: Identifier(s) (case-insensitive UUID or name) of item(s) to retrieve.
description: identifier(s) (UUID, name, or subdomain; case-insensitive) of item(s) to retrieve.
required: true
account_id:
version_added: 7.5.0
domain:
version_added: 3.2.0
field:
description: Field to return from each matching item (case-insensitive).
description: field to return from each matching item (case-insensitive).
default: 'password'
master_password:
description: The password used to unlock the specified vault.
aliases: ['vault_password']
section:
description: Item section containing the field to retrieve (case-insensitive). If absent will return first match from any section.
domain:
description: Domain of 1Password.
version_added: 3.2.0
default: '1password.com'
type: str
subdomain:
description: The 1Password subdomain to authenticate against.
account_id:
description: The account ID to target.
type: str
version_added: 7.5.0
username:
description: The username used to sign in.
secret_key:
description: The secret key used when performing an initial sign in.
service_account_token:
description:
- The access key for a service account.
- Only works with 1Password CLI version 2 or later.
type: str
version_added: 7.1.0
extends_documentation_fragment:
- community.general.onepassword
- community.general.onepassword.lookup
vault:
description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults.
notes:
- This lookup will use an existing 1Password session if one exists. If not, and you have already
performed an initial sign in (meaning C(~/.op/config), C(~/.config/op/config) or C(~/.config/.op/config) exists), then only the
C(master_password) is required. You may optionally specify O(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
- This lookup can perform an initial login by providing O(subdomain), O(username), O(secret_key), and O(master_password).
- Can target a specific account by providing the O(account_id).
- Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
to the 1Password master password.
- This lookup stores potentially sensitive data from 1Password as Ansible facts.
Facts are subject to caching if enabled, which means this data could be stored in clear text
on disk or in a database.
- Tested with C(op) version 2.7.2
'''
EXAMPLES = """
@@ -77,7 +108,7 @@ EXAMPLES = """
RETURN = """
_raw:
description: Field data requested.
description: field data requested
type: list
elements: str
"""
@@ -88,7 +119,7 @@ import json
import subprocess
from ansible.plugins.lookup import LookupBase
from ansible.errors import AnsibleLookupError, AnsibleOptionsError
from ansible.errors import AnsibleLookupError
from ansible.module_utils.common.process import get_bin_path
from ansible.module_utils.common.text.converters import to_bytes, to_text
from ansible.module_utils.six import with_metaclass
@@ -96,14 +127,6 @@ from ansible.module_utils.six import with_metaclass
from ansible_collections.community.general.plugins.module_utils.onepassword import OnePasswordConfig
def _lower_if_possible(value):
"""Return the lower case version value, otherwise return the value"""
try:
return value.lower()
except AttributeError:
return value
class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
bin = "op"
@@ -116,8 +139,6 @@ class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
master_password=None,
service_account_token=None,
account_id=None,
connect_host=None,
connect_token=None,
):
self.subdomain = subdomain
self.domain = domain
@@ -126,8 +147,6 @@ class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
self.secret_key = secret_key
self.service_account_token = service_account_token
self.account_id = account_id
self.connect_host = connect_host
self.connect_token = connect_token
self._path = None
self._version = None
@@ -306,10 +325,6 @@ class OnePassCLIv1(OnePassCLIBase):
return not bool(rc)
def full_signin(self):
if self.connect_host or self.connect_token:
raise AnsibleLookupError(
"1Password Connect is not available with 1Password CLI version 1. Please use version 2 or later.")
if self.service_account_token:
raise AnsibleLookupError(
"1Password CLI version 1 does not support Service Accounts. Please use version 2 or later.")
@@ -465,7 +480,6 @@ class OnePassCLIv2(OnePassCLIBase):
}
"""
data = json.loads(data_json)
field_name = _lower_if_possible(field_name)
for field in data.get("fields", []):
if section_title is None:
# If the field name exists in the section, return that value
@@ -474,33 +488,28 @@ class OnePassCLIv2(OnePassCLIBase):
# If the field name doesn't exist in the section, match on the value of "label"
# then "id" and return "value"
if field.get("label", "").lower() == field_name:
if field.get("label") == field_name:
return field.get("value", "")
if field.get("id", "").lower() == field_name:
if field.get("id") == field_name:
return field.get("value", "")
# Look at the section data and get an identifier. The value of 'id' is either a unique ID
# or a human-readable string. If a 'label' field exists, prefer that since
# it is the value visible in the 1Password UI when both 'id' and 'label' exist.
section = field.get("section", {})
section_title = _lower_if_possible(section_title)
current_section_title = section.get("label", section.get("id", "")).lower()
current_section_title = section.get("label", section.get("id"))
if section_title == current_section_title:
# In the correct section. Check "label" then "id" for the desired field_name
if field.get("label", "").lower() == field_name:
if field.get("label") == field_name:
return field.get("value", "")
if field.get("id", "").lower() == field_name:
if field.get("id") == field_name:
return field.get("value", "")
return ""
def assert_logged_in(self):
if self.connect_host and self.connect_token:
return True
if self.service_account_token:
args = ["whoami"]
environment_update = {"OP_SERVICE_ACCOUNT_TOKEN": self.service_account_token}
@@ -560,15 +569,6 @@ class OnePassCLIv2(OnePassCLIBase):
if vault is not None:
args += ["--vault={0}".format(vault)]
if self.connect_host and self.connect_token:
if vault is None:
raise AnsibleLookupError("'vault' is required with 1Password Connect")
environment_update = {
"OP_CONNECT_HOST": self.connect_host,
"OP_CONNECT_TOKEN": self.connect_token,
}
return self._run(args, environment_update=environment_update)
if self.service_account_token:
if vault is None:
raise AnsibleLookupError("'vault' is required with 'service_account_token'")
@@ -592,7 +592,7 @@ class OnePassCLIv2(OnePassCLIBase):
class OnePass(object):
def __init__(self, subdomain=None, domain="1password.com", username=None, secret_key=None, master_password=None,
service_account_token=None, account_id=None, connect_host=None, connect_token=None, cli_class=None):
service_account_token=None, account_id=None):
self.subdomain = subdomain
self.domain = domain
self.username = username
@@ -600,28 +600,19 @@ class OnePass(object):
self.master_password = master_password
self.service_account_token = service_account_token
self.account_id = account_id
self.connect_host = connect_host
self.connect_token = connect_token
self.logged_in = False
self.token = None
self._config = OnePasswordConfig()
self._cli = self._get_cli_class(cli_class)
if (self.connect_host or self.connect_token) and None in (self.connect_host, self.connect_token):
raise AnsibleOptionsError("connect_host and connect_token are required together")
def _get_cli_class(self, cli_class=None):
if cli_class is not None:
return cli_class(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token)
self._cli = self._get_cli_class()
def _get_cli_class(self):
version = OnePassCLIBase.get_current_version()
for cls in OnePassCLIBase.__subclasses__():
if cls.supports_version == version.split(".")[0]:
try:
return cls(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token,
self.account_id, self.connect_host, self.connect_token)
return cls(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token, self.account_id)
except TypeError as e:
raise AnsibleLookupError(e)
@@ -686,20 +677,8 @@ class LookupModule(LookupBase):
master_password = self.get_option("master_password")
service_account_token = self.get_option("service_account_token")
account_id = self.get_option("account_id")
connect_host = self.get_option("connect_host")
connect_token = self.get_option("connect_token")
op = OnePass(
subdomain=subdomain,
domain=domain,
username=username,
secret_key=secret_key,
master_password=master_password,
service_account_token=service_account_token,
account_id=account_id,
connect_host=connect_host,
connect_token=connect_token,
)
op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token, account_id)
op.assert_logged_in()
values = []

104
plugins/lookup/onepassword_doc.py
View File

@@ -1,104 +0,0 @@
# -*- coding: utf-8 -*-
# Copyright (c) 2023, Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = '''
name: onepassword_doc
author:
- Sam Doran (@samdoran)
requirements:
- C(op) 1Password command line utility version 2 or later.
short_description: Fetch documents stored in 1Password
version_added: "8.1.0"
description:
- P(community.general.onepassword_doc#lookup) wraps C(op) command line utility to fetch one or more documents from 1Password.
notes:
- The document contents are a string exactly as stored in 1Password.
- This plugin requires C(op) version 2 or later.
options:
_terms:
description: Identifier(s) (case-insensitive UUID or name) of item(s) to retrieve.
required: true
extends_documentation_fragment:
- community.general.onepassword
- community.general.onepassword.lookup
'''
EXAMPLES = """
- name: Retrieve a private key from 1Password
ansible.builtin.debug:
var: lookup('community.general.onepassword_doc', 'Private key')
"""
RETURN = """
_raw:
description: Requested document
type: list
elements: string
"""
from ansible_collections.community.general.plugins.lookup.onepassword import OnePass, OnePassCLIv2
from ansible.errors import AnsibleLookupError
from ansible.module_utils.common.text.converters import to_bytes
from ansible.plugins.lookup import LookupBase
class OnePassCLIv2Doc(OnePassCLIv2):
def get_raw(self, item_id, vault=None, token=None):
args = ["document", "get", item_id]
if vault is not None:
args = [*args, "--vault={0}".format(vault)]
if self.service_account_token:
if vault is None:
raise AnsibleLookupError("'vault' is required with 'service_account_token'")
environment_update = {"OP_SERVICE_ACCOUNT_TOKEN": self.service_account_token}
return self._run(args, environment_update=environment_update)
if token is not None:
args = [*args, to_bytes("--session=") + token]
return self._run(args)
class LookupModule(LookupBase):
def run(self, terms, variables=None, **kwargs):
self.set_options(var_options=variables, direct=kwargs)
vault = self.get_option("vault")
subdomain = self.get_option("subdomain")
domain = self.get_option("domain", "1password.com")
username = self.get_option("username")
secret_key = self.get_option("secret_key")
master_password = self.get_option("master_password")
service_account_token = self.get_option("service_account_token")
account_id = self.get_option("account_id")
connect_host = self.get_option("connect_host")
connect_token = self.get_option("connect_token")
op = OnePass(
subdomain=subdomain,
domain=domain,
username=username,
secret_key=secret_key,
master_password=master_password,
service_account_token=service_account_token,
account_id=account_id,
connect_host=connect_host,
connect_token=connect_token,
cli_class=OnePassCLIv2Doc,
)
op.assert_logged_in()
values = []
for term in terms:
values.append(op.get_raw(term, vault))
return values

64
plugins/lookup/onepassword_raw.py
View File

@@ -15,23 +15,55 @@ DOCUMENTATION = '''
- Andrew Zenk (@azenk)
- Sam Doran (@samdoran)
requirements:
- C(op) 1Password command line utility
short_description: Fetch an entire item from 1Password
- C(op) 1Password command line utility. See U(https://support.1password.com/command-line/)
short_description: fetch an entire item from 1Password
description:
- P(community.general.onepassword_raw#lookup) wraps C(op) command line utility to fetch an entire item from 1Password.
options:
_terms:
description: Identifier(s) (case-insensitive UUID or name) of item(s) to retrieve.
description: identifier(s) (UUID, name, or domain; case-insensitive) of item(s) to retrieve.
required: true
account_id:
version_added: 7.5.0
master_password:
description: The password used to unlock the specified vault.
aliases: ['vault_password']
section:
description: Item section containing the field to retrieve (case-insensitive). If absent will return first match from any section.
subdomain:
description: The 1Password subdomain to authenticate against.
domain:
description: Domain of 1Password.
version_added: 6.0.0
default: '1password.com'
type: str
account_id:
description: The account ID to target.
type: str
version_added: 7.5.0
username:
description: The username used to sign in.
secret_key:
description: The secret key used when performing an initial sign in.
service_account_token:
description:
- The access key for a service account.
- Only works with 1Password CLI version 2 or later.
type: string
version_added: 7.1.0
extends_documentation_fragment:
- community.general.onepassword
- community.general.onepassword.lookup
vault:
description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults.
notes:
- This lookup will use an existing 1Password session if one exists. If not, and you have already
performed an initial sign in (meaning C(~/.op/config exists)), then only the O(master_password) is required.
You may optionally specify O(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
- This lookup can perform an initial login by providing O(subdomain), O(username), O(secret_key), and O(master_password).
- Can target a specific account by providing the O(account_id).
- Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
to the 1Password master password.
- This lookup stores potentially sensitive data from 1Password as Ansible facts.
Facts are subject to caching if enabled, which means this data could be stored in clear text
on disk or in a database.
- Tested with C(op) version 2.7.0
'''
EXAMPLES = """
@@ -46,7 +78,7 @@ EXAMPLES = """
RETURN = """
_raw:
description: Entire item requested.
description: field data requested
type: list
elements: dict
"""
@@ -70,20 +102,8 @@ class LookupModule(LookupBase):
master_password = self.get_option("master_password")
service_account_token = self.get_option("service_account_token")
account_id = self.get_option("account_id")
connect_host = self.get_option("connect_host")
connect_token = self.get_option("connect_token")
op = OnePass(
subdomain=subdomain,
domain=domain,
username=username,
secret_key=secret_key,
master_password=master_password,
service_account_token=service_account_token,
account_id=account_id,
connect_host=connect_host,
connect_token=connect_token,
)
op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token, account_id)
op.assert_logged_in()
values = []

59
plugins/lookup/passwordstore.py
View File

@@ -129,31 +129,6 @@ DOCUMENTATION = '''
- pass
- gopass
version_added: 5.2.0
timestamp:
description: Add the password generation information to the end of the file.
type: bool
default: true
version_added: 8.1.0
preserve:
description: Include the old (edited) password inside the pass file.
type: bool
default: true
version_added: 8.1.0
missing_subkey:
description:
- Preference about what to do if the password subkey is missing.
- If set to V(error), the lookup will error out if the subkey does not exist.
- If set to V(empty) or V(warn), will return a V(none) in case the subkey does not exist.
version_added: 8.6.0
type: str
default: empty
choices:
- error
- warn
- empty
ini:
- section: passwordstore_lookup
key: missing_subkey
notes:
- The lookup supports passing all options as lookup parameters since community.general 6.0.0.
'''
@@ -162,7 +137,6 @@ ansible.cfg: |
[passwordstore_lookup]
lock=readwrite
locktimeout=45s
missing_subkey=warn
tasks.yml: |
---
@@ -412,13 +386,11 @@ class LookupModule(LookupBase):
# generate new password, insert old lines from current result and return new password
newpass = self.get_newpass()
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
msg = newpass
if self.paramvals['preserve'] or self.paramvals['timestamp']:
msg += '\n'
if self.paramvals['preserve'] and self.passoutput[1:]:
msg += '\n'.join(self.passoutput[1:]) + '\n'
if self.paramvals['timestamp'] and self.paramvals['backup']:
msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime)
msg = newpass + '\n'
if self.passoutput[1:]:
msg += '\n'.join(self.passoutput[1:]) + '\n'
if self.paramvals['backup']:
msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime)
try:
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
except (subprocess.CalledProcessError) as e:
@@ -430,9 +402,7 @@ class LookupModule(LookupBase):
# use pwgen to generate the password and insert values with pass -m
newpass = self.get_newpass()
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
msg = newpass
if self.paramvals['timestamp']:
msg += '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime)
msg = newpass + '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime)
try:
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
except (subprocess.CalledProcessError) as e:
@@ -448,20 +418,6 @@ class LookupModule(LookupBase):
if self.paramvals['subkey'] in self.passdict:
return self.passdict[self.paramvals['subkey']]
else:
if self.paramvals["missing_subkey"] == "error":
raise AnsibleError(
"passwordstore: subkey {0} for passname {1} not found and missing_subkey=error is set".format(
self.paramvals["subkey"], self.passname
)
)
if self.paramvals["missing_subkey"] == "warn":
display.warning(
"passwordstore: subkey {0} for passname {1} not found".format(
self.paramvals["subkey"], self.passname
)
)
return None
@contextmanager
@@ -509,9 +465,6 @@ class LookupModule(LookupBase):
'backup': self.get_option('backup'),
'missing': self.get_option('missing'),
'umask': self.get_option('umask'),
'timestamp': self.get_option('timestamp'),
'preserve': self.get_option('preserve'),
"missing_subkey": self.get_option("missing_subkey"),
}
def run(self, terms, variables, **kwargs):

2
plugins/lookup/revbitspss.py
View File

@@ -100,7 +100,7 @@ class LookupModule(LookupBase):
result = []
for term in terms:
try:
display.vvv("Secret Server lookup of Secret with ID %s" % term)
display.vvv(u"Secret Server lookup of Secret with ID %s" % term)
result.append({term: secret_server.get_pam_secret(term)})
except Exception as error:
raise AnsibleError("Secret Server lookup failure: %s" % error.message)

11
plugins/module_utils/cmd_runner.py
View File

@@ -129,15 +129,8 @@ class _Format(object):
return _ArgFormat(lambda value: ["{0}={1}".format(arg, value)], ignore_none=ignore_none)
@staticmethod
def as_list(ignore_none=None, min_len=0, max_len=None):
def func(value):
value = _ensure_list(value)
if len(value) < min_len:
raise ValueError("Parameter must have at least {0} element(s)".format(min_len))
if max_len is not None and len(value) > max_len:
raise ValueError("Parameter must have at most {0} element(s)".format(max_len))
return value
return _ArgFormat(func, ignore_none=ignore_none)
def as_list(ignore_none=None):
return _ArgFormat(_ensure_list, ignore_none=ignore_none)
@staticmethod
def as_fixed(args):

302
plugins/module_utils/consul.py
View File

@@ -5,317 +5,25 @@
# SPDX-License-Identifier: GPL-3.0-or-later
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import copy
import json
from ansible.module_utils.six.moves.urllib import error as urllib_error
from ansible.module_utils.six.moves.urllib.parse import urlencode
from ansible.module_utils.urls import open_url
def get_consul_url(configuration):
return "%s://%s:%s/v1" % (
configuration.scheme,
configuration.host,
configuration.port,
)
return '%s://%s:%s/v1' % (configuration.scheme,
configuration.host, configuration.port)
def get_auth_headers(configuration):
if configuration.token is None:
return {}
else:
return {"X-Consul-Token": configuration.token}
return {'X-Consul-Token': configuration.token}
class RequestError(Exception):
def __init__(self, status, response_data=None):
self.status = status
self.response_data = response_data
def __str__(self):
if self.response_data is None:
# self.status is already the message (backwards compat)
return self.status
return "HTTP %d: %s" % (self.status, self.response_data)
pass
def handle_consul_response_error(response):
if 400 <= response.status_code < 600:
raise RequestError("%d %s" % (response.status_code, response.content))
AUTH_ARGUMENTS_SPEC = dict(
host=dict(default="localhost"),
port=dict(type="int", default=8500),
scheme=dict(default="http"),
validate_certs=dict(type="bool", default=True),
token=dict(no_log=True),
ca_path=dict(),
)
def camel_case_key(key):
parts = []
for part in key.split("_"):
if part in {"id", "ttl", "jwks", "jwt", "oidc", "iam", "sts"}:
parts.append(part.upper())
else:
parts.append(part.capitalize())
return "".join(parts)
STATE_PARAMETER = "state"
STATE_PRESENT = "present"
STATE_ABSENT = "absent"
OPERATION_READ = "read"
OPERATION_CREATE = "create"
OPERATION_UPDATE = "update"
OPERATION_DELETE = "remove"
def _normalize_params(params, arg_spec):
final_params = {}
for k, v in params.items():
if k not in arg_spec: # Alias
continue
spec = arg_spec[k]
if (
spec.get("type") == "list"
and spec.get("elements") == "dict"
and spec.get("options")
and v
):
v = [_normalize_params(d, spec["options"]) for d in v]
elif spec.get("type") == "dict" and spec.get("options") and v:
v = _normalize_params(v, spec["options"])
final_params[k] = v
return final_params
class _ConsulModule:
"""Base class for Consul modules.
This class is considered private, till the API is fully fleshed out.
As such backwards incompatible changes can occur even in bugfix releases.
"""
api_endpoint = None # type: str
unique_identifier = None # type: str
result_key = None # type: str
create_only_fields = set()
params = {}
def __init__(self, module):
self._module = module
self.params = _normalize_params(module.params, module.argument_spec)
self.api_params = {
k: camel_case_key(k)
for k in self.params
if k not in STATE_PARAMETER and k not in AUTH_ARGUMENTS_SPEC
}
def execute(self):
obj = self.read_object()
changed = False
diff = {}
if self.params[STATE_PARAMETER] == STATE_PRESENT:
obj_from_module = self.module_to_obj(obj is not None)
if obj is None:
operation = OPERATION_CREATE
new_obj = self.create_object(obj_from_module)
diff = {"before": {}, "after": new_obj}
changed = True
else:
operation = OPERATION_UPDATE
if self._needs_update(obj, obj_from_module):
new_obj = self.update_object(obj, obj_from_module)
diff = {"before": obj, "after": new_obj}
changed = True
else:
new_obj = obj
elif self.params[STATE_PARAMETER] == STATE_ABSENT:
operation = OPERATION_DELETE
if obj is not None:
self.delete_object(obj)
changed = True
diff = {"before": obj, "after": {}}
else:
diff = {"before": {}, "after": {}}
new_obj = None
else:
raise RuntimeError("Unknown state supplied.")
result = {"changed": changed}
if changed:
result["operation"] = operation
if self._module._diff:
result["diff"] = diff
if self.result_key:
result[self.result_key] = new_obj
self._module.exit_json(**result)
def module_to_obj(self, is_update):
obj = {}
for k, v in self.params.items():
result = self.map_param(k, v, is_update)
if result:
obj[result[0]] = result[1]
return obj
def map_param(self, k, v, is_update):
def helper(item):
return {camel_case_key(k): v for k, v in item.items()}
def needs_camel_case(k):
spec = self._module.argument_spec[k]
return (
spec.get("type") == "list"
and spec.get("elements") == "dict"
and spec.get("options")
) or (spec.get("type") == "dict" and spec.get("options"))
if k in self.api_params and v is not None:
if isinstance(v, dict) and needs_camel_case(k):
v = helper(v)
elif isinstance(v, (list, tuple)) and needs_camel_case(k):
v = [helper(i) for i in v]
if is_update and k in self.create_only_fields:
return
return camel_case_key(k), v
def _needs_update(self, api_obj, module_obj):
api_obj = copy.deepcopy(api_obj)
module_obj = copy.deepcopy(module_obj)
return self.needs_update(api_obj, module_obj)
def needs_update(self, api_obj, module_obj):
for k, v in module_obj.items():
if k not in api_obj:
return True
if api_obj[k] != v:
return True
return False
def prepare_object(self, existing, obj):
operational_attributes = {"CreateIndex", "CreateTime", "Hash", "ModifyIndex"}
existing = {
k: v for k, v in existing.items() if k not in operational_attributes
}
for k, v in obj.items():
existing[k] = v
return existing
def endpoint_url(self, operation, identifier=None):
if operation == OPERATION_CREATE:
return self.api_endpoint
elif identifier:
return "/".join([self.api_endpoint, identifier])
raise RuntimeError("invalid arguments passed")
def read_object(self):
url = self.endpoint_url(OPERATION_READ, self.params.get(self.unique_identifier))
try:
return self.get(url)
except RequestError as e:
if e.status == 404:
return
elif e.status == 403 and b"ACL not found" in e.response_data:
return
raise
def create_object(self, obj):
if self._module.check_mode:
return obj
else:
return self.put(self.api_endpoint, data=self.prepare_object({}, obj))
def update_object(self, existing, obj):
url = self.endpoint_url(
OPERATION_UPDATE, existing.get(camel_case_key(self.unique_identifier))
)
merged_object = self.prepare_object(existing, obj)
if self._module.check_mode:
return merged_object
else:
return self.put(url, data=merged_object)
def delete_object(self, obj):
if self._module.check_mode:
return {}
else:
url = self.endpoint_url(
OPERATION_DELETE, obj.get(camel_case_key(self.unique_identifier))
)
return self.delete(url)
def _request(self, method, url_parts, data=None, params=None):
module_params = self.params
if not isinstance(url_parts, (tuple, list)):
url_parts = [url_parts]
if params:
# Remove values that are None
params = {k: v for k, v in params.items() if v is not None}
ca_path = module_params.get("ca_path")
base_url = "%s://%s:%s/v1" % (
module_params["scheme"],
module_params["host"],
module_params["port"],
)
url = "/".join([base_url] + list(url_parts))
headers = {}
token = self.params.get("token")
if token:
headers["X-Consul-Token"] = token
try:
if data is not None:
data = json.dumps(data)
headers["Content-Type"] = "application/json"
if params:
url = "%s?%s" % (url, urlencode(params))
response = open_url(
url,
method=method,
data=data,
headers=headers,
validate_certs=module_params["validate_certs"],
ca_path=ca_path,
)
response_data = response.read()
status = (
response.status if hasattr(response, "status") else response.getcode()
)
except urllib_error.URLError as e:
if isinstance(e, urllib_error.HTTPError):
status = e.code
response_data = e.fp.read()
else:
self._module.fail_json(
msg="Could not connect to consul agent at %s:%s, error was %s"
% (module_params["host"], module_params["port"], str(e))
)
raise
if 400 <= status < 600:
raise RequestError(status, response_data)
return json.loads(response_data)
def get(self, url_parts, **kwargs):
return self._request("GET", url_parts, **kwargs)
def put(self, url_parts, **kwargs):
return self._request("PUT", url_parts, **kwargs)
def delete(self, url_parts, **kwargs):
return self._request("DELETE", url_parts, **kwargs)
raise RequestError('%d %s' % (response.status_code, response.content))

32
plugins/module_utils/datetime.py
View File

@@ -1,32 +0,0 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2023 Felix Fontein <felix@fontein.de>
# Simplified BSD License (see LICENSES/BSD-2-Clause.txt or https://opensource.org/licenses/BSD-2-Clause)
# SPDX-License-Identifier: BSD-2-Clause
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import datetime as _datetime
import sys
_USE_TIMEZONE = sys.version_info >= (3, 6)
def ensure_timezone_info(value):
if not _USE_TIMEZONE or value.tzinfo is not None:
return value
return value.astimezone(_datetime.timezone.utc)
def fromtimestamp(value):
if _USE_TIMEZONE:
return _datetime.fromtimestamp(value, tz=_datetime.timezone.utc)
return _datetime.utcfromtimestamp(value)
def now():
if _USE_TIMEZONE:
return _datetime.datetime.now(tz=_datetime.timezone.utc)
return _datetime.datetime.utcnow()

Some files were not shown because too many files have changed in this diff Show More