fix gem module compatibility with ruby-4-rubygems (#11442)
* fix gem module compatibility with ruby-4-rubygems
rubygem's `query` command has recently been removed, see ruby/rubygems#9083.
address this by using the `list` command instead.
resolves#11397
* add changelog
* Adjust changelog fragment.
---------
(cherry picked from commit 72220a2b15)
Co-authored-by: glaszig <mail+github@glasz.org>
Co-authored-by: Felix Fontein <felix@fontein.de>
Logstash plugin version fix (#11440)
* logstash_plugin: fix argument order when using version parameter
* logstash_plugin: add integration tests
* logstash_plugin: add changelog fragment
(cherry picked from commit 53e1e86bcc)
Co-authored-by: Nicolas Boutet <amd3002@gmail.com>
Adding 'project' parameter to Scaleway IP module. (#11368)
* Adding 'project' parameter to Scaleway IP module.
* Adding changelog fragment.
* Incrementing version.
* Updating docs to show both org and project ID options.
* Moving deprecated example to the end.
---------
(cherry picked from commit aada864718)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Adding 'project' parameter support for the Scaleway SG module. (#11366)
* Adding 'project' parameter support for the Scaleway SG module.
* Adding changelog fragment.
* Fixing documentation, organization is deprecated (although still available).
* Updating docs to show both org and project ID options.
* Incrementing version.
* Moving deprecated example to the end.
---------
(cherry picked from commit c0df366471)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Add `to_toml` filter (#11423)
* Add to_toml filter
This is based heavily on the to_yaml filter, but
with a pared-down feature set.
* Protect import
* Don't quote datetime as a string
* Use Ansible error types
* Import correct error types
* Don't use AnsibleTypeError
It doesn't seem to be available on older Ansible
core versions.
* Fix antsibull-nox errors
* Install dependencies for to_toml integration test
* Reduce author list to main contributor
* Update version added for to_toml
* Use AnsibleError for missing import
* Use AnsibleFilterError for runtime type check
* Move common code to plugin_utils/_tags.py
* Mark module util as private
* Update BOTMETA for to_toml
* Fix typo
* Correct version number
* Use to_text for to_toml dict key conversions
* Add tomlkit requirement to docs
* Add missing import
* Add aliases for for to_toml integration test
---------
(cherry picked from commit 864695f898)
Co-authored-by: Matt Williams <matt@milliams.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
nsupdate: add server FQDN and GSS-TSIG support (#11425)
* nsupdate: support server FQDN
Right now, the server has to be specified as an IPv4/IPv6 address. This
adds support for specifing the server as a FQDN as well.
* nsupdate: support GSS-TSIG/Kerberos
Add support for GSS-TSIG (Kerberos) keys to nsupdate. This makes life
easier when working with Windows DNS servers or Bind in a Kerberos
environment.
Inspiration taken from here:
https://github.com/rthalley/dnspython/pull/530#issuecomment-1363265732Closes: #5730
* nsupdate: introduce query helper function
This simplifies the code by moving the protocol checks, etc, into a
single place.
* nsupdate: try all server IP addresses
Change resolve_server() to generate a list of IPv[46] addresses, then
try all of them in a round-robin fashion in query().
* nsupdate: some more cleanups
As suggested in the PR review.
* nsupdate: apply suggestions from code review
---------
(cherry picked from commit 9fcd9338b1)
Co-authored-by: David Härdeman <david@hardeman.nu>
Co-authored-by: Felix Fontein <felix@fontein.de>
Add option for wsl_shell_type, protect wsl.exe arguments if SSH shell is Powershell (#11308)
* feat(wsl): add option for wsl_shell_type, protect wsl arguments if SSH shell is Powershell
* docs(wsl): add changelog fragment
* docs(wsl): fix changelog fragment syntax, add issue link
* feat(wsl): improve new option documentation
* refactor(wsl): put integrasion test flag into a variable for convenience
* feat(wsl): rename option to wsl_remote_ssh_shell_type
* feat(wsl): escape "%" if shell is cmd, raise AnsibleError if powershell
* test(wsl): fix unit tests for wsl
- remove redundant check - moved to a separate function
- fix check for cmd escaping of "%"
- fix formatting / whitespace
* test(wsl): fix expected error message
* test(wsl): fix test - position of stop-parsing token changed
---------
(cherry picked from commit 4b67afc2b0)
Co-authored-by: fizmat <fizmat.r66@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
move imports from functions to the top of the file (#11396)
* move imports from functions to the top of the file
* add changelog frag
* Apply suggestions from code review
---------
(cherry picked from commit c8356981bb)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Support diff mode for netcup-dns module (#11376)
* support diff mode for netcup-dns module
* Fix issue with yaml encoding after testing
* Add changelog fragment
* Fixed: proper and robust yaml import
* Remove need for yaml import
* Show whole zone in diff for context
* Update changelogs/fragments/11376-netcup-dns-diff-mode.yml
* Update plugins/modules/netcup_dns.py
---------
(cherry picked from commit 75234597bc)
Co-authored-by: mqus <8398165+mqus@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
cloudflare_dns: also allow 128 as a value for flag (#11377)
* Also allow 128 as a value for flag.
* Forgot to add changelog fragment.
(cherry picked from commit c00fb4fb5c)
Co-authored-by: Felix Fontein <felix@fontein.de>
Add support for multiple managers to get_manager_attributes command in idrac_redfish_info module (#11301)
* Update get_manager_attributes method to support systems with multiple managers present
Fixes https://github.com/ansible-collections/community.general/issues/11294
* Add changelog fragment
Pre-define reponse for get_manager_attributes method
* Update changelogs/fragments/11301-idrac-info-multi-manager.yml
Update per suggestion!
* Update plugins/modules/idrac_redfish_info.py
Remove extra manager quantity check
---------
(cherry picked from commit 13035e2a2c)
Co-authored-by: Scott Seekamp <13857911+sseekamp@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Adding support for the Scaleway SCW_PROFILE environment variable. (#11311)
* Adding support for the Scaleway SCW_PROFILE environment variable.
* Adding changelog fragment.
* Adding documentation for the environment variable.
* Adding SCW_PROFILE as a proper environment variable via the DOCUMENTATION block.
* Updating changelog fragment.
(cherry picked from commit 4fe129a0ed)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Adding scw_profile parameter to Scaleway module utilities. (#11314)
* Adding scw_profile parameter to Scaleway module utilities.
* Setting param name to profile for consistency and adding scw_profile as an alias.
* Adding changelog fragment.
* Forgot to import 'os' library.
* Type in variable type for Scaleway profile.
* Also forgot to include the yaml library, code taking from plugins/inventory/scaleway.py.
* Adding default 'profile' value of empty string and changing check to a length check.
* Treated wrong variable, checking XDG_CONFIG_HOME is a string.
* Explicitly setting default of environment path vars to empty strings instead of None.
* Letting ruff reformat the dict for 'profile'.
* Changes from code review.
* Fixing ruff formatting issue with error message.
* Properly catching PyYAML import issues.
* Adding PyYAML requirement when 'profile' is used.
* Ruff wants an extra line after the PyYAML import code.
* Fixing PyYAML dependency code as per review.
* Removing extraneous var declaration.
* Moving SCW_CONFIG loading to a function.
* Fixing type errors with os.getenv calls.
* Cannot send None to os.path.exists() or open().
* Oops, inversed logic!
* Setting os.getenv() default to empty string so it is never None.
* None check no longer needed as scw_config_path is never None.
---------
(cherry picked from commit b3c066b99f)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
fix: listen_ports_facts return no facts when using with podman (#11332)
* fix: listen_ports_facts return no facts when using with podman
* Update changelogs/fragments/listen-ports-facts-return-no-facts.yml
---------
(cherry picked from commit 280d269d78)
Co-authored-by: Daniel Gonçalves <dangoncalves@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
add sssd_info module (#11120)
* add sssd_info module
* fix f-stings and remove support python2
* fix imports custom lib
* fix whitespace and add missing_required_lib
* fix str and add version
* try add mock test
* fix module and mock tests check
* fix required in main module
* fix spaces
* fix linters
* add final newline
* fix version of module
* fix description and error handling
* swap literal to dict
* fix str
* remove comment in methods
* remove _get in methods
* fix name method in test
* add botmeta
* fix description of server_type
* fix name of maintainer
* remove choices
* fix author
* fix type hint
* fix result
* fix spaces
* fix choices and empty returns
* fix mypy test result
* fix result
* run andebox yaml-doc
* remake simple try/exc for result
* fix tests
* add any type for testing mypy
* ruff formated
* fix docs
* remove unittest.main
* rename acc on git for official name
---------
(cherry picked from commit 61b559c4fd)
Co-authored-by: Aleksandr Gabidullin <101321307+a-gabidullin@users.noreply.github.com>
Co-authored-by: Александр Габидуллин <agabidullin@astralinux.ru>
Add support for missing validations in keycloak_userprofile (#11285)
* add missing validations-parameters as config options and add documentation for them; fixes https://github.com/ansible-collections/community.general/issues/9048
* fix parameter names
* extend unit tests
* support for camel casing for new validations and add changelog fragment
* Fix fragment format
* add 'version_added' documentation
* Update changelogs/fragments/11285-extended-keycloak-user-profile-validations.yml
mention fixed issue in fragment
* fix ruff formatting
---------
(cherry picked from commit a55884c921)
Co-authored-by: nwintering <33374766+nwintering@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Fix typo in auth_username in examples (#11295)
(cherry picked from commit a5aec7d61a)
Co-authored-by: Ivan Kokalovic <67540157+koke1997@users.noreply.github.com>
Add more module_utils typing (#11283)
Add more module_utils typing.
(cherry picked from commit ef632145e9)
Co-authored-by: Felix Fontein <felix@fontein.de>
keycloak_authentication_required_actions: fix examples (#11284)
The correct parameter name is "required_actions" (plural).
(cherry picked from commit df34945991)
Co-authored-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
use FQCN for extending docs with files and url (#11277)
* use FQCN for extending docs with files and url
* remove typo
(cherry picked from commit 1b15e595e0)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
monit: investigating tests again - using copilot on this one (#11255)
* add monit version to successful exit
* install the standard monit - if 5.34, then bail out
* add 3sec wait after service restart
- that restart happens exactly before the task receiving the SIGTERM, so maybe, just maybe, it just needs time to get ready for the party
* wait for monit initialisation after restart
* monit tests: check service-specific status in readiness wait
The wait task was checking 'monit status' (general), but the actual
failing command is 'monit status -B httpd_echo' (service-specific).
This causes a race where general status succeeds but service queries
fail. Update to check the exact command format that will be used.
* monit tests: remove 5.34.x version restriction
The version restriction was based on incorrect diagnosis. The actual
issue was the readiness check validating general status instead of
service-specific queries. Now that we check the correct command
format, the tests should work across all monit versions.
* monit tests: add stabilization delay after readiness check
After the readiness check succeeds, add a 1-second pause before
running actual tests. Monit 5.34.x and 5.35 appear to have a
concurrency issue where rapid successive 'monit status -B' calls
can cause hangs even though the first call succeeds.
* monit tests: add retry logic for state changes to handle monit daemon hangs
Monit daemon has an intermittent concurrency bug across versions 5.27-5.35
where 'monit status -B' commands can hang (receiving SIGTERM) even after
the daemon has successfully responded to previous queries. This appears
to be a monit daemon issue, not a timing problem.
Add retry logic with 2-second delays to the state change task to work
around these intermittent hangs. Skip retries if the failure is not
SIGTERM (rc=-15) to avoid masking real errors.
* monit tests: capture and display monit.log for debugging
Add tasks in the always block to capture and display the monit log file.
This will help diagnose the intermittent hanging issues by showing what
monit daemon was doing when 'monit status -B' commands hang.
* monit tests: enable verbose logging (-v flag)
Modify the monit systemd service to start with -v flag for verbose
logging. This should provide more detailed information in the monit
log about what's happening when status commands hang.
* monit: add 0.5s delay after state change command
After extensive testing and analysis with verbose logging enabled, identified
that monit's HTTP interface can become temporarily unresponsive immediately
after processing state change commands (stop, start, restart, etc.).
This manifests as intermittent SIGTERM (rc=-15) failures when the module
calls 'monit status -B <service>' to verify the state change. The issue
affects all monit versions tested (5.27-5.35) and is intermittent, suggesting
a race condition or brief lock in monit's HTTP request handling.
Verbose logging confirmed:
- State change commands complete successfully
- HTTP server reports as 'started'
- But subsequent status checks can hang without any log entry
Adding a 0.5 second sleep after sending state change commands gives the
monit daemon time to fully process the command and become responsive again
before the first status verification check.
This complements the existing readiness check after daemon restart and
the retry logic for SIGTERM failures in the tests.
* tests(monit): remove workarounds after module race condition fix
After 10+ successful CI runs with no SIGTERM failures, removing test-level
workarounds that are now redundant due to the 0.5s delay fix in the module:
- Remove 1-second stabilization pause after daemon restart
The module's built-in 0.5s delay after state changes makes this unnecessary
- Remove retry logic for SIGTERM failures in state change tests
The race condition is now prevented at the module level
- Remove verbose logging setup and log capture
Verbose mode didn't log HTTP requests, so it didn't help diagnose the issue
and adds unnecessary overhead
Kept the readiness check with retries after daemon restart - still needed
to validate daemon is responsive after service restart (different scenario
than the state change race condition).
* restore tasks/main.yml
* monit tests: reduce readiness check retries from 60 to 10
After successful CI runs, observed that monit daemon becomes responsive
within 1-2 seconds after restart. The readiness check typically passes
on the first attempt.
Reducing from 60 retries (30s timeout) to 10 retries (5s timeout) is
more appropriate and allows tests to fail faster if something is
genuinely broken.
* add changelog frag
* Update changelogs/fragments/11255-monit-integrationtests.yml
---------
(cherry picked from commit ac37544c53)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
keycloak_user_rolemapping: fix: failling to assign role to user (#11256)
* docs: clarify keycloak documentation example section with uid
* fix: allow assign role to user
* Add changelog frag
* Update changelogs/fragments/11256-fix-keycloak-roles-mapping.yml
---------
(cherry picked from commit a9540f93d2)
Co-authored-by: Guillaume Dorschner <44686652+GuillaumeDorschner@users.noreply.github.com>
Co-authored-by: Guillaume Dorschner <guillaume.dorschner@thalesgroup.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
iptables_state: get rid of temporary files (#11258)
Get rid of temporary files.
(cherry picked from commit 0ef3eac0f4)
Co-authored-by: Felix Fontein <felix@fontein.de>
monit: use enum (#11245)
* monit: use enum
* make mypy happy about the var type
* add changelog frag
* typo - this is getting frequent
(cherry picked from commit 3d25aac978)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
