fix gem module compatibility with ruby-4-rubygems (#11442)
* fix gem module compatibility with ruby-4-rubygems
rubygem's `query` command has recently been removed, see ruby/rubygems#9083.
address this by using the `list` command instead.
resolves#11397
* add changelog
* Adjust changelog fragment.
---------
(cherry picked from commit 72220a2b15)
Co-authored-by: glaszig <mail+github@glasz.org>
Co-authored-by: Felix Fontein <felix@fontein.de>
Logstash plugin version fix (#11440)
* logstash_plugin: fix argument order when using version parameter
* logstash_plugin: add integration tests
* logstash_plugin: add changelog fragment
(cherry picked from commit 53e1e86bcc)
Co-authored-by: Nicolas Boutet <amd3002@gmail.com>
Adding 'project' parameter to Scaleway IP module. (#11368)
* Adding 'project' parameter to Scaleway IP module.
* Adding changelog fragment.
* Incrementing version.
* Updating docs to show both org and project ID options.
* Moving deprecated example to the end.
---------
(cherry picked from commit aada864718)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Adding 'project' parameter support for the Scaleway SG module. (#11366)
* Adding 'project' parameter support for the Scaleway SG module.
* Adding changelog fragment.
* Fixing documentation, organization is deprecated (although still available).
* Updating docs to show both org and project ID options.
* Incrementing version.
* Moving deprecated example to the end.
---------
(cherry picked from commit c0df366471)
Co-authored-by: Greg Harvey <greg.harvey@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
nsupdate: add server FQDN and GSS-TSIG support (#11425)
* nsupdate: support server FQDN
Right now, the server has to be specified as an IPv4/IPv6 address. This
adds support for specifing the server as a FQDN as well.
* nsupdate: support GSS-TSIG/Kerberos
Add support for GSS-TSIG (Kerberos) keys to nsupdate. This makes life
easier when working with Windows DNS servers or Bind in a Kerberos
environment.
Inspiration taken from here:
https://github.com/rthalley/dnspython/pull/530#issuecomment-1363265732Closes: #5730
* nsupdate: introduce query helper function
This simplifies the code by moving the protocol checks, etc, into a
single place.
* nsupdate: try all server IP addresses
Change resolve_server() to generate a list of IPv[46] addresses, then
try all of them in a round-robin fashion in query().
* nsupdate: some more cleanups
As suggested in the PR review.
* nsupdate: apply suggestions from code review
---------
(cherry picked from commit 9fcd9338b1)
Co-authored-by: David Härdeman <david@hardeman.nu>
Co-authored-by: Felix Fontein <felix@fontein.de>
move imports from functions to the top of the file (#11396)
* move imports from functions to the top of the file
* add changelog frag
* Apply suggestions from code review
---------
(cherry picked from commit c8356981bb)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Support diff mode for netcup-dns module (#11376)
* support diff mode for netcup-dns module
* Fix issue with yaml encoding after testing
* Add changelog fragment
* Fixed: proper and robust yaml import
* Remove need for yaml import
* Show whole zone in diff for context
* Update changelogs/fragments/11376-netcup-dns-diff-mode.yml
* Update plugins/modules/netcup_dns.py
---------
(cherry picked from commit 75234597bc)
Co-authored-by: mqus <8398165+mqus@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
cloudflare_dns: also allow 128 as a value for flag (#11377)
* Also allow 128 as a value for flag.
* Forgot to add changelog fragment.
(cherry picked from commit c00fb4fb5c)
Co-authored-by: Felix Fontein <felix@fontein.de>
Add support for multiple managers to get_manager_attributes command in idrac_redfish_info module (#11301)
* Update get_manager_attributes method to support systems with multiple managers present
Fixes https://github.com/ansible-collections/community.general/issues/11294
* Add changelog fragment
Pre-define reponse for get_manager_attributes method
* Update changelogs/fragments/11301-idrac-info-multi-manager.yml
Update per suggestion!
* Update plugins/modules/idrac_redfish_info.py
Remove extra manager quantity check
---------
(cherry picked from commit 13035e2a2c)
Co-authored-by: Scott Seekamp <13857911+sseekamp@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
fix: listen_ports_facts return no facts when using with podman (#11332)
* fix: listen_ports_facts return no facts when using with podman
* Update changelogs/fragments/listen-ports-facts-return-no-facts.yml
---------
(cherry picked from commit 280d269d78)
Co-authored-by: Daniel Gonçalves <dangoncalves@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
add sssd_info module (#11120)
* add sssd_info module
* fix f-stings and remove support python2
* fix imports custom lib
* fix whitespace and add missing_required_lib
* fix str and add version
* try add mock test
* fix module and mock tests check
* fix required in main module
* fix spaces
* fix linters
* add final newline
* fix version of module
* fix description and error handling
* swap literal to dict
* fix str
* remove comment in methods
* remove _get in methods
* fix name method in test
* add botmeta
* fix description of server_type
* fix name of maintainer
* remove choices
* fix author
* fix type hint
* fix result
* fix spaces
* fix choices and empty returns
* fix mypy test result
* fix result
* run andebox yaml-doc
* remake simple try/exc for result
* fix tests
* add any type for testing mypy
* ruff formated
* fix docs
* remove unittest.main
* rename acc on git for official name
---------
(cherry picked from commit 61b559c4fd)
Co-authored-by: Aleksandr Gabidullin <101321307+a-gabidullin@users.noreply.github.com>
Co-authored-by: Александр Габидуллин <agabidullin@astralinux.ru>
Add support for missing validations in keycloak_userprofile (#11285)
* add missing validations-parameters as config options and add documentation for them; fixes https://github.com/ansible-collections/community.general/issues/9048
* fix parameter names
* extend unit tests
* support for camel casing for new validations and add changelog fragment
* Fix fragment format
* add 'version_added' documentation
* Update changelogs/fragments/11285-extended-keycloak-user-profile-validations.yml
mention fixed issue in fragment
* fix ruff formatting
---------
(cherry picked from commit a55884c921)
Co-authored-by: nwintering <33374766+nwintering@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Fix typo in auth_username in examples (#11295)
(cherry picked from commit a5aec7d61a)
Co-authored-by: Ivan Kokalovic <67540157+koke1997@users.noreply.github.com>
keycloak_authentication_required_actions: fix examples (#11284)
The correct parameter name is "required_actions" (plural).
(cherry picked from commit df34945991)
Co-authored-by: Samuli Seppänen <samuli.seppanen@puppeteers.net>
use FQCN for extending docs with files and url (#11277)
* use FQCN for extending docs with files and url
* remove typo
(cherry picked from commit 1b15e595e0)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
monit: investigating tests again - using copilot on this one (#11255)
* add monit version to successful exit
* install the standard monit - if 5.34, then bail out
* add 3sec wait after service restart
- that restart happens exactly before the task receiving the SIGTERM, so maybe, just maybe, it just needs time to get ready for the party
* wait for monit initialisation after restart
* monit tests: check service-specific status in readiness wait
The wait task was checking 'monit status' (general), but the actual
failing command is 'monit status -B httpd_echo' (service-specific).
This causes a race where general status succeeds but service queries
fail. Update to check the exact command format that will be used.
* monit tests: remove 5.34.x version restriction
The version restriction was based on incorrect diagnosis. The actual
issue was the readiness check validating general status instead of
service-specific queries. Now that we check the correct command
format, the tests should work across all monit versions.
* monit tests: add stabilization delay after readiness check
After the readiness check succeeds, add a 1-second pause before
running actual tests. Monit 5.34.x and 5.35 appear to have a
concurrency issue where rapid successive 'monit status -B' calls
can cause hangs even though the first call succeeds.
* monit tests: add retry logic for state changes to handle monit daemon hangs
Monit daemon has an intermittent concurrency bug across versions 5.27-5.35
where 'monit status -B' commands can hang (receiving SIGTERM) even after
the daemon has successfully responded to previous queries. This appears
to be a monit daemon issue, not a timing problem.
Add retry logic with 2-second delays to the state change task to work
around these intermittent hangs. Skip retries if the failure is not
SIGTERM (rc=-15) to avoid masking real errors.
* monit tests: capture and display monit.log for debugging
Add tasks in the always block to capture and display the monit log file.
This will help diagnose the intermittent hanging issues by showing what
monit daemon was doing when 'monit status -B' commands hang.
* monit tests: enable verbose logging (-v flag)
Modify the monit systemd service to start with -v flag for verbose
logging. This should provide more detailed information in the monit
log about what's happening when status commands hang.
* monit: add 0.5s delay after state change command
After extensive testing and analysis with verbose logging enabled, identified
that monit's HTTP interface can become temporarily unresponsive immediately
after processing state change commands (stop, start, restart, etc.).
This manifests as intermittent SIGTERM (rc=-15) failures when the module
calls 'monit status -B <service>' to verify the state change. The issue
affects all monit versions tested (5.27-5.35) and is intermittent, suggesting
a race condition or brief lock in monit's HTTP request handling.
Verbose logging confirmed:
- State change commands complete successfully
- HTTP server reports as 'started'
- But subsequent status checks can hang without any log entry
Adding a 0.5 second sleep after sending state change commands gives the
monit daemon time to fully process the command and become responsive again
before the first status verification check.
This complements the existing readiness check after daemon restart and
the retry logic for SIGTERM failures in the tests.
* tests(monit): remove workarounds after module race condition fix
After 10+ successful CI runs with no SIGTERM failures, removing test-level
workarounds that are now redundant due to the 0.5s delay fix in the module:
- Remove 1-second stabilization pause after daemon restart
The module's built-in 0.5s delay after state changes makes this unnecessary
- Remove retry logic for SIGTERM failures in state change tests
The race condition is now prevented at the module level
- Remove verbose logging setup and log capture
Verbose mode didn't log HTTP requests, so it didn't help diagnose the issue
and adds unnecessary overhead
Kept the readiness check with retries after daemon restart - still needed
to validate daemon is responsive after service restart (different scenario
than the state change race condition).
* restore tasks/main.yml
* monit tests: reduce readiness check retries from 60 to 10
After successful CI runs, observed that monit daemon becomes responsive
within 1-2 seconds after restart. The readiness check typically passes
on the first attempt.
Reducing from 60 retries (30s timeout) to 10 retries (5s timeout) is
more appropriate and allows tests to fail faster if something is
genuinely broken.
* add changelog frag
* Update changelogs/fragments/11255-monit-integrationtests.yml
---------
(cherry picked from commit ac37544c53)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
keycloak_user_rolemapping: fix: failling to assign role to user (#11256)
* docs: clarify keycloak documentation example section with uid
* fix: allow assign role to user
* Add changelog frag
* Update changelogs/fragments/11256-fix-keycloak-roles-mapping.yml
---------
(cherry picked from commit a9540f93d2)
Co-authored-by: Guillaume Dorschner <44686652+GuillaumeDorschner@users.noreply.github.com>
Co-authored-by: Guillaume Dorschner <guillaume.dorschner@thalesgroup.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
iptables_state: get rid of temporary files (#11258)
Get rid of temporary files.
(cherry picked from commit 0ef3eac0f4)
Co-authored-by: Felix Fontein <felix@fontein.de>
monit: use enum (#11245)
* monit: use enum
* make mypy happy about the var type
* add changelog frag
* typo - this is getting frequent
(cherry picked from commit 3d25aac978)
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
nmcli: allow VxLan multicast and bridge port (#11182)
VxLan virtual devices can be added to bridge ports, like any other
devices. And when using multicast remote addresses,
NetworkManager need to know the parent device as well.
(cherry picked from commit 76589bd97a)
Co-authored-by: Tiziano Müller <tm@dev-zero.ch>
Co-authored-by: Felix Fontein <felix@fontein.de>
Stop re-defining the argument spec in unit tests (#11235)
* Stop re-defining the argument spec in unit tests.
* Shut up linter.
(cherry picked from commit fb2f34ba85)
Co-authored-by: Felix Fontein <felix@fontein.de>
lxd_storage_pool_info, lxd_storage_volume_info: new modules (#11198)
* Fix mistaken rebase
* plugins/modules/lxd_storage_: include error codes, clean up notes
* plugins/modules/lxd_storage_: snap_url, ruff fix
* plugins/modules/lxd_storage_volume_info.py: remove checks on expected api returned bits
* plugins/modules/lxd_storage_volume_info.py: required: true
* tests/integration/targets/lxd_storage_volume_info/tasks/main.yaml: add Test fetching specific volume by name
* tests/unit/plugins/modules/test_lxd_storage_: add unit tests
* tests/integration/targets/lxd_storage_pool_info/tasks/main.yaml: add integratio tests
* tests/integration/targets/lxd_storage_: not required
* tests/integration/targets/lxd_storage_: not required perhaps, lxd_project has them
* tests/unit/plugins/modules/test_lxd_storage_volume_info.py: fix python3.8 tests
* tests/unit/plugins/modules/test_lxd_storage_pool_info.py: fix python3.8
* tests/integration/targets/lxd_storage_: correct paths for aliases
* tests/unit/plugins/modules/test_lxd_storage_volume_info.py: remove backticks
* tests/unit/plugins/modules/test_lxd_storage_volume_info.py: remove blank line
* tests/unit/plugins/modules/test_lxd_storage_: python3.8 changes
* tests/unit/plugins/modules/test_lxd_storage_: python3.8 changes
* tests/unit/plugins/lookup/test_github_app_access_token.py: restore
* tests/unit/plugins/connection/test_wsl.py: restore
* plugins/modules/lxd_storage_: use ANSIBLE_LXD_DEFAULT_SNAP_URL and put API version into const
* lxd_storage_volume_info: use recursion to gather all volume details
* tests/integration/targets/lxd_storage_volume_info/tasks/main.yaml: fix silet skipped failures
* tests/integration/targets/lxd_storage_pool_info/tasks/main.yaml: fix silet failures
* lxd_storage_pool_info: update to use recursion to gather all details in one shot
* Remove unnecessary change.
---------
(cherry picked from commit 6365b5a981)
Co-authored-by: Sean McAvoy <seanmcavoy@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
zfs: mark change correctly when updating properties whose current value differs, even if they already have a non-default value (Fixes#11019) (#11172)
* zfs - mark change correctly when updating properties whose current value differs, even if they already have a non-default value (https://github.com/ansible-collections/community.general/issues/11019).
* changelog: rename fragment to match PR number
* Update changelogs/fragments/11172-zfs-changed-extra-props.yml
---------
(cherry picked from commit ebcad7e6d1)
Signed-off-by: handisyde <github@handisyde.com>
Co-authored-by: Paul Mercier-Handisyde <33284285+handisyde@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
