* feat: begin refactor to support refresh token in keycloak modules
* chore: add start of tests for shared token usage
* feat: progress towards supporting refresh token; token introspection not yet working [8857]
* chore: reset to main branch previous state; a different approach is needed [8857]
* feat: add request methods to keycloak class, which will be expanded with retry logic [8857]
* feat: all requests to keycloak use request methods instead of open_url [8857]
* fix: data argument is optional in keycloak request methods [8857]
* feat: add integration test for keycloak module authentication methods [8857]
* chore: refactor get token logic to separate logic using username/pass credentials [8857]
* chore: refactor token request logic further to isolate request logic [8857]
* chore: fix minor lint issues [8857]
* test: add (currently failing) test for request with invalid auth token, valid refresh token [8857]
* chore: allow realm to be provided to role module with refresh_token, without username/pass [8857]
* feat: add retry logic to requests in keycloak module utils [8857]
* chore: rename keycloak module fail_open_url method to fail_request [8857]
* chore: update all keycloak modules to support refresh token param [8857]
* chore: add refresh_token param to keycloak doc_fragments [8857]
* chore: restore dependency between auth_realm and auth_username,auth_password params [8857]
* chore: rearrange module param checks to reduce future pr size [8857]
* chore: remove extra comma [8857]
* chore: update version added for refresh token param [8857]
* chore: add changelog fragment [8857]
* chore: re-add fail_open_url to keycloak module utils for backward compatability [8857]
* fix: do not make a new request to keycloak without reauth when refresh token not provided (#8857)
* fix: only make final auth attempt if username/pass provided, and return exception on failure (#8857)
* fix: make re-auth and retry code more consistent, ensure final exceptions are thrown (#8857)
* test: fix arguments for invalid token, valid refresh token test (#8857)
* feat: catch invalid refresh token errors during re-auth attempt (#8857)
Add test to verify this behaviour works.
* test: improve test coverage, including some unhappy path tests for authentication failures (#8857)
* chore: store auth errors from token request in backwards compatible way (#8857)
* fix: ensure method is still specified for all requests (#8857)
* chore: simplify token request logic (#8857)
* chore: rename functions to request tokens using refresh token or username/password (#8857)
To emphasize their difference from the `get_token` function,
which either gets the token from the module params
*or* makes a request for it.
* doc: add docstrings for new or significantly modified functions (#8857)
* test: repair unit test following change to exception message upon key error during auth request (#8857)
* allow jira transition with target id
This is needed, because jira seems to autotranslate the status name
* add changelog fragment
* add newline to changelog fragment
* format according to pep 8
* switch formatting of fragment to LF
* implement suggestions on changelog fragment
* implement changes to module based on suggestions
* add status id as a alternative to status
* implement suggestions and add correct error handling
* fix up mistakes
* Adds support for checksums in Proxmox_template.
* Implemented checksum verification
* Removed unintended captilization changes
* further fixing of unintended changes
* removed misspelling
* Final adjustementsto proxmox_template.py
* fixed typo
* fixed a typo in sha512
* add changelog fragment
* fixed type in choices for checksum_algortihm
* fixed file naming error and add relevant links to changelog
* Fix all unintentional refactorings
* refactoring changes removed
* renamed the function verify_checksum to fetch_and_verify for clarity
* Adjusted additions based on feedback
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* apache2-mod-proxy: make state option a list
* add changelog frag
* Update plugins/modules/apache2_mod_proxy.py
* Update changelogs/fragments/9600-apache2-mod-proxy-revamp2.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* ufw: added support for vrrp protocol
* Add changelog fragment for (#9582)
* ufw: Add support for vrrp
Co-authored-by: Felix Fontein <felix@fontein.de>
* ufw: Add support for vrrp
Co-authored-by: Felix Fontein <felix@fontein.de>
* ufw: Add support for vrrp
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(nmcli): support the fail_over_mac parameter
* add fail_over_mac to +bond.options
* update unit tests
* Update changelogs/fragments/9570-feat-nmcli-add-fail-over-mac-parameter.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* change to type str and add choices according to documentation
* Update plugins/modules/nmcli.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
Unregistering a system also drops all the resources for it
automatically, so there is no need to manually unsubscribing (which
actually means removing all the subscriptions).
In addition to that, newer versions of subscription-manager drop all the
support for entitlements, so the "remove" subcommand (used by
unsubscribe()) does not exist anymore, and thus the unregistration fails
with those versions.
This fixes the registration on EL 10 systems, and Fedora 41 and greater.
apply suggestion from code review
add one_template filter changelog fragment
rewrote filter flag to use string instead of int
renamed flag to option in changelog
added PR link to changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Add cpanm option --with-recommands
Fix#9554
* With accepted suggestions
* Use install_recommendations for cpanm option --with-recommends
* Fix typo in changelogs/fragments/9554
recommands -> recommends
* Doc for options users have for recommands and suggests dependencies
* Add new args to the command runner.
* Add test for cpanm --with-recommends
* Add module ldap_inc
This module adds the ‘modify-increment’ capability corresponding to the extension implemented by OpenLdap described in RFC-4525. It can be used to increment an integer attribute and read it atomically. It is an help for posix userId definition while relying only on the directory server.
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Fix the check mode support
Check mode documentation fix
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/ldap_inc.py
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* gitlab_instance_variable: Add support for 'raw' property
* Changelog fragment
* Add missing punctuation
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
fix: add missing 's' on proxmox_template.task_status
Missing the 's' means using the wrong API, making log reading
impossible. Should fix!9276
Signed-off-by: Alexandre Nicolaie <xunleii@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* add support for systemd creds encrypt/decrypt
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* add __metaclass__
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* Python 2.7 issues
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* update version_added and ci test aliases
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* switch to container
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* run tests in docker as well
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* move tasks into tasks/
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* no need to call echo
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* lint and add become:
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* dont append a newline
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* don't clean newlines
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* only use module name
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* clean
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* change msg to value
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* add return values
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* update attributes and description
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* Update plugins/modules/systemd_creds_decrypt.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* set newline default
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* Update plugins/modules/systemd_creds_encrypt.py
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/systemd_creds_encrypt.py
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* Update plugins/modules/systemd_creds_encrypt.py
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* update required and spelling
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* use single backslash
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
---------
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
* manageiq_alert_profiles: improve handling param requirements
Basically two changes:
* `name` is already required when state is either present or absent, and there are no other states, so making it fully required and removing the conditional
* `alerts` is documented as required when state=present, this has been verified in the code, so added that parameter to the existing `required_if` spec.
* add changelog frag
