Safe mode to check for resource deletion#8
Open
effaamponsah wants to merge 739 commits intomasterfrom
Open
Conversation
effaamponsah
added
the
feature Idea
effaamponsah
requested review from
Doreen9,
FrancisBilla,
bill-n and
sammoorhouse
effaamponsah
force-pushed
the
safe_mode
branch
2 times, most recently
from
73a1341 to
4dddb21
Compare
* Add no_log to some module arguments This will prevent potentially sensitive information from being printed to the console. See: CVE-2021-20191 * Update changelogs/fragments/CVE-2021-20191_no_log.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
…e-collections#1695) * Fix 2 regex in parted related to parted version string and to parsing partition size output. * Added changelog fragment. * Updated changelog as per recommendation. * Fix the regex matching the parted version. The space character at the end of the string may or may not be always present * provided sample version output and corrected regex to match * add/correct changelog fragment * split parted_version function to allow creating a test unit * test unit for parted version info * ansible-test sanity fixes * review fix * Update changelogs/fragments/1695-parted-updatedregex.yaml Co-authored-by: Felix Fontein <felix@fontein.de> * comment fixes * better function name * Update plugins/modules/system/parted.py Co-authored-by: Felix Fontein <felix@fontein.de> * comment fixes Co-authored-by: Claude Robitaille <claude@cbcr.me> Co-authored-by: Felix Fontein <felix@fontein.de>
…cs alert, rum alert (ansible-collections#1723) * Add missing Datadog monitor types This commit adds the following monitor types: query alert, trace-analytics alert, rum alert * changelog PR1723 datadog_monitor types * datadog_monitor 1723 Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
* feat(gitlab-deploy-key): automatically update ... ... the public key * add integrity test * fix sanity issues * added changelog fragment Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
…llections#1736) * Fix a bunch of potential security issues (secret leaking). * oneandone_server was already ok. * Add more parameters for pagerduty_alert. * Add more no_log=True.
* Limit cryptography to < 3.4 for Python < 3.6. * Work around old pip versions. * Use constraints file when installing stormssh. * Work around old pip in RHEL8.2, CentOS 8, Ubuntu 18.04, and OpenSuSE 15
…#1724) * fixes various issues related to updating an ... ... existing gitlab user, in detail: - fixes updating admin status not working - fixes user passwords not updated - fixes confirmation skipping param ignored for user updates - added tests for code changes * fixing sanity issues * fixing sanity issues 02 * fixing sanity issues 03 * fixing sanity issues 04 * fixing unit test failures * fixing unit test failures 02 * add changelog fragment * fixing unit test failures 03 * forgot to add changelog fragment * fix changelog sanity issues * fix changelog sanity issues 02 * incorporate review suggestions Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>
…nsible-collections#1767) * fixed validation-modules for plugins/modules/remote_management/ipmi/ipmi_boot.py * fixed validation-modules for plugins/modules/remote_management/ipmi/ipmi_power.py * Tidy up validate-modules ignores for remote_management/ipmi modules
…sible-collections#1753) * document what filesystem types are supported by 'resizefs' option * add changelog fragment * remove info about lvol documentation changes in changelog fragment
…e-collections#1747) * Added feature flag to disable facts and its associated deprecatoin warning * added changelog fragment * Update plugins/modules/system/xfconf.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/system/xfconf.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/system/xfconf.py Co-authored-by: Felix Fontein <felix@fontein.de> * Fixed deprecation message * Fixed changelog frag * Update changelogs/fragments/1475-xfconf-facts.yml * Update plugins/modules/system/xfconf.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
* add alpine linux as NosystemdTimezone * syntax error fix and more self variables, so it works now... * use timezone name instead of timezone path for setup-timezone command * alpine linux zoneinfo links to /etc/zoneinfo instead of /usr/share/zoneinfo, so correct re.search() pattern * add changelog fragment * add gentoo linux support * Update 1722_timezone.yml * refactor code
… hostname/FQDN on iLO is in caps (ansible-collections#1744) * case insesitive search for situations where the hostname/FQDN on iLO is in caps * handle explicit and implicit nic_addr variable, added changelog fragment * changelog linter fix * changelog typo fix Co-authored-by: Łukasz Kurdziel <Lukasz.Kurdziel@GAINCapital.com>
…ns#1763) * only set param features when variable is not empty * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Topper Harly <topperharly@gmx.net> Co-authored-by: Felix Fontein <felix@fontein.de>
* Update targets for CI for devel branch; move some targets to stable-2.10. * Skipping test on RHEL 8.3 (it is already skipped on RHEL 8.2). * Linting. * Shut 2.9/2.10 pylint complaints up.
* Allow keycloak_group.py to take token as parameter for the authentification * Refactor get_token to pass module.params + Documentation * Fix unit test and add new one for token as param * Fix identation * Update plugins/modules/identity/keycloak/keycloak_client.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py Co-authored-by: Felix Fontein <felix@fontein.de> * Allow keycloak_group.py to take token as parameter for the authentification * Refactor get_token to pass module.params + Documentation * Update plugins/module_utils/identity/keycloak/keycloak.py Co-authored-by: Felix Fontein <felix@fontein.de> * Check if base_url is None before to check format * Update plugins/module_utils/identity/keycloak/keycloak.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/identity/keycloak/keycloak_client.py Co-authored-by: Amin Vakil <info@aminvakil.com> * Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py Co-authored-by: Amin Vakil <info@aminvakil.com> * Switch to modern syntax for the documentation (e.g. community.general.keycloak_client) * Fix URL_REALMS in keycloak.py * Update keycloak_client.py * Update keycloak_clienttemplate.py * Update plugins/module_utils/identity/keycloak/keycloak.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Amin Vakil <info@aminvakil.com>
…nsible-collections#2281) (ansible-collections#2284) * influxdb_retention_policy: ensure duration parameters are idempotent (ansible-collections#2281) * add changelog for pr ansible-collections#2284
…collections#2267) * Merged changes from old PR * Added suppurt for -, other adaptations regarding size. * Implementing +- support for -l * Added changelog * Renamed changelog * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
* rebased after jira bugfix * Update plugins/modules/web_infrastructure/jira.py Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
* lxd dynamic inventory and test data * added ``merge_profile`` parameter to merge configurations from the play to an existing profile * cosmetic changes * added ``merge_profile`` parameter to merge configurations from the play to an existing profile * cosmetic changes * fix pylint errors * fix flake8 warnings * fix pep8 errors without "line to long" * fix ansible tests * fix typo * fix version added * fix lost of suggestions from felixfontein * fix filter fix ansible test errors * delete test config * delete 'notes:' and copy content to description * move testdata load testdata by path from config * updated documentation * fix test data and remove inventory branch * fix spellings and rename lxd to community.general.lxd * fix documentation * remove selftest * strip example data * add unit test * switch to ansible.module_utils.common.dict_transformations * documentation cleanup * move lxd_inventory.atd from files to fixtures * update documentation move lxd_inventory.atd * rename self.groups to self dispose remove dumpdata * cleanup * fix unittests comment out dump_data, it breaks the unit tests * fix pep8 * Apply suggestions from code review * Update plugins/inventory/lxd.py * add test if no groupby is selected * rename disposed to groupby remove unused constant other suggested cleanups * Use bundled ipaddress instead of own code. * Update plugins/inventory/lxd.py * Exceptions should not be eaten. * Improve error handling for network range/address parsing. * Fix typo. * Make network range valid. * Do not error when groupby is not a dict. Co-authored-by: Frank Dornheim <“dornheim@posteo.de@users.noreply.github.com”> Co-authored-by: Felix Fontein <felix@fontein.de>
* Make inventory scripts executable * Mark inventory scripts in vault folder as executable * Add changelog entry for making inventory scripts exectuable * Update changelogs/fragments/2337-mark-inventory-scripts-executable.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
…lections#2355) * fixed elements for many lists * added changelog fragment * Removed verbose types in description - still missing formatting and properly documenting dicts
* Add fedora 34 and fix typo * Remove Fedora 32 from devel testing * Use one newer version of Fedora for fixed ansible versions * Revert "Use one newer version of Fedora for fixed ansible versions" This reverts commit cbd006b. * Try to skip task. * Revert "Try to skip task." This reverts commit ff0c899. * Temporary disable Fedora 34 on setup_postgresql_db Co-authored-by: Felix Fontein <felix@fontein.de>
…ansible-collections#2396) * influxdb_retention_policy: fix duration parsing to support INF values * add changelog
…e-collections#2348) The composer module always uses the no-interaction option if it discovers it _after_ calling "composer help ..." but not on the help call itself. The lack of this option caused composer to not exit when called through the ansible module. The same example command when ran interactively does not prompt for user interaction and exits immediately. It is therefore currently unknown why the same command hangs when called through the ansible composer module or even directly with the command module. Example command which hangs: php /usr/local/bin/composer help install --format=json
…ired, not 'str' (ansible-collections#2375) * Fix ansible-collections#2373 * Changelog fragment for ansible-collections#2373 * Update changelogs/fragments/2373-svr4pkg-fix-typeerror.yml Co-authored-by: Amin Vakil <info@aminvakil.com> * Update changelogs/fragments/2373-svr4pkg-fix-typeerror.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Amin Vakil <info@aminvakil.com> Co-authored-by: Felix Fontein <felix@fontein.de>
…ctions#2407) * Change stdout to console * readd stdout, resulting in console * add changelog * readd stdout to docs and add a warning when it is used * version of what??? Co-authored-by: Felix Fontein <felix@fontein.de> * postpone deprecation in another PR * remove console option, so it can be backported * change changelog respectively * Fix changelog formatting Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
…#2416) * nmcli: Compare MAC addresses case insensitively * Update changelogs/fragments/2416-nmcli_compare_mac_addresses_case_insensitively.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/net_tools/nmcli.py Co-authored-by: Felix Fontein <felix@fontein.de> * Add mac to TESTCASE_BRIDGE so test_bridge_connection_unchanged covers case sensitive mac address comparison * Update plugins/modules/net_tools/nmcli.py Co-authored-by: Felix Fontein <felix@fontein.de> * Convert current_value to uppercase as well in case nmcli changes behaviour Co-authored-by: Felix Fontein <felix@fontein.de>
…ctions#2371) * 📝 Document nested node addition with "_" in xml module Nested node addition using "_" to indicate sub nodes, and attributes are only documented in tests and issues, where is hard to find. * 🚨 Fix trailing space * Apply suggestions from code review Add missing collection prefix for modules. Co-authored-by: Felix Fontein <felix@fontein.de> * Add missing comments * Update xml.py * Fix linter warnings Co-authored-by: Felix Fontein <felix@fontein.de>
* fixed error message * added changelog fragment
* Clean up test entries from sysrc tests * sysrc: enable tests * sysrc: cache the files to be changed and restore them * Update the ezjail archive host and remove obsolete file * sysrc: set ezjail to use archives for 12.0 or less * sysrc: Detect the version to use ftp vs ftp-archive using http * sysrc: Skip ezjail test on FreeBSD 12.0
…mand (ansible-collections#2369) * Added lower call for units when checking lvs/vgs size * Changelog * Size roudning correction * Rounding * Changelog * Remove whitespace
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
SUMMARY
The current module does an apply irrespective of what happens to the resources but mistakes happen all the time and developers might mistakenly remove resources. Therefore it would be convenient to have an option to check for that before any changes is done to the resource.
A fix to #6
ISSUE TYPE
COMPONENT NAME
terraform module
ADDITIONAL INFORMATION
The proposed module takes an optional parameter
check_deletesof type boolean. It defaults to false and passed when the user intends to apply changes. The module would then run aterraform planand check if it would destroy resources and proceed to apply the changes if there is none.