Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipa_sudorule add support for setting runasextusers #2031

Merged
merged 5 commits into from
Mar 21, 2021
Merged

ipa_sudorule add support for setting runasextusers #2031

merged 5 commits into from
Mar 21, 2021

Conversation

quasd
Copy link
Contributor

@quasd quasd commented Mar 17, 2021

SUMMARY
ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

ipa_sudorule.py

ADDITIONAL INFORMATION

While moving from bash script to ansible the lack of being able to set sudorule runasuser came up. This pull request is meant to fix that.

This code allow using ipa_sudorule module to do same as the code below.

ipa sudorule-add-runasuser $SUDONAME --users=root

@ansibullbot
Copy link
Collaborator

cc @Akasurde @Nosmoht @fxfitz
click here for bot help

@ansibullbot ansibullbot added affects_2.10 community_review feature This issue/PR relates to a feature request identity module module needs_triage new_contributor Help guide this first time contributor plugins plugin (any type) labels Mar 17, 2021
felixfontein
felixfontein reviewed Mar 17, 2021
View reviewed changes
Copy link
Collaborator

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable (disclaimer: I don't know ipa) and should not break any existing use of the module. Could you please add a changelog fragment?

plugins/modules/identity/ipa/ipa_sudorule.py Show resolved Hide resolved
quasd and others added 2 commits March 17, 2021 14:57
@felixfontein felixfontein added backport-2 check-before-release PR will be looked at again shortly before release and merged if possible. labels Mar 17, 2021
@quasd @felixfontein
Update changelogs/fragments/2031-ipa_sudorule_add_runasextusers.yml
aa1e7f8 
Co-authored-by: Felix Fontein <felix@fontein.de>
@felixfontein
Copy link
Collaborator

If nobody complains, I'll merge this for the next release.

@felixfontein felixfontein merged commit ff9f987 into ansible-collections:main Mar 21, 2021
patchback bot pushed a commit that referenced this pull request Mar 21, 2021
@quasd
ipa_sudorule add support for setting runasextusers (#2031)
0067a67 
* Add support for setting runasextusers

* fix formatting

* add changelog fragment

* Update plugins/modules/identity/ipa/ipa_sudorule.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/2031-ipa_sudorule_add_runasextusers.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: quasd <qquasd@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ff9f987)
@patchback patchback bot mentioned this pull request Mar 21, 2021
Merged
@felixfontein
Copy link
Collaborator

@quasd thanks for contributing this!

@felixfontein felixfontein removed the check-before-release PR will be looked at again shortly before release and merged if possible. label Mar 21, 2021
felixfontein pushed a commit that referenced this pull request Mar 21, 2021
@patchback @quasd
ipa_sudorule add support for setting runasextusers (#2031) (#2068)
ca81a5c 
* Add support for setting runasextusers

* fix formatting

* add changelog fragment

* Update plugins/modules/identity/ipa/ipa_sudorule.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/2031-ipa_sudorule_add_runasextusers.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: quasd <qquasd@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit ff9f987)

Co-authored-by: quasd <quasd@users.noreply.github.com>
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Apr 2, 2021
ansible: updated to 3.2.0
d789ad6 
v3.2.0

community.crypto
- acme module_utils - the ``acme`` module_utils has been split up into several Python modules (ansible-collections/community.crypto#184).
- acme_* modules - codebase refactor which should not be visible to end-users (ansible-collections/community.crypto#184).
- acme_* modules - support account key passphrases for ``cryptography`` backend (ansible-collections/community.crypto#197, ansible-collections/community.crypto#207).
- acme_certificate_revoke - support revoking by private keys that are passphrase protected for ``cryptography`` backend (ansible-collections/community.crypto#207).
- acme_challenge_cert_helper - add ``private_key_passphrase`` parameter (ansible-collections/community.crypto#207).

community.docker
- docker_swarm_service - change ``publish.published_port`` option from mandatory to optional. Docker will assign random high port if not specified (ansible-collections/community.docker#99).

community.general
- archive - refactored some reused code out into a couple of functions (ansible-collections/community.general#2061).
- csv module utils - new module_utils for shared functions between ``from_csv`` filter and ``read_csv`` module (ansible-collections/community.general#2037).
- ipa_sudorule - add support for setting sudo runasuser (ansible-collections/community.general#2031).
- jenkins_job - add a ``validate_certs`` parameter that allows disabling TLS/SSL certificate validation (ansible-collections/community.general#255).
- kibana_plugin - add parameter for passing ``--allow-root`` flag to kibana and kibana-plugin commands (ansible-collections/community.general#2014).
- proxmox - added ``purge`` module parameter for use when deleting lxc's with HA options (ansible-collections/community.general#2013).
- proxmox inventory plugin - added ``tags_parsed`` fact containing tags parsed as a list (ansible-collections/community.general#1949).
- proxmox_kvm - added new module parameter ``tags`` for use with PVE 6+ (ansible-collections/community.general#2000).
- rax - elements of list parameters are now validated (ansible-collections/community.general#2006).
- rax_cdb_user - elements of list parameters are now validated (ansible-collections/community.general#2006).
- rax_scaling_group - elements of list parameters are now validated (ansible-collections/community.general#2006).
- read_csv - refactored read_csv module to use shared csv functions from csv module_utils (ansible-collections/community.general#2037).
- redfish_* modules, redfish_utils module utils - add support for Redfish session create, delete, and authenticate (ansible-collections/community.general#1975).
- snmp_facts - added parameters ``timeout`` and ``retries`` to module (ansible-collections/community.general#980).
- vdo - add ``force`` option (ansible-collections/community.general#2101).

community.network
- edgeos_config - match the space after ``set`` and ``delete`` commands (ansible-collections/community.network#199).
- nclu - execute ``net commit description <description>`` only if changed ``net pending``'s diff field (ansible-collections/community.network#219).

community.postgresql
- postgresql_info - add the ``patch``, ``full``, and ``raw`` values of the ``version`` return value (ansible-collections/community.postgresql#68).
- postgresql_ping - add the ``patch``, ``full``, and ``raw`` values of the ``server_version`` return value (ansible-collections/community.postgresql#70).

community.zabbix
- zabbix_agent - added support for installations on arm64 systems (ansible-collections/community.zabbix#320).
- zabbix_proxy - now supports configuring StatsAllowedIP (ansible-collections/community.zabbix#337).
- zabbix_server - added support for installtions on arm64 systems (ansible-collections/community.zabbix#320).
- zabbix_web - added support for installtions on arm64 systems (ansible-collections/community.zabbix#320).

dellemc.openmanage
- ome_template - Allows to deploy a template on device groups.

hetzner.hcloud
- Add firewalls to hcloud_server module

ovirt.ovirt
- cluster_upgrade - Add correlation-id header (oVirt/ovirt-ansible-collection#222).
- engine_setup - Add skip renew pki confirm (oVirt/ovirt-ansible-collection#228).
- examples - Add recipe for removing DM device (oVirt/ovirt-ansible-collection#233).
- hosted_engine_setup - Filter devices with unsupported bond mode (oVirt/ovirt-ansible-collection#226).
- infra - Add reboot host parameters (oVirt/ovirt-ansible-collection#231).
- ovirt_disk - Add SATA support (oVirt/ovirt-ansible-collection#225).
- ovirt_user - Add ssh_public_key (oVirt/ovirt-ansible-collection#232)

purestorage.flasharray
- purefa_maintenance - New module to set maintenance windows
- purefa_pg - Add support to rename protection groups
- purefa_syslog - Add support for naming SYSLOG servers for Purity//FA 6.1 or higher

purestorage.flashblade
- purefb_certs - Add update functionality for array cert
- purefb_fs - Add multiprotocol ACL support
- purefb_info - Add information regarding filesystem multiprotocol (where available)
- purefb_info - Add new parameter to provide details on admin users
- purefb_info - Add replication performace statistics
- purefb_s3user - Add ability to remove an S3 users existing access key
@Andersson007
Copy link
Contributor

@quasd hi, thanks for your contribution! We could add your GH login to .github/BOTMETA.yml in a corresponding team as a maintainer.
You'll be notified about Issues/PRs related to this stuff and your shipit will be counted by bot for automerge (needs two for bugfixes and minor changes).
What do you think?

@quasd
Copy link
Contributor Author

quasd commented Apr 23, 2021

I doubt I will be contributing actively, so not sure how to feel about this.

@Andersson007
Copy link
Contributor

@quasd there's no requirement to contribute actively to be in a team. If there are related PRs / issues raised and you, as a specialist, can take a look (even quick) at them and say your opinion, it would be very valuable. Or there can theoretically be issues with the code you added, so you will know about it. What do you think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein approved these changes

Assignees
No one assigned
Labels
community_review feature This issue/PR relates to a feature request identity module module new_contributor Help guide this first time contributor plugins plugin (any type)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@quasd @ansibullbot @felixfontein @Andersson007