Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix lxd_container certificate validation issue #5616 #5820

Closed
wants to merge 25 commits into from
Closed

Fix lxd_container certificate validation issue #5616 #5820

wants to merge 25 commits into from

Conversation

heino
Copy link

@heino heino commented Jan 12, 2023
edited
Loading

SUMMARY

Fixes the certificate validation issue in lxc_container mentioned in #5616.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

lxd_container

ADDITIONAL INFORMATION

The fix involves switching to pyLXD instead of the current module-provided client.

While pyLXD provides a much cleaner way to access and manipulate remote LXD servers, it also provides access to the low level api, which accepts og provides json data exactly as what the current implementation sends and receives. It is therefore possible to simply switch from the current usage of HTTPSConnection to pyLXD, which handles certificate validation. - Further rewrite to usage of the higher level api provided by pyLXD is of cause possible, however usage of the json api reduces the risks unintended changes. - Since pyLXD is maintained by linuxcontainers.org, which governs LXD itself. Hence this is a switch to an official client library, with the advantages this involves...

lxd_profile and lxd_project

The lxd_profile and lxd_project modules have similar issues, but these are not fixed in this PR (at least not yet). However, the additions made in module_utils/lxd.py is placed there to also facilitate transitioning these modules to pylxd.

The current usage of self.client.do() could could be rewritten into something like this:

old_config = self.lxd.api.profiles[self.name].get().json()['metadata']
new_config=old_config
new_config['description'] = 'Something'
self.lxd.profiles.get(self.name).api.put(json=new_config)

old_config = self.lxd.api.projects[self.name].get().json()['metadata']
new_config=old_config
new_config['description'] = 'Something'
self.lxd.projects.get(self.name).api.put(json=new_config)

lxd_connection

pyLXD also has the self.instance.execute() method, which if capable of executions on the remote server. However, the current implementations uses the lxc executable provided by LXD. The parameters of the module is therefore related to this binary to 'forward' the calls to already configures remote servers.

@ansibullbot ansibullbot added WIP Work in progress bug This issue/PR relates to a bug cloud module module module_utils module_utils new_contributor Help guide this first time contributor plugins plugin (any type) labels Jan 12, 2023
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot added tests tests unit tests/unit labels Jan 12, 2023
@felixfontein felixfontein added check-before-release PR will be looked at again shortly before release and merged if possible. backport-5 labels Jan 12, 2023
felixfontein
felixfontein reviewed Jan 12, 2023
View reviewed changes
plugins/module_utils/lxd.py Outdated


from pylxd import Client as PyLxdClient
from pylxd.exceptions import LXDAPIException, ClientConnectionFailed
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A quick note: please check out https://github.com/ansible/ansible/blob/devel/docs/docsite/rst/dev_guide/testing/sanity/import.rst

@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot

This comment was marked as outdated.

Sign in to view
@github-actions
Copy link

github-actions bot commented Jan 12, 2023
edited
Loading

Docs Build 📝

Thank you for contribution!✨

The docsite for this PR is available for download as an artifact from this run:
https://github.com/ansible-collections/community.general/actions/runs/3911844401

File changes:

  • M collections/community/general/gitlab_project_module.html
  • M collections/community/general/index.html
  • M collections/community/general/lxd_container_module.html
  • M collections/community/general/openwrt_init_module.html
  • M collections/community/general/opkg_module.html
  • M collections/community/general/osx_defaults_module.html
  • M collections/community/general/scaleway_compute_private_network_module.html
  • M collections/community/general/scaleway_database_backup_module.html
  • M collections/community/general/scaleway_image_info_module.html
  • M collections/community/general/scaleway_ip_module.html
  • M collections/community/general/scaleway_lb_module.html
  • M collections/community/general/scaleway_organization_info_module.html
  • M collections/community/general/scaleway_private_network_module.html
  • M collections/community/general/scaleway_security_group_module.html
  • M collections/community/general/scaleway_security_group_rule_module.html
  • M collections/community/general/scaleway_sshkey_module.html
  • M collections/community/general/scaleway_user_data_module.html
  • M collections/community/general/scaleway_volume_module.html
  • M collections/index_module.html
Click to see the diff comparison.

NOTE: only file modifications are shown here. New and deleted files are excluded.
See the file list and check the published docs to see those files.

The diff output was truncated because it exceeded the maximum size.

diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/gitlab_project_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/gitlab_project_module.html
index f53513d..2075ed6 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/gitlab_project_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/gitlab_project_module.html
@@ -247,6 +247,22 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-builds_access_level"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-builds-access-level"><strong>builds_access_level</strong></p>
+<a class="ansibleOptionLink" href="#parameter-builds_access_level" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.general 6.2.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p><code class="docutils literal notranslate"><span class="pre">private</span></code> means that repository CI/CD is allowed only to project members.</p>
+<p><code class="docutils literal notranslate"><span class="pre">disabled</span></code> means that repository CI/CD is disabled.</p>
+<p><code class="docutils literal notranslate"><span class="pre">enabled</span></code> means that repository CI/CD is enabled.</p>
+<p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
+<ul class="simple">
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;private&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;disabled&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;enabled&quot;</span></code></p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-ci_config_path"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-ci-config-path"><strong>ci_config_path</strong></p>
 <a class="ansibleOptionLink" href="#parameter-ci_config_path" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.7.0</span></p>
@@ -254,6 +270,22 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 <td><div class="ansible-option-cell"><p>Custom path to the CI configuration file for this project.</p>
 </div></td>
 </tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-container_registry_access_level"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-container-registry-access-level"><strong>container_registry_access_level</strong></p>
+<a class="ansibleOptionLink" href="#parameter-container_registry_access_level" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.general 6.2.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p><code class="docutils literal notranslate"><span class="pre">private</span></code> means that container registry is allowed only to project members.</p>
+<p><code class="docutils literal notranslate"><span class="pre">disabled</span></code> means that container registry is disabled.</p>
+<p><code class="docutils literal notranslate"><span class="pre">enabled</span></code> means that container registry is enabled.</p>
+<p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
+<ul class="simple">
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;private&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;disabled&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;enabled&quot;</span></code></p></li>
+</ul>
+</div></td>
+</tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-default_branch"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-default-branch"><strong>default_branch</strong></p>
 <a class="ansibleOptionLink" href="#parameter-default_branch" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
@@ -271,13 +303,29 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-forking_access_level"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-forking-access-level"><strong>forking_access_level</strong></p>
+<a class="ansibleOptionLink" href="#parameter-forking_access_level" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.general 6.2.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p><code class="docutils literal notranslate"><span class="pre">private</span></code> means that repository forks is allowed only to project members.</p>
+<p><code class="docutils literal notranslate"><span class="pre">disabled</span></code> means that repository forks are disabled.</p>
+<p><code class="docutils literal notranslate"><span class="pre">enabled</span></code> means that repository forks are enabled.</p>
+<p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
+<ul class="simple">
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;private&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;disabled&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;enabled&quot;</span></code></p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-group"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-group"><strong>group</strong></p>
 <a class="ansibleOptionLink" href="#parameter-group" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>Id or the full path of the group of which this projects belongs to.</p>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-import_url"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-import-url"><strong>import_url</strong></p>
 <a class="ansibleOptionLink" href="#parameter-import_url" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
@@ -285,7 +333,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 <p>GitLab server needs read access to this git repository.</p>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-initialize_with_readme"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-initialize-with-readme"><strong>initialize_with_readme</strong></p>
 <a class="ansibleOptionLink" href="#parameter-initialize_with_readme" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 4.0.0</span></p>
@@ -299,7 +347,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-issues_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-issues-enabled"><strong>issues_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-issues_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
@@ -312,7 +360,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-lfs_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-lfs-enabled"><strong>lfs_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-lfs_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 2.0.0</span></p>
@@ -325,7 +373,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-merge_method"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-merge-method"><strong>merge_method</strong></p>
 <a class="ansibleOptionLink" href="#parameter-merge_method" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 1.0.0</span></p>
@@ -340,7 +388,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-merge_requests_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-merge-requests-enabled"><strong>merge_requests_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-merge_requests_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
@@ -353,14 +401,14 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-name"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-name"><strong>name</strong></p>
 <a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>The name of the project.</p>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-only_allow_merge_if_all_discussions_are_resolved"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-only-allow-merge-if-all-discussions-are-resolved"><strong>only_allow_merge_if_all_discussions_are_resolved</strong></p>
 <a class="ansibleOptionLink" href="#parameter-only_allow_merge_if_all_discussions_are_resolved" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.4.0</span></p>
@@ -373,7 +421,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-only_allow_merge_if_pipeline_succeeds"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-only-allow-merge-if-pipeline-succeeds"><strong>only_allow_merge_if_pipeline_succeeds</strong></p>
 <a class="ansibleOptionLink" href="#parameter-only_allow_merge_if_pipeline_succeeds" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.4.0</span></p>
@@ -386,7 +434,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-packages_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-packages-enabled"><strong>packages_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-packages_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.4.0</span></p>
@@ -399,7 +447,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-path"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-path"><strong>path</strong></p>
 <a class="ansibleOptionLink" href="#parameter-path" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
@@ -407,7 +455,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 <p>If not supplied, name will be used.</p>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-remove_source_branch_after_merge"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-remove-source-branch-after-merge"><strong>remove_source_branch_after_merge</strong></p>
 <a class="ansibleOptionLink" href="#parameter-remove_source_branch_after_merge" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.4.0</span></p>
@@ -420,7 +468,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-shared_runners_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-shared-runners-enabled"><strong>shared_runners_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-shared_runners_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.7.0</span></p>
@@ -433,7 +481,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-snippets_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-snippets-enabled"><strong>snippets_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-snippets_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
@@ -445,7 +493,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-squash_option"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-squash-option"><strong>squash_option</strong></p>
 <a class="ansibleOptionLink" href="#parameter-squash_option" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.4.0</span></p>
@@ -460,7 +508,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-state"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-state"><strong>state</strong></p>
 <a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
@@ -473,7 +521,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-username"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-username"><strong>username</strong></p>
 <a class="ansibleOptionLink" href="#parameter-username" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 3.3.0</span></p>
@@ -481,7 +529,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 <td><div class="ansible-option-cell"><p>Used to create a personal project under a user’s name.</p>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-validate_certs"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-validate-certs"><strong>validate_certs</strong></p>
 <a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
@@ -493,7 +541,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-visibility"></div>
 <div class="ansibleOptionAnchor" id="parameter-visibility_level"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-visibility-level"><span id="ansible-collections-community-general-gitlab-project-module-parameter-visibility"></span><strong>visibility</strong></p>
 <a class="ansibleOptionLink" href="#parameter-visibility" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: visibility_level</span></p>
@@ -510,7 +558,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-g
 </ul>
 </div></td>
 </tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-wiki_enabled"></div><p class="ansible-option-title" id="ansible-collections-community-general-gitlab-project-module-parameter-wiki-enabled"><strong>wiki_enabled</strong></p>
 <a class="ansibleOptionLink" href="#parameter-wiki_enabled" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/index.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/index.html
index 56bb931..4cd902f 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/index.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/index.html
@@ -508,7 +508,7 @@
 <li><p><a class="reference internal" href="openbsd_pkg_module.html#ansible-collections-community-general-openbsd-pkg-module"><span class="std std-ref">openbsd_pkg module</span></a> – Manage packages on OpenBSD</p></li>
 <li><p><a class="reference internal" href="opendj_backendprop_module.html#ansible-collections-community-general-opendj-backendprop-module"><span class="std std-ref">opendj_backendprop module</span></a> – Will update the backend configuration of OpenDJ via the dsconfig set-backend-prop command</p></li>
 <li><p><a class="reference internal" href="openwrt_init_module.html#ansible-collections-community-general-openwrt-init-module"><span class="std std-ref">openwrt_init module</span></a> – Manage services on OpenWrt</p></li>
-<li><p><a class="reference internal" href="opkg_module.html#ansible-collections-community-general-opkg-module"><span class="std std-ref">opkg module</span></a> – Package manager for OpenWrt</p></li>
+<li><p><a class="reference internal" href="opkg_module.html#ansible-collections-community-general-opkg-module"><span class="std std-ref">opkg module</span></a> – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions</p></li>
 <li><p><a class="reference internal" href="osx_defaults_module.html#ansible-collections-community-general-osx-defaults-module"><span class="std std-ref">osx_defaults module</span></a> – Manage macOS user defaults</p></li>
 <li><p><a class="reference internal" href="ovh_ip_failover_module.html#ansible-collections-community-general-ovh-ip-failover-module"><span class="std std-ref">ovh_ip_failover module</span></a> – Manage OVH IP failover address</p></li>
 <li><p><a class="reference internal" href="ovh_ip_loadbalancing_backend_module.html#ansible-collections-community-general-ovh-ip-loadbalancing-backend-module"><span class="std std-ref">ovh_ip_loadbalancing_backend module</span></a> – Manage OVH IP LoadBalancing backends</p></li>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/lxd_container_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/lxd_container_module.html
index 8f36236..bcabc7c 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/lxd_container_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/lxd_container_module.html
@@ -343,14 +343,29 @@
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
-<div class="ansibleOptionAnchor" id="parameter-url"></div><p class="ansible-option-title" id="ansible-collections-community-general-lxd-container-module-parameter-url"><strong>url</strong></p>
-<a class="ansibleOptionLink" href="#parameter-url" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<div class="ansibleOptionAnchor" id="parameter-url"></div>
+<div class="ansibleOptionAnchor" id="parameter-endpoint"></div><p class="ansible-option-title" id="ansible-collections-community-general-lxd-container-module-parameter-url"><span id="ansible-collections-community-general-lxd-container-module-parameter-endpoint"></span><strong>url</strong></p>
+<a class="ansibleOptionLink" href="#parameter-url" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: endpoint</span></p>
+<p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>The unix domain socket path or the https URL for the LXD server.</p>
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">&quot;unix:/var/lib/lxd/unix.socket&quot;</span></code></p>
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-verify"></div><p class="ansible-option-title" id="ansible-collections-community-general-lxd-container-module-parameter-verify"><strong>verify</strong></p>
+<a class="ansibleOptionLink" href="#parameter-verify" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
+<p><span class="ansible-option-versionadded">added in community.general 6.3.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>In the case where the certificate is self-signed (LXD’s default), you may opt to disable the TLS fingerprint verification with verify=False. As this disables an important security feature, doing so is strongly discouraged. The client filesystem will be searched for potential certificate to use for TLS verification.</p>
+<p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
+<ul class="simple">
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">false</span></code></p></li>
+<li><p><code class="ansible-option-default-bold docutils literal notranslate"><span class="pre">true</span></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-wait_for_container"></div><p class="ansible-option-title" id="ansible-collections-community-general-lxd-container-module-parameter-wait-for-container"><strong>wait_for_container</strong></p>
 <a class="ansibleOptionLink" href="#parameter-wait_for_container" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 <p><span class="ansible-option-versionadded">added in community.general 4.4.0</span></p>
@@ -363,7 +378,7 @@
 </ul>
 </div></td>
 </tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-wait_for_ipv4_addresses"></div><p class="ansible-option-title" id="ansible-collections-community-general-lxd-container-module-parameter-wait-for-ipv4-addresses"><strong>wait_for_ipv4_addresses</strong></p>
 <a class="ansibleOptionLink" href="#parameter-wait_for_ipv4_addresses" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
 </div></td>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/openwrt_init_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/openwrt_init_module.html
index 97c0301..a7a858d 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/openwrt_init_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/openwrt_init_module.html
@@ -22,7 +22,7 @@
         <script src="../../../_static/sphinx_highlight.js"></script>
     <script src="../../../_static/js/theme.js"></script>
     <link rel="search" title="Search" href="../../../search.html" />
-    <link rel="next" title="community.general.opkg module – Package manager for OpenWrt" href="opkg_module.html" />
+    <link rel="next" title="community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions" href="opkg_module.html" />
     <link rel="prev" title="community.general.opendj_backendprop module – Will update the backend configuration of OpenDJ via the dsconfig set-backend-prop command" href="opendj_backendprop_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
 
 
@@ -278,7 +278,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-o
 
 <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
         <a href="opendj_backendprop_module.html" class="btn btn-neutral float-left" title="community.general.opendj_backendprop module – Will update the backend configuration of OpenDJ via the dsconfig set-backend-prop command" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
-        <a href="opkg_module.html" class="btn btn-neutral float-right" title="community.general.opkg module – Package manager for OpenWrt" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
+        <a href="opkg_module.html" class="btn btn-neutral float-right" title="community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
     </div>
 
   <hr/>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/opkg_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/opkg_module.html
index da7f60e..1834f29 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/opkg_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/opkg_module.html
@@ -4,7 +4,7 @@
   <meta charset="utf-8" /><meta name="generator" content="Docutils 0.17.1: http://docutils.sourceforge.net/" />
 
   <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-  <title>community.general.opkg module – Package manager for OpenWrt &mdash; Ansible collections  documentation</title>
+  <title>community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions &mdash; Ansible collections  documentation</title>
       <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
       <link rel="stylesheet" href="../../../_static/css/ansible.css" type="text/css" />
       <link rel="stylesheet" href="../../../_static/antsibull-minimal.css" type="text/css" />
@@ -122,7 +122,7 @@
           <li class="breadcrumb-item"><a href="../../index.html">Collection Index</a></li>
           <li class="breadcrumb-item"><a href="../index.html">Collections in the Community Namespace</a></li>
           <li class="breadcrumb-item"><a href="index.html">Community.General</a></li>
-      <li class="breadcrumb-item active">community.general.opkg module – Package manager for OpenWrt</li>
+      <li class="breadcrumb-item active">community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions</li>
       <li class="wy-breadcrumbs-aside">
               <!-- User defined GitHub URL -->
               <a href="https://github.com/ansible-collections/community.general/edit/main/plugins/modules/opkg.py?description=%23%23%23%23%23%20SUMMARY%0A%3C!—%20Your%20description%20here%20–%3E%0A%0A%0A%23%23%23%23%23%20ISSUE%20TYPE%0A-%20Docs%20Pull%20Request%0A%0A%2Blabel:%20docsite_pr" class="fa fa-github"> Edit on GitHub</a>
@@ -135,8 +135,8 @@
   
            <div itemprop="articleBody">
              
-  <span class="target" id="ansible-collections-community-general-opkg-module"></span><section id="community-general-opkg-module-package-manager-for-openwrt">
-<h1>community.general.opkg module – Package manager for OpenWrt<a class="headerlink" href="#community-general-opkg-module-package-manager-for-openwrt" title="Permalink to this heading"></a></h1>
+  <span class="target" id="ansible-collections-community-general-opkg-module"></span><section id="community-general-opkg-module-package-manager-for-openwrt-and-openembedded-yocto-based-linux-distributions">
+<h1>community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions<a class="headerlink" href="#community-general-opkg-module-package-manager-for-openwrt-and-openembedded-yocto-based-linux-distributions" title="Permalink to this heading"></a></h1>
 <div class="admonition note">
 <p class="admonition-title">Note</p>
 <p>This module is part of the <a class="reference external" href="https://galaxy.ansible.com/community/general">community.general collection</a> (version 6.3.0).</p>
@@ -156,7 +156,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-o
 <section id="synopsis">
 <h2><a class="toc-backref" href="#id1">Synopsis</a><a class="headerlink" href="#synopsis" title="Permalink to this heading"></a></h2>
 <ul class="simple">
-<li><p>Manages OpenWrt packages</p></li>
+<li><p>Manages ipk packages for OpenWrt and Openembedded/Yocto based Linux distributions</p></li>
 </ul>
 </section>
 <section id="requirements">
@@ -204,7 +204,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-o
 <p class="ansible-option-type-line"><span class="ansible-option-type">list</span> / <span class="ansible-option-elements">elements=string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>Name of package(s) to install/remove.</p>
-<p><code class="docutils literal notranslate"><span class="pre">NAME=VERSION</span></code> syntax is also supported to install a package in a certain version. See the examples. This is supported since community.general 6.2.0.</p>
+<p><code class="docutils literal notranslate"><span class="pre">NAME=VERSION</span></code> syntax is also supported to install a package in a certain version. See the examples. This only works on Yocto based Linux distributions (opkg&gt;=0.3.2) and not for OpenWrt. This is supported since community.general 6.2.0.</p>
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
@@ -243,7 +243,7 @@ see <a class="reference internal" href="#ansible-collections-community-general-o
 <span class="w">    </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">foo</span>
 <span class="w">    </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
 
-<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install foo in version 1.2</span>
+<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Install foo in version 1.2 (opkg&gt;=0.3.2 on Yocto based Linux distributions)</span>
 <span class="w">  </span><span class="nt">community.general.opkg</span><span class="p">:</span>
 <span class="w">    </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">foo=1.2</span>
 <span class="w">    </span><span class="nt">state</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">present</span>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/osx_defaults_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/osx_defaults_module.html
index 2e79a03..abe81ed 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/osx_defaults_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/osx_defaults_module.html
@@ -23,7 +23,7 @@
     <script src="../../../_static/js/theme.js"></script>
     <link rel="search" title="Search" href="../../../search.html" />
     <link rel="next" title="community.general.ovh_ip_failover module – Manage OVH IP failover address" href="ovh_ip_failover_module.html" />
-    <link rel="prev" title="community.general.opkg module – Package manager for OpenWrt" href="opkg_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
+    <link rel="prev" title="community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions" href="opkg_module.html" /><!-- extra head elements for Ansible beyond RTD Sphinx Theme -->
 
 
 
@@ -337,7 +337,7 @@
           
 
 <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
-        <a href="opkg_module.html" class="btn btn-neutral float-left" title="community.general.opkg module – Package manager for OpenWrt" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
+        <a href="opkg_module.html" class="btn btn-neutral float-left" title="community.general.opkg module – Package manager for OpenWrt and Openembedded/Yocto based Linux distributions" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
         <a href="ovh_ip_failover_module.html" class="btn btn-neutral float-right" title="community.general.ovh_ip_failover module – Manage OVH IP failover address" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
     </div>
 
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_compute_private_network_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_compute_private_network_module.html
index b8460a0..9202e45 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_compute_private_network_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_compute_private_network_module.html
@@ -318,7 +318,7 @@
 <a class="ansibleOptionLink" href="#return-scaleway_compute_private_network" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>Information on the VPC.</p>
-<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> success when <code class="docutils literal notranslate"><span class="pre">state=present</span></code></p>
+<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> success when <em>state=present</em></p>
 <p class="ansible-option-line ansible-option-sample"><span class="ansible-option-sample-bold">Sample:</span> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">{&quot;created_at&quot;:</span> <span class="pre">&quot;2022-01-15T11:11:12.676445Z&quot;,</span> <span class="pre">&quot;id&quot;:</span> <span class="pre">&quot;12345678-f1e6-40ec-83e5-12345d67ed89&quot;,</span> <span class="pre">&quot;name&quot;:</span> <span class="pre">&quot;network&quot;,</span> <span class="pre">&quot;organization_id&quot;:</span> <span class="pre">&quot;a123b4cd-ef5g-678h-90i1-jk2345678l90&quot;,</span> <span class="pre">&quot;project_id&quot;:</span> <span class="pre">&quot;a123b4cd-ef5g-678h-90i1-jk2345678l90&quot;,</span> <span class="pre">&quot;tags&quot;:</span> <span class="pre">[&quot;tag1&quot;,</span> <span class="pre">&quot;tag2&quot;,</span> <span class="pre">&quot;tag3&quot;,</span> <span class="pre">&quot;tag4&quot;,</span> <span class="pre">&quot;tag5&quot;],</span> <span class="pre">&quot;updated_at&quot;:</span> <span class="pre">&quot;2022-01-15T11:12:04.624837Z&quot;,</span> <span class="pre">&quot;zone&quot;:</span> <span class="pre">&quot;fr-par-2&quot;}</span></code></p>
 </div></td>
 </tr>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_database_backup_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_database_backup_module.html
index 41354a1..b3c0436 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_database_backup_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_database_backup_module.html
@@ -203,7 +203,7 @@
 </div></td>
 <td><div class="ansible-option-cell"><p>Name used to identify the database.</p>
 <p>Required for <code class="docutils literal notranslate"><span class="pre">present</span></code> and <code class="docutils literal notranslate"><span class="pre">restored</span></code> states.</p>
-<p>Ignored when <code class="docutils literal notranslate"><span class="pre">state=absent</span></code> or <code class="docutils literal notranslate"><span class="pre">state=exported</span></code>.</p>
+<p>Ignored when <em>state=absent</em> or <em>state=exported</em>.</p>
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
@@ -211,7 +211,7 @@
 <a class="ansibleOptionLink" href="#parameter-expires_at" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>Expiration datetime of the database backup (ISO 8601 format).</p>
-<p>Ignored when <code class="docutils literal notranslate"><span class="pre">state=absent</span></code>, <code class="docutils literal notranslate"><span class="pre">state=exported</span></code> or <code class="docutils literal notranslate"><span class="pre">state=restored</span></code>.</p>
+<p>Ignored when <em>state=absent</em>, <em>state=exported</em> or <em>state=restored</em>.</p>
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
@@ -228,7 +228,7 @@
 </div></td>
 <td><div class="ansible-option-cell"><p>UUID of the instance associated to the database backup.</p>
 <p>Required for <code class="docutils literal notranslate"><span class="pre">present</span></code> and <code class="docutils literal notranslate"><span class="pre">restored</span></code> states.</p>
-<p>Ignored when <code class="docutils literal notranslate"><span class="pre">state=absent</span></code> or <code class="docutils literal notranslate"><span class="pre">state=exported</span></code>.</p>
+<p>Ignored when <em>state=absent</em> or <em>state=exported</em>.</p>
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
@@ -237,7 +237,7 @@
 </div></td>
 <td><div class="ansible-option-cell"><p>Name used to identify the database backup.</p>
 <p>Required for <code class="docutils literal notranslate"><span class="pre">present</span></code> state.</p>
-<p>Ignored when <code class="docutils literal notranslate"><span class="pre">state=absent</span></code>, <code class="docutils literal notranslate"><span class="pre">state=exported</span></code> or <code class="docutils literal notranslate"><span class="pre">state=restored</span></code>.</p>
+<p>Ignored when <em>state=absent</em>, <em>state=exported</em> or <em>state=restored</em>.</p>
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
@@ -380,7 +380,7 @@
 <a class="ansibleOptionLink" href="#return-metadata" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
 </div></td>
 <td><div class="ansible-option-cell"><p>Backup metadata.</p>
-<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> when <code class="docutils literal notranslate"><span class="pre">state=present</span></code>, <code class="docutils literal notranslate"><span class="pre">state=exported</span></code> or <code class="docutils literal notranslate"><span class="pre">state=restored</span></code></p>
+<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> when <em>state=present</em>, <em>state=exported</em> or <em>state=restored</em></p>
 <p class="ansible-option-line ansible-option-sample"><span class="ansible-option-sample-bold">Sample:</span> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">{&quot;metadata&quot;:</span> <span class="pre">{&quot;created_at&quot;:</span> <span class="pre">&quot;2020-08-06T12:42:05.631049Z&quot;,</span> <span class="pre">&quot;database_name&quot;:</span> <span class="pre">&quot;my-database&quot;,</span> <span class="pre">&quot;download_url&quot;:</span> <span class="pre">null,</span> <span class="pre">&quot;download_url_expires_at&quot;:</span> <span class="pre">null,</span> <span class="pre">&quot;expires_at&quot;:</span> <span class="pre">null,</span> <span class="pre">&quot;id&quot;:</span> <span class="pre">&quot;a15297bd-0c4a-4b4f-8fbb-b36a35b7eb07&quot;,</span> <span class="pre">&quot;instance_id&quot;:</span> <span class="pre">&quot;617be32e-6497-4ed7-b4c7-0ee5a81edf49&quot;,</span> <span class="pre">&quot;instance_name&quot;:</span> <span class="pre">&quot;my-instance&quot;,</span> <span class="pre">&quot;name&quot;:</span> <span class="pre">&quot;backup_name&quot;,</span> <span class="pre">&quot;region&quot;:</span> <span class="pre">&quot;fr-par&quot;,</span> <span class="pre">&quot;size&quot;:</span> <span class="pre">600000,</span> <span class="pre">&quot;status&quot;:</span> <span class="pre">&quot;ready&quot;,</span> <span class="pre">&quot;updated_at&quot;:</span> <span class="pre">&quot;2020-08-06T12:42:10.581649Z&quot;}}</span></code></p>
 </div></td>
 </tr>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_image_info_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_image_info_module.html
index dffaa75..5404bd0 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_image_info_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_image_info_module.html
@@ -209,7 +209,7 @@
 <div class="ansibleOptionAnchor" id="parameter-region"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-image-info-module-parameter-region"><strong>region</strong></p>
 <a class="ansibleOptionLink" href="#parameter-region" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Scaleway compute zone</p>
+<td><div class="ansible-option-cell"><p>Scaleway compute zone.</p>
 <p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
 <ul class="simple">
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;ams1&quot;</span></code></p></li>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_ip_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_ip_module.html
index 1dd6a32..f56b9ff 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_ip_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_ip_module.html
@@ -320,8 +320,8 @@
 <div class="ansibleOptionAnchor" id="return-data"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-ip-module-return-data"><strong>data</strong></p>
 <a class="ansibleOptionLink" href="#return-data" title="Permalink to this return value"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>This is only present when <code class="docutils literal notranslate"><span class="pre">state=present</span></code></p>
-<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> when <code class="docutils literal notranslate"><span class="pre">state=present</span></code></p>
+<td><div class="ansible-option-cell"><p>This is only present when <em>state=present</em>.</p>
+<p class="ansible-option-line"><span class="ansible-option-returned-bold">Returned:</span> when <em>state=present</em></p>
 <p class="ansible-option-line ansible-option-sample"><span class="ansible-option-sample-bold">Sample:</span> <code class="ansible-option-sample docutils literal notranslate"><span class="pre">{&quot;ips&quot;:</span> <span class="pre">[{&quot;address&quot;:</span> <span class="pre">&quot;212.47.232.136&quot;,</span> <span class="pre">&quot;id&quot;:</span> <span class="pre">&quot;dd9e8df6-6775-4863-b517-e0b0ee3d7477&quot;,</span> <span class="pre">&quot;organization&quot;:</span> <span class="pre">&quot;951df375-e094-4d26-97c1-ba548eeb9c42&quot;,</span> <span class="pre">&quot;reverse&quot;:</span> <span class="pre">null,</span> <span class="pre">&quot;server&quot;:</span> <span class="pre">{&quot;id&quot;:</span> <span class="pre">&quot;3f1568ca-b1a2-4e98-b6f7-31a0588157f1&quot;,</span> <span class="pre">&quot;name&quot;:</span> <span class="pre">&quot;ansible_tuto-1&quot;}}]}</span></code></p>
 </div></td>
 </tr>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_lb_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_lb_module.html
index 151da30..035a0ec 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_lb_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_lb_module.html
@@ -199,21 +199,21 @@
 <div class="ansibleOptionAnchor" id="parameter-description"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-description"><strong>description</strong></p>
 <a class="ansibleOptionLink" href="#parameter-description" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Description of the load-balancer</p>
+<td><div class="ansible-option-cell"><p>Description of the load-balancer.</p>
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-name"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-name"><strong>name</strong></p>
 <a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Name of the load-balancer</p>
+<td><div class="ansible-option-cell"><p>Name of the load-balancer.</p>
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-organization_id"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-organization-id"><strong>organization_id</strong></p>
 <a class="ansibleOptionLink" href="#parameter-organization_id" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Organization identifier</p>
+<td><div class="ansible-option-cell"><p>Organization identifier.</p>
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
@@ -228,7 +228,7 @@
 <div class="ansibleOptionAnchor" id="parameter-region"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-region"><strong>region</strong></p>
 <a class="ansibleOptionLink" href="#parameter-region" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Scaleway zone</p>
+<td><div class="ansible-option-cell"><p>Scaleway zone.</p>
 <p class="ansible-option-line"><span class="ansible-option-choices">Choices:</span></p>
 <ul class="simple">
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;nl-ams&quot;</span></code></p></li>
@@ -253,7 +253,7 @@
 <div class="ansibleOptionAnchor" id="parameter-tags"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-tags"><strong>tags</strong></p>
 <a class="ansibleOptionLink" href="#parameter-tags" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">list</span> / <span class="ansible-option-elements">elements=string</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>List of tags to apply to the load-balancer</p>
+<td><div class="ansible-option-cell"><p>List of tags to apply to the load-balancer.</p>
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">[]</span></code></p>
 </div></td>
 </tr>
@@ -285,7 +285,7 @@
 <div class="ansibleOptionAnchor" id="parameter-wait_sleep_time"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-wait-sleep-time"><strong>wait_sleep_time</strong></p>
 <a class="ansibleOptionLink" href="#parameter-wait_sleep_time" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">integer</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Time to wait before every attempt to check the state of the load-balancer</p>
+<td><div class="ansible-option-cell"><p>Time to wait before every attempt to check the state of the load-balancer.</p>
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">3</span></code></p>
 </div></td>
 </tr>
@@ -293,7 +293,7 @@
 <div class="ansibleOptionAnchor" id="parameter-wait_timeout"></div><p class="ansible-option-title" id="ansible-collections-community-general-scaleway-lb-module-parameter-wait-timeout"><strong>wait_timeout</strong></p>
 <a class="ansibleOptionLink" href="#parameter-wait_timeout" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">integer</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Time to wait for the load-balancer to reach the expected state</p>
+<td><div class="ansible-option-cell"><p>Time to wait for the load-balancer to reach the expected state.</p>
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">300</span></code></p>
 </div></td>
 </tr>
diff --git a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_organization_info_module.html b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_organization_info_module.html
index db235c8..5a8d1e2 100644
--- a/home/runner/work/community.general/community.general/docsbuild/base/collections/community/general/scaleway_organization_info_module.html
+++ b/home/runner/work/community.general/community.general/docsbuild/head/collections/community/general/scaleway_organization_info_module.html
@@ -193,7 +193,7 @@
 <a class="ansibleOptionLink" href="#parameter-api_url" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: base_url</span></p>
 <p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
-<td><div class="ansible-option-cell"><p>Scaleway API URL</p>
+<td><div class="ansible-option-cell"><p>Scaleway API URL.</p>
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">&quot;https://account.scaleway.com&quot;</span></code></p>
 </div></td>
 </tr>
@@ -287,7 +287,7 @@
 <div class="ansibleOptionAnchor" id="return-scaleway_organization_info"></div><p class="ansible-o

@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot added the ci_verified Push fixes to PR branch to re-run CI label Jan 12, 2023
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot added ci_verified Push fixes to PR branch to re-run CI needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Jan 13, 2023
@ansibullbot ansibullbot removed the ci_verified Push fixes to PR branch to re-run CI label Jan 13, 2023
@ansibullbot

This comment was marked as outdated.

Sign in to view
@ansibullbot ansibullbot added the ci_verified Push fixes to PR branch to re-run CI label Jan 13, 2023
@ansibullbot
Copy link
Collaborator

cc @conloos
click here for bot help

@ansibullbot ansibullbot removed ci_verified Push fixes to PR branch to re-run CI needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Jan 13, 2023
russoz
russoz reviewed Jan 16, 2023
View reviewed changes
Copy link
Collaborator

@russoz russoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @heino
Thank you for the contribution! Please add a changelog fragment.

I left a couple of comments, but I must say it was only a first glance - this PR is somewhat long and it will take a while for me to chew through it.

plugins/module_utils/lxd.py
@@ -132,3 +145,145 @@ def default_key_file():

def default_cert_file():
return os.path.expanduser('~/.config/lxc/client.crt')


# Copyright (c) 2023, Heino H. Gehlsen <heino.gehlsen@gmail.com>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line should be inserted before line 3, the rest of this comment block is redundant.

plugins/module_utils/lxd.py
Comment on lines +155 to +166
import os
import traceback
from ansible.module_utils.basic import missing_required_lib
try:
from pylxd import Client as PyLxdClient
from pylxd.exceptions import LXDAPIException, ClientConnectionFailed
except ImportError:
HAS_PYLXD = False
PYLXD_IMPORT_ERROR = traceback.format_exc()
else:
HAS_PYLXD = True
PYLXD_IMPORT_ERROR = None
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These imports should be on the top(-ish) together with the other imports. Also, os has been imported already.

plugins/module_utils/lxd.py
Comment on lines +157 to +161
from ansible.module_utils.basic import missing_required_lib
try:
from pylxd import Client as PyLxdClient
from pylxd.exceptions import LXDAPIException, ClientConnectionFailed
except ImportError:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You might want to take a look at how this is done in:
https://github.com/ansible-collections/community.general/blob/main/plugins/modules/dnsimple_info.py

It might simplify your life.

felixfontein
felixfontein reviewed Jan 17, 2023
View reviewed changes
Copy link
Collaborator

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please note that this PR looks way to complicated for a bugfix. Also adding a new option is not a bugfix, but a feature.

Please also note that you must include a changelog fragment.

plugins/modules/lxd_container.py
@@ -151,6 +151,7 @@
- The unix domain socket path or the https URL for the LXD server.
required: false
default: unix:/var/lib/lxd/unix.socket
aliases: [ endpoint ]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would avoid adding new aliases if not necessary.

plugins/modules/lxd_container.py
@@ -172,6 +173,16 @@
required: false
aliases: [ cert_file ]
type: path
verify:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The usual name for certificate validation toggles is validate_certs.

Suggested change
verify:
validate_certs:

plugins/modules/lxd_container.py
verify:
description:
- In the case where the certificate is self-signed (LXD's default),
you may opt to disable the TLS fingerprint verification with verify=False.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
you may opt to disable the TLS fingerprint verification with verify=False.
you may opt to disable the TLS certificate validation with I(verify=false).

This is likely not fingerprint validation, but certificate validation?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What now ?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Digging through the code of pyLXD, requests, and urllib3 shows:

  • It actually verifies certificate fingerprints instead of validating certificate chains, but only when it finds the server certificate locally.
  • When a string is passed to verify, it will use that as a path to the certificate to read.
  • If verify=true is passed, it looks in ${CERTS_PATH}/servercerts/${REMOTE}.crt (where CERTS_PATH can have one of multiple values: https://github.com/lxc/pylxd/blob/72426bf7c5d2b8768cfd1779523c9860cfafd266/pylxd/client.py#L36-L42, and where REMOTE is extracted from the endpoint) - if that exists, it will use that one, if it does not exist, it will fall back to certificate chain validation.

So it's pretty complicated.

Copy link
Contributor

@fkuep fkuep Jan 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • While I cannot guarantee, I have a feeling this should not break old playbooks.
  • Security is better than what happenend in the old module, where all was silently ignored.
  • pyLXD shows regular contributions from lxd team.

You had stomach ache with calling it a bug fix, since it adds the verify option.
If we :

  • call it a feature pull request
  • use verify is a bool (default true)
    • make it win over server_cert when false
  • have a 2nd new parameter server_cert (default ${CERTS_PATH}/servercerts/${REMOTE}.crt)
    • describe that it also takes an absolute path for use with fingerprint verification

Do You think it can replace the module under the same name as the next version ?
See, the functionality is practically going to break for everyone, if nothing happens

tests/unit/requirements.txt

# requirements for lxd modules
pylxd
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this suddenly needed?

@ansibullbot ansibullbot added the stale_ci CI is older than 7 days, rerun before merging label Jan 25, 2023
@ansibullbot ansibullbot added needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Feb 27, 2023
@felixfontein
Copy link
Collaborator

ping @heino

needs_info

@ansibullbot ansibullbot added the needs_info This issue requires further information. Please answer any outstanding questions label Mar 26, 2023
@ansibullbot
Copy link
Collaborator

@heino This pullrequest is waiting for your response. Please respond or the pullrequest will be closed.

click here for bot help

@ansibullbot
Copy link
Collaborator

@heino You have not responded to information requests in this pullrequest so we will assume it no longer affects you. If you are still interested in this, please create a new pullrequest with the requested information.

click here for bot help

@ansibullbot ansibullbot closed this Jun 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@russoz russoz russoz left review comments

@felixfontein felixfontein felixfontein left review comments

@fkuep fkuep fkuep left review comments

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug check-before-release PR will be looked at again shortly before release and merged if possible. cloud module_utils module_utils module module needs_info This issue requires further information. Please answer any outstanding questions needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR new_contributor Help guide this first time contributor plugins plugin (any type) stale_ci CI is older than 7 days, rerun before merging tests tests unit tests/unit
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@heino @ansibullbot @felixfontein @russoz @fkuep