Skip to content
Snippets Groups Projects
Commit dde5b06b authored by Thomas Woerner's avatar Thomas Woerner
Browse files

ipaclient role: Use FQCN for ansible.builtin

Use Fully Qualified Collection Name (FQCN) for ansible builtins. This is
ansible.builtin.set_fact instead of set_fact for example and aplies for
all actions that are part of ansible.builtin.

All the replaced ansible.builtins:
  assert, command, copy, debug, fail, fetch, file, import_playbook,
  import_tasks, include_role, include_tasks, include_vars, package,
  set_fact, shell, slurp, stat, systemd
parent c7e83685
No related branches found
No related tags found
No related merge requests found
......@@ -2,28 +2,28 @@
# tasks file for ipaclient
- name: Install - Ensure that IPA client packages are installed
package:
ansible.builtin.package:
name: "{{ ipaclient_packages }}"
state: present
when: ipaclient_install_packages | bool
- name: Install - Set ipaclient_servers
set_fact:
ansible.builtin.set_fact:
ipaclient_servers: "{{ groups['ipaservers'] | list }}"
when: groups.ipaservers is defined and ipaclient_servers is not defined
- name: Install - Set ipaclient_servers from cluster inventory
set_fact:
ansible.builtin.set_fact:
ipaclient_servers: "{{ groups['ipaserver'] | list }}"
when: ipaclient_no_dns_lookup | bool and groups.ipaserver is defined and
ipaclient_servers is not defined
- name: Install - Check that either password or keytab is set
fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
ansible.builtin.fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
when: ipaadmin_keytab is defined and ipaadmin_password is defined
- name: Install - Set default principal if no keytab is given
set_fact:
ansible.builtin.set_fact:
ipaadmin_principal: admin
when: ipaadmin_principal is undefined and ipaclient_keytab is undefined
......@@ -31,11 +31,11 @@
block:
- name: Install - Fail on missing ipaclient_domain and ipaserver_domain
fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
ansible.builtin.fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
when: ipaserver_domain is not defined and ipaclient_domain is not defined
- name: Install - Fail on missing ipaclient_servers
fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
ansible.builtin.fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
when: ipaclient_dns_servers is not defined
- name: Install - Configure DNS resolver
......@@ -74,7 +74,7 @@
- block:
- name: Install - Cleanup leftover ccache
file:
ansible.builtin.file:
path: "/etc/ipa/.dns_ccache"
state: absent
......@@ -91,12 +91,12 @@
domain: "{{ result_ipaclient_test.domain }}"
- name: Install - Make sure One-Time Password is enabled if it's already defined
set_fact:
ansible.builtin.set_fact:
ipaclient_use_otp: "yes"
when: ipaclient_otp is defined
- name: Install - Disable One-Time Password for on_master
set_fact:
ansible.builtin.set_fact:
ipaclient_use_otp: "no"
when: ipaclient_use_otp | bool and ipaclient_on_master | bool
......@@ -112,7 +112,7 @@
- name: Install - Disable One-Time Password for client with working
krb5.keytab
set_fact:
ansible.builtin.set_fact:
ipaclient_use_otp: "no"
when: ipaclient_use_otp | bool and
result_ipaclient_test_keytab.krb5_keytab_ok and
......@@ -159,14 +159,14 @@
delegate_to: "{{ result_ipaclient_test.servers[0] }}"
- name: Install - Report error for OTP generation
debug:
ansible.builtin.debug:
msg: "{{ result_ipaclient_get_otp.msg }}"
when: result_ipaclient_get_otp is failed
failed_when: yes
- name: Install - Store the previously obtained OTP
no_log: yes
set_fact:
ansible.builtin.set_fact:
ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword
if result_ipaclient_get_otp.host is defined }}"
......@@ -183,7 +183,7 @@
- name: Store predefined OTP in admin_password
no_log: yes
set_fact:
ansible.builtin.set_fact:
ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
ipaadmin_password: "{{ ipaclient_otp }}"
when: ipaclient_otp is defined
......@@ -198,11 +198,11 @@
# result_ipaclient_join.already_joined)))
- name: Install - Check if principal and keytab are set
fail: msg="Admin principal and client keytab cannot be used together"
ansible.builtin.fail: msg="Admin principal and client keytab cannot be used together"
when: ipaadmin_principal is defined and ipaclient_keytab is defined
- name: Install - Check if one of password or keytabs are set
fail: msg="At least one of password or keytabs must be specified"
ansible.builtin.fail: msg="At least one of password or keytabs must be specified"
when: not result_ipaclient_test_keytab.krb5_keytab_ok
and ipaadmin_password is undefined
and ipaadmin_keytab is undefined
......@@ -210,7 +210,7 @@
when: not ipaclient_on_master | bool
- name: Install - Purge {{ result_ipaclient_test.realm }} from host keytab
command: >
ansible.builtin.command: >
/usr/sbin/ipa-rmkeytab
-k /etc/krb5.keytab
-r "{{ result_ipaclient_test.realm }}"
......@@ -254,17 +254,17 @@
- block:
- name: krb5 configuration not correct
fail:
ansible.builtin.fail:
msg: >
The krb5 configuration is not correct, please enable allow_repair
to fix this.
when: not result_ipaclient_test_keytab.krb5_conf_ok
- name: IPA test failed
fail:
ansible.builtin.fail:
msg: "The IPA test failed, please enable allow_repair to fix this."
when: not result_ipaclient_test_keytab.ping_test_ok
- name: ca.crt file is missing
fail:
ansible.builtin.fail:
msg: >
The ca.crt file is missing, please enable allow_repair to fix this.
when: not result_ipaclient_test_keytab.ca_crt_exists
......@@ -411,11 +411,11 @@
always:
- name: Install - Restore original admin password if overwritten by OTP
no_log: yes
set_fact:
ansible.builtin.set_fact:
ipaadmin_password: "{{ ipaadmin_orig_password }}"
when: ipaclient_use_otp | bool and ipaadmin_orig_password is defined
- name: Cleanup leftover ccache
file:
ansible.builtin.file:
path: "/etc/ipa/.dns_ccache"
state: absent
......@@ -2,7 +2,7 @@
# tasks file for ipaclient
- name: Import variables specific to distribution
include_vars: "{{ item }}"
ansible.builtin.include_vars: "{{ item }}"
with_first_found:
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
......@@ -17,9 +17,9 @@
- "{{ role_path }}/vars/default.yml"
- name: Install IPA client
include_tasks: install.yml
ansible.builtin.include_tasks: install.yml
when: state|default('present') == 'present'
- name: Uninstall IPA client
include_tasks: uninstall.yml
ansible.builtin.include_tasks: uninstall.yml
when: state|default('present') == 'absent'
......@@ -2,7 +2,7 @@
# tasks to uninstall IPA client
- name: Uninstall - Uninstall IPA client
command: >
ansible.builtin.command: >
/usr/sbin/ipa-client-install
--uninstall
-U
......@@ -17,6 +17,6 @@
when: ipaclient_cleanup_dns_resolver | bool
#- name: Remove IPA client package
# package:
# ansible.builtin.package:
# name: "{{ ipaclient_packages }}"
# state: absent
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment