From dde5b06b97f5ade44c2aadb7032faf6a4c28f920 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Tue, 20 Dec 2022 13:37:07 +0100
Subject: [PATCH] ipaclient role: Use FQCN for ansible.builtin
Use Fully Qualified Collection Name (FQCN) for ansible builtins. This is
ansible.builtin.set_fact instead of set_fact for example and aplies for
all actions that are part of ansible.builtin.
All the replaced ansible.builtins:
assert, command, copy, debug, fail, fetch, file, import_playbook,
import_tasks, include_role, include_tasks, include_vars, package,
set_fact, shell, slurp, stat, systemd
---
roles/ipaclient/tasks/install.yml | 44 ++++++++++++++---------------
roles/ipaclient/tasks/main.yml | 6 ++--
roles/ipaclient/tasks/uninstall.yml | 4 +--
3 files changed, 27 insertions(+), 27 deletions(-)
diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index 3efc8b60..fa64afb6 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -2,28 +2,28 @@
# tasks file for ipaclient
- name: Install - Ensure that IPA client packages are installed
- package:
+ ansible.builtin.package:
name: "{{ ipaclient_packages }}"
state: present
when: ipaclient_install_packages | bool
- name: Install - Set ipaclient_servers
- set_fact:
+ ansible.builtin.set_fact:
ipaclient_servers: "{{ groups['ipaservers'] | list }}"
when: groups.ipaservers is defined and ipaclient_servers is not defined
- name: Install - Set ipaclient_servers from cluster inventory
- set_fact:
+ ansible.builtin.set_fact:
ipaclient_servers: "{{ groups['ipaserver'] | list }}"
when: ipaclient_no_dns_lookup | bool and groups.ipaserver is defined and
ipaclient_servers is not defined
- name: Install - Check that either password or keytab is set
- fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
+ ansible.builtin.fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
when: ipaadmin_keytab is defined and ipaadmin_password is defined
- name: Install - Set default principal if no keytab is given
- set_fact:
+ ansible.builtin.set_fact:
ipaadmin_principal: admin
when: ipaadmin_principal is undefined and ipaclient_keytab is undefined
@@ -31,11 +31,11 @@
block:
- name: Install - Fail on missing ipaclient_domain and ipaserver_domain
- fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
+ ansible.builtin.fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
when: ipaserver_domain is not defined and ipaclient_domain is not defined
- name: Install - Fail on missing ipaclient_servers
- fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
+ ansible.builtin.fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
when: ipaclient_dns_servers is not defined
- name: Install - Configure DNS resolver
@@ -74,7 +74,7 @@
- block:
- name: Install - Cleanup leftover ccache
- file:
+ ansible.builtin.file:
path: "/etc/ipa/.dns_ccache"
state: absent
@@ -91,12 +91,12 @@
domain: "{{ result_ipaclient_test.domain }}"
- name: Install - Make sure One-Time Password is enabled if it's already defined
- set_fact:
+ ansible.builtin.set_fact:
ipaclient_use_otp: "yes"
when: ipaclient_otp is defined
- name: Install - Disable One-Time Password for on_master
- set_fact:
+ ansible.builtin.set_fact:
ipaclient_use_otp: "no"
when: ipaclient_use_otp | bool and ipaclient_on_master | bool
@@ -112,7 +112,7 @@
- name: Install - Disable One-Time Password for client with working
krb5.keytab
- set_fact:
+ ansible.builtin.set_fact:
ipaclient_use_otp: "no"
when: ipaclient_use_otp | bool and
result_ipaclient_test_keytab.krb5_keytab_ok and
@@ -159,14 +159,14 @@
delegate_to: "{{ result_ipaclient_test.servers[0] }}"
- name: Install - Report error for OTP generation
- debug:
+ ansible.builtin.debug:
msg: "{{ result_ipaclient_get_otp.msg }}"
when: result_ipaclient_get_otp is failed
failed_when: yes
- name: Install - Store the previously obtained OTP
no_log: yes
- set_fact:
+ ansible.builtin.set_fact:
ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword
if result_ipaclient_get_otp.host is defined }}"
@@ -183,7 +183,7 @@
- name: Store predefined OTP in admin_password
no_log: yes
- set_fact:
+ ansible.builtin.set_fact:
ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
ipaadmin_password: "{{ ipaclient_otp }}"
when: ipaclient_otp is defined
@@ -198,11 +198,11 @@
# result_ipaclient_join.already_joined)))
- name: Install - Check if principal and keytab are set
- fail: msg="Admin principal and client keytab cannot be used together"
+ ansible.builtin.fail: msg="Admin principal and client keytab cannot be used together"
when: ipaadmin_principal is defined and ipaclient_keytab is defined
- name: Install - Check if one of password or keytabs are set
- fail: msg="At least one of password or keytabs must be specified"
+ ansible.builtin.fail: msg="At least one of password or keytabs must be specified"
when: not result_ipaclient_test_keytab.krb5_keytab_ok
and ipaadmin_password is undefined
and ipaadmin_keytab is undefined
@@ -210,7 +210,7 @@
when: not ipaclient_on_master | bool
- name: Install - Purge {{ result_ipaclient_test.realm }} from host keytab
- command: >
+ ansible.builtin.command: >
/usr/sbin/ipa-rmkeytab
-k /etc/krb5.keytab
-r "{{ result_ipaclient_test.realm }}"
@@ -254,17 +254,17 @@
- block:
- name: krb5 configuration not correct
- fail:
+ ansible.builtin.fail:
msg: >
The krb5 configuration is not correct, please enable allow_repair
to fix this.
when: not result_ipaclient_test_keytab.krb5_conf_ok
- name: IPA test failed
- fail:
+ ansible.builtin.fail:
msg: "The IPA test failed, please enable allow_repair to fix this."
when: not result_ipaclient_test_keytab.ping_test_ok
- name: ca.crt file is missing
- fail:
+ ansible.builtin.fail:
msg: >
The ca.crt file is missing, please enable allow_repair to fix this.
when: not result_ipaclient_test_keytab.ca_crt_exists
@@ -411,11 +411,11 @@
always:
- name: Install - Restore original admin password if overwritten by OTP
no_log: yes
- set_fact:
+ ansible.builtin.set_fact:
ipaadmin_password: "{{ ipaadmin_orig_password }}"
when: ipaclient_use_otp | bool and ipaadmin_orig_password is defined
- name: Cleanup leftover ccache
- file:
+ ansible.builtin.file:
path: "/etc/ipa/.dns_ccache"
state: absent
diff --git a/roles/ipaclient/tasks/main.yml b/roles/ipaclient/tasks/main.yml
index 9824eaf4..7bd774c7 100644
--- a/roles/ipaclient/tasks/main.yml
+++ b/roles/ipaclient/tasks/main.yml
@@ -2,7 +2,7 @@
# tasks file for ipaclient
- name: Import variables specific to distribution
- include_vars: "{{ item }}"
+ ansible.builtin.include_vars: "{{ item }}"
with_first_found:
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
@@ -17,9 +17,9 @@
- "{{ role_path }}/vars/default.yml"
- name: Install IPA client
- include_tasks: install.yml
+ ansible.builtin.include_tasks: install.yml
when: state|default('present') == 'present'
- name: Uninstall IPA client
- include_tasks: uninstall.yml
+ ansible.builtin.include_tasks: uninstall.yml
when: state|default('present') == 'absent'
diff --git a/roles/ipaclient/tasks/uninstall.yml b/roles/ipaclient/tasks/uninstall.yml
index 7165f2ea..2b2996a9 100644
--- a/roles/ipaclient/tasks/uninstall.yml
+++ b/roles/ipaclient/tasks/uninstall.yml
@@ -2,7 +2,7 @@
# tasks to uninstall IPA client
- name: Uninstall - Uninstall IPA client
- command: >
+ ansible.builtin.command: >
/usr/sbin/ipa-client-install
--uninstall
-U
@@ -17,6 +17,6 @@
when: ipaclient_cleanup_dns_resolver | bool
#- name: Remove IPA client package
-# package:
+# ansible.builtin.package:
# name: "{{ ipaclient_packages }}"
# state: absent
--
GitLab