Public and private key files were created but not removed when testing
the Vault module. This was fixed by adding a task to remove them to
Vault's env_cleanup playbook.

This patch adds Ansible tasks to create and remove self-signed
certificates, instead of using previously created certificates.
The certificates are then `lookup`, instead of being used inline
in the playbooks.

Playbooks are easier to read and maintain with this changes, and
there is no need  to change the playbooks, if a certificate expires.

Fix module documentation

ansible-doc is reporting several issues in modules. Most of them have benn
due to misspelled description key word or due to use of multi line text
without the | in the description line.

ipa[server,replica,client]: Fix moved sysrestore and is_ipa_configured

https://pagure.io/freeipa/issue/8458 moved more things to the ipalib and
ipalib.facts:

- sysrestore has been moved from ipalib.install to ipalib
- is_ipa_configured has been moved from ipaserver.install.installutils to
  ipalib.facts

Fixes: #394 (TASK [ipaclient : Install - IPA client test] Error: module
                  'ipalib.install.sysrestore' has no attribute
                  'SYSRESTORE_STATEFILE')

ipa[server,replica,client]: Drop deactivated Python2/3 test

ipa[server,replica]: New variables to set firewalld zone

These tests have been deactivated for some time with b51397eb and are
removed now.

The new variables ipa[server,replica]_firewalld_zone have been added to
be able to set the zone in which the needed services for IPA are enabled.

New tasks have been added to check if the zone is available in the runtime
and also permamanet environment.

The code to enable firewalld has been moved out of thee
ipa[server,replica]_install_packages blocks to make sure that the firewalld
service is also enabled if the package is already installed.

Fixes: issue #177 (How to set up firewalld zones?)

Added helpers to config tests for execution on idm-ci

Fixed log of vault data return when retrieving to a file.

When retrieving data from a vault using `out` to store the data in a
file resulted is random characters being returned and logged. These
characters could generate a traceback print from Ansible's logger,
without breaking the script.

The reason for that is that the result from `vault_retrive` was being
processed when it was not needed, and data was beeing returned, when
it shouldn't.

This patch fixes this behavior by supressing the return data when `data`
is not available, and only raising an error if it should be available.

ipaserver/module_utils/ansible_ipa_server: IPA_MODULES moved to ipalib.facts

New privilege management module

There is a new privilege management module placed in the plugins folder:

    plugins/modules/ipaprivilege.py

The privilege module allows to ensure presence or absence of privilege
and manage privilege permission memebers.

Here is the documentation for the module:

    README-privilege.md

New example playbooks have been added:

    playbooks/privilege/privilege-absent.yml
    playbooks/privilege/privilege-member-absent.yml
    playbooks/privilege/privilege-member-present.yml
    playbooks/privilege/privilege-present.yml

New tests for the module:

    tests/privilege/test_privilege.yml

tests/user/test_users_present_slice.yml: Fix missing users.json

users.json is generated for the tests and not part of the repo any more.
This test was lacking the include to generate the file.

Related to: b7e1a99b
            tests/user/test_users*.yml: Use extended dynamic users.json

added trust module and docs

IPA_MODULES has been moved from ipaserver.install.installutils to
ipalib.facts with https://pagure.io/freeipa/issue/8458

There is a new trust management module placed in the plugins folder:
plugins/modules/trust.py
The trust module allows to ensure presence and absence of trusts.

Here is the documentation for the module:
README-trust.md

New example playbooks have been added:
playbooks/trust/add-trust.yml
playbooks/trust/del-trust.yml
New tests added for the module:
tests/hbacrule/test_trust.yml

Add missing example playbooks for dnsforwardzone module.

Add support for ansible-lint and yamllint as Github actions.

In order to run the tests in idm-ci we need to configure the our pytest
tests environment variables. This PR configures that automatically if an
environment variable TWD is available and $TWD/config exists.

The scprit `lint_check.sh` under utils runs the same linters as the
Github Actions, with the same configuration.

The changes on setup.cfg are required if flake8-docstrings is used,
so its output is the same as pydocstlye.

This patch disables execution of Python lintes on Azure pipelines, as
they are now executed through Github Actions.

Flake8 and Pydocstyle were already being used as checks on Azure
pipelines, and this change enable the use of both as Github actions
run on every push (on any fork) end every pull-request.

I uses `rjeffman/python-lint-action` to run both linters using the
project's configuration.

Ansible best practice is to not use `latest` for the `package` module
state. As we want to use it in the case of nss, this change will
disable checking for this case.

By running yamllint we add one more verification of quality to the
playbooks used on/provided by ansible-freeipa, that will be executed
on every push (even on forks) or pull-requests.

This patch provides the configuration needed to run yamllint on
the playbooks found in the `tests`, `playbooks` and `molecule`
directories, on every push or pull-request done on Github, using
ibiqlik/action-yamllint action version `v1`.

The current configuration for yamllint has many rules disable, so
the problems found can be fixed later. All rules after the comment
`# Disabled rules` should be enabled in the near future.

By running ansible-lint we check if playbooks provided in
ansible-freipa follow Ansible's best practices, nd the verification
will be performed on every push (even on forks) or pull-request.

This patch provides the configuration needed to run ansible-lint
to the playbooks found in the `tests`, `playbooks` and `molecule`
directories, on every push or pull-request done on Github, using
Ansible's Github Action ansible/ansible-lint-action.

The host's module example playbooks had syntax errors that prevented
its execution. The tasks were described as dicts rather than lists.

Fix indentation in example usage of name_from_ip

Fix host's module managedby_host playbooks.

Update README-dnszone.md

Fix indentation in example usage of name_from_ip

Added ability to add pytest tests

Until now ansible-freeipa repository only had playbook tests. This
commit introduces the ability of creating TestCase classes connected to
the master host. This connection can be used to run commands in the
managed host after the ansible playbook execution is the allowing the
verification of the machine state.

The host's module example playbooks had syntax errors that prevented
its execution. The tasks were described as dicts rather than lists.

Add commonly used virtual environment paths to gitignore.