When running the tests that can be executed either on server or client
context, without defining 'ipa_context', the context is automatically
identified.

Currently, the tests in upstream CI run only on a server, and the
context is identified as "server" context, and in order to run the test
using a client context 'ipa_context' must be set to 'client'.

This patch fixes all the client context tests by correctly setting
ipa_context when running the client context tests in a server host.

Some tests for ipahost and ipauser modules, related to certificates
had the verification part disabled. This patch enable these
verifications.

This patch fixes yamllint's "line too long" (line-lenght) warnings
by ensuring all lines in YAML files have, at most, 160 characters.

If a line cannot be written as a multiline block, line-length rule
evaluation is disabled for the specific line, both on yamllint and
on ansible-lint.

This patch adds 'name' to all test playbook tasks that did not
have it, fixing ansible-lint's error 'unnamed-task'.

Update user README file and add tests for executing plugin with
`ipaapi_context` set to `client`.

A new test playbook can be found at:

    tests/user/test_user_client_context.yml

The new test file can be executed in a FreeIPA client host that is
not a server. In this case, it should be defined in the `ipaclients`
group, in the inventory file.

json_query is not part of Ansible Core. As this is the only used module
that is not in Core it has been replaced by constructig a new dict with
the needed user names from users dict using a loop and set_fact.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For the "Duplicate names in users failure test" failed_when: not
result.failed has been added as this test needs to fail.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

For failed_when result.failed should be used to make sure that
the task fails if there was an error.

Fixed also "User test cert members present again" task, it was failing
due to also having first and last parameters with action: member.

The file lookup is by default setting `rstrip=True` which could lead
into a stripped new line. This is not happening always but resulted in
failed tests sometimes with certificates pasted to the b64encode filter.

For calls of lookup in the certificae tests `rstrip=False` has been
added to make sure that this is not happening any more. Not in
test_dnsrecord as lookup(..., rstrip=False) is adding a new line if
there was not a new line and this is an issue for dnsrecord. The user
and host tests have also been simplified to create the base64 encoded
file in the beginning and use this file then later on in the tests
without the need to use the b64encode filter.

Ref: https://github.com/ansible/ansible/issues/57521#issuecomment-502238000

This patch adds Ansible tasks to create and remove self-signed
certificates, instead of using previously created certificates.
The certificates are then `lookup`, instead of being used inline
in the playbooks.

Playbooks are easier to read and maintain with this changes, and
there is no need  to change the playbooks, if a certificate expires.

users.json is generated for the tests and not part of the repo any more.
This test was lacking the include to generate the file.

Related to: b7e1a99b
            tests/user/test_users*.yml: Use extended dynamic users.json

test_users_absent.yml was using users_absent.json. It has been adapted to
use users.json instead with an additional json_query to get only the names
from users_present.json.

create_users_json.yml has been added to create users.json if it is missing
containing 500 users. It is included by test_users_present.yml and
test_users_absent.yml.

users_present.sh has been renamed to users.sh and modified to create by
default users.json with 1000 users and additional with password and
passwordexpiration in two years.

jmespath has been added to pip install list in
tests/azure/templates/playbook_tests.yml to emable the use of json_query.

The requirement for jmespath has been added to tests/README.md.

It was possible to have several entries for names with the hosts and users
lists. This resulted sometimes in errors but also unexpected changes. A new
check has been added to make sure that the names in the users and hosts
lists are unique.

New tests have been added to verify this in the existing files:
- tests/host/test_hosts.yml
- tests/user/test_users.yml

certmapdata was not processed properly. The certificate was not loaded and
therefore the `issuer` and `subject` could not be compared to the
certmapdata entries in the user record. The function `load_cert_from_str`
from ansible_freeipa_moduleis used for this.

Additionally there was no way to use the certmapdata data format. This
is now possible with the `data` option in the certmapdata dict.

Example: "data: X509:<I>dc=com,dc=example,CN=ca<S>dc=com,dc=example,CN=test"

`data` may not be used together with `certificate`, `issuer` and `subject`
in the same record.

Given certmapdata for the ipauser module is now converted to the internal
data representation using also the new function `DN_x500_text` from
`ansible_freeipa_module`.

New functions `convert_certmapdata` and `check_certmapdata` have been added
to ipauser.

tests/user/certmapdata/test_user_certmapdata.yml has been extended with
additional tasks to verify more complex issuer and subjects and also using
the data format.

Because of a missing check member attributes (for use with action: member)
are cleared when a non-member attribute is changed. The fix simply adds a
check for None (parameter not set) to gen_add_del_lists in
ansible_freeipa_module to make sure that the parameter is only changed if
it should be changed.

All places where the add and removal lists have been generated manually
have been changed to also use gen_add_del_lists.

Resolves: #252 (The "Manager" attribute is removed when updating any user
                attribute)

The tests have been using MyPassword123 and also SomeADMINpassword within
the tasks of the tests. SomeADMINpassword should be used everywhere.

Most tests have simply been using the Tests as name, but this there is a
lack of information in automated runs. The name should be similar to the
test file name.

The random password is only returned if random is yes and user did not exist
or update_password is yes.

If only one user is handled by the module, the returned dict is containing
this dict:

  { "randompassword": "<the user random password>" }

If several users are handled by the module:

  { "<user>": { "randompassword": "<the user random password>" } }

This is related to issue #134 (ipahost does not return the random password)

The ipauser module now supports all user settings and additionally to ensure
the presence of several users with the new users setting. The users setting
can also be used with other states, but it has to be limited to only contain
the name of the users.

There updated user management module is placed in the plugins folder:

  plugins/modules/ipauser.py

The user module now additionally allows to handle these user settings:

  initials
  principalexpiration
  random
  city
  userstate
  postalcode
  mobile
  pager
  fax
  orgunit
  manager
  carlicense
  sshpubkey
  userauthtype
  userclass
  radius
  radiususer
  departmentnumber
  employeenumber
  employeetype
  preferredlanguage
  certificate
  certmapdata
  noprivate
  nomembers

Here is the updated documentation for the module:

  README-user.md

New example playbooks have been added:

  playbooks/user/user_certificate_absent.yml
  playbooks/user/user_certificate_present.yml
  playbooks/user/user_present.yml
  playbooks/user/users_absent.yml
  playbooks/user/users_certificate_absent.yml
  playbooks/user/users_certificate_present.yml
  playbooks/user/users_present.yml
  plugins/modules/ipauser.py

New tests added for ipauser:

  tests/user/certificate/cert1.der
  tests/user/certificate/cert1.pem
  tests/user/certificate/cert2.der
  tests/user/certificate/cert2.pem
  tests/user/certificate/cert3.der
  tests/user/certificate/cert3.pem
  tests/user/certificate/private1.key
  tests/user/certificate/private2.key
  tests/user/certificate/private3.key
  tests/user/certificate/test_user_certificate.yml
  tests/user/certificate/test_users_certificate.yml
  tests/user/certmapdata/test_user_certmapdata.yml
  tests/user/certmapdata/test_user_certmapdata_issuer_subject.yml
  tests/user/certmapdata/test_users_certmapdata.yml
  tests/user/test_user.yml
  tests/user/test_users.yml
  tests/user/test_users_absent.yml
  tests/user/test_users_invalid_cert.yml
  tests/user/test_users_present.yml
  tests/user/test_users_present_slice.yml
  tests/user/users_absent.json
  tests/user/users_absent.sh
  tests/user/users_present.json
  tests/user/users_present.sh