- Mar 28, 2023
-
-
Thomas Woerner authored
New variables have been added to ipareplica and ipaserver role to enable the removal from the domein with the undeployment. `ipaserver_remove_from_domain` This enables the removal of the server from the domain additionally to the undeployment. `ipaserver_remove_on_server` The value defines the server/replica in the domain that will to be used to remove the server/replica from the domain if `ipaserver_ignore_topology_disconnect` and `ipaserver_remove_from_domain` are enabled. Without the need to enable `ipaserver_ignore_topology_disconnect`, the value will be automatically detected using the replication agreements of the server/replica. For the replica role it is possible to use the server variables, but also the replica versions: `ipareplica_remove_from_domain` and `ipareplica_remove_on_server`. The already existing parameters `ipaserver_ignore_topology_disconnect` and `ipaserver_ignore_last_of_role` have been added to the README files for server and replica with descriptions. The same for the replica versions of the parameters. The ipareplica role is not calling the `ipa-server-install` anymore, it is instead using (including) the server role for the task. The new module `ipaserver_get_connected_server` has been added to the server role to be able to get a connected server using the replication agreements. This module is only used if `ipaserver_ignore_topology_disconnect` is not needed.
-
- Mar 06, 2023
-
-
Denis Karpelevich authored
This is an ansible-freeipa update for the freeipa RFE: https://pagure.io/freeipa/issue/9159 "`ipa-client-install` should provide option to enable `subid: sss` in `/etc/nsswitch.conf`". This option allows to configure authselect with the sssd profile + with-subid feature, in order to have SSSD setup as a datasource for subid in /etc/nsswitch.conf. The default behavior remains unchanged: without the option, /etc/nsswitch.conf keeps the line subid: files Signed-off-by: Denis Karpelevich <dkarpele@redhat.com>
-
- Jan 12, 2023
-
-
Rafael Guterres Jeffman authored
ansible-lint warns if Jinja2 templates are not used as the last item in a task name.
-
Rafael Guterres Jeffman authored
ansible-lint warns if set_fact sets a variable where the name is used or can be as a parameter for the role.
-
- Jan 11, 2023
-
-
Rafael Guterres Jeffman authored
ansible-lint warns if 'warn' key is used before block and always keys.
-
Rafael Guterres Jeffman authored
This patch fixes ansible-lint warns on jinja2 template spacing in roles
-
Rafael Guterres Jeffman authored
ansible-lint warns if version strings are used as numbers instead fo strings.
-
Thomas Woerner authored
yamllint is failing for unnamed tasks. All block and include_tasks tasks are now named.
-
- Dec 20, 2022
-
-
Thomas Woerner authored
Use Fully Qualified Collection Name (FQCN) for ansible builtins. This is ansible.builtin.set_fact instead of set_fact for example and aplies for all actions that are part of ansible.builtin. All the replaced ansible.builtins: assert, command, copy, debug, fail, fetch, file, import_playbook, import_tasks, include_role, include_tasks, include_vars, package, set_fact, shell, slurp, stat, systemd
-
- Nov 14, 2022
-
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` - `choices` needs to match `argument_spec` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` - `choices` needs to match `argument_spec` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` RETURN section - `type: str` needs to be used for string parameters argument_spec - `type='str'` needs to be set for string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
All imports that are only available after installing IPA need to be in a try exception clause to be able to pass the fake execution test. The old workaround "if 'ansible.executor' in sys.modules:" is not working with this test anymore. If the imports can not be done, all used and needed attributes are defines with the value None. The new function check_imports has been added to fail with module.fail_json if an import exception occured and ANSIBLE_IPA_SERVER_MODULE_IMPORT_ERROR is not None. This function needs to be called in all modules. The `copyright` date is extended with `-2022`.
-
- Nov 11, 2022
-
-
Rafael Guterres Jeffman authored
This patch modifies the way that the certificate load function is defined, depending on the dependency version, so that the resulting identifier for the function is always set and static analysis tools, like linters don't complain about variables being used before being set. The same idiom is applied to both the ipaclient role and the plugins ansible_module_utils.
-
- Sep 05, 2022
-
-
Thomas Woerner authored
In some cases ipa code is using sys.stdout.isatty. As stdout is mapped to AnsibleModuleLog this call will lead in a traceback as it was not defined. The staticmethod isatty has been added to AnsibleModuleLog in ipaserver role module_utils/ansible_ipa_server.py and in ipareplica role module_utils/ansible_ipa_repica.py. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2120415 ansible-freeipa Replica Install Setup DNS fails Fixes: #251 - 'AnsibleModuleLog' object has no attribute 'isatty' Fixes: #117 - 'AnsibleModuleLog' object has no attribute 'isatty'
-
- Aug 30, 2022
-
-
Thomas Woerner authored
The idstart needs to be larger than UID_MAX or GID_MAX from /etc/login.defs. This is "Require idstart to be larger than UID_MAX" for freeipa. Fixes: #896 (Invalid RID/SID SSSD backtrace after deployment)
-
- Aug 29, 2022
-
-
Thomas Woerner authored
The client part installation is checking for the client packages. These packages are part of the server packages that have been installed with the server role and therefore the task is not needed. This is helping to reduce the deployment time of a server.
-
- Aug 26, 2022
-
-
Thomas Woerner authored
Before "short description" was used in most plugins, modules and also in the new module templates. ansible-doc was therefore not showing the short description. To fix the issue the flag was renamed to short_description instead. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2121362 'ansible-doc' -l lists most idm modules as 'UNDOCUMENTED'
-
- Jul 27, 2022
-
-
Thomas Woerner authored
The SID is always generated in the command line installers in newer IPA versions. This also needs to be done in the ipaserver and ipareplica roles. For the IPA versions that are supporting this, the adtrust setup is always executed to generated the SIDs, but only configures AD trust if ipaserver_setup_adtrust or ipareplica_setup_adtrust is also enabled. A check has been added to ipaserver_test and ipareplica_test to only enable the SID generation for the IPA versions supporting this. This is related to https://pagure.io/freeipa/8995 Fixes: - https://bugzilla.redhat.com/show_bug.cgi?id=2110478 - https://bugzilla.redhat.com/show_bug.cgi?id=2110491
-
- Jul 25, 2022
-
-
Thomas Woerner authored
The option _random_serial_numbers was using with the wrong type in ipaserver_setup_ca.py and ipareplica_setup_ca.py. Therefore RSN was always enabled. Fixes: - https://bugzilla.redhat.com/show_bug.cgi?id=2110523 - https://bugzilla.redhat.com/show_bug.cgi?id=2110526
-
- Jul 06, 2022
-
-
Thomas Woerner authored
Python 3.11 dropped compat inspect.getargspec. As the roles and modules need to support Python2 and Python3, the code for getargspec has been copied from Python 3.10 and is added as a fallback as soon as getargspec can not be imported from inspect. The copied getargspec is using getfullargspec internally. Fixes: #855 (Python's inspect.getargspec was removed in version 3.11)
-
Thomas Woerner authored
With the support for Random Serial Numbers v3 in FreeIPA 4.10, the attribute random_serial_numbers has been added to the installer options. options._random_serial_numbers is generated by ca.install_check and later used by ca.install in the _setup_ca module. ca.install_check is using options.random_serial_numbers and generating options._random_serial_numbers which is later used by ca.install in ca.install the _setup_ca module. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2103928 https://bugzilla.redhat.com/show_bug.cgi?id=2103924
-
- Jul 05, 2022
-
-
Thomas Woerner authored
With ansible-2.13 it is required to use jinja for list concatenation. list: "[] + ['a'] + ['b']" needs to become list: "{{ [] + ['a'] + ['b'] }}" copy_external_cert.yml needed to be changed.
-
- Jan 13, 2022
-
-
Thomas Woerner authored
ERROR: Found 6 pylint issue(s) which need to be resolved: ERROR: plugins/modules/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/library/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:333:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:348:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:361:12: invalid-name: Variable name "ip" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:364:12: invalid-name: Variable name "e" doesn't conform to snake_case naming style e has been replaced with err, ds with _ds, ip with _ip.
-
- Jan 12, 2022
-
-
Rafael Guterres Jeffman authored
Fix pylint warnings raised by enabling linter on ansible-freeipa roles.
-
- Dec 10, 2021
-
-
Rafael Guterres Jeffman authored
Recently added Ubuntu configuration filesi for roles miss document start marker.
-
- Nov 29, 2021
-
-
Rafael Guterres Jeffman authored
Ubuntu Bionic Beaver must use python2 as Python interpreter due to the way python-ipalib package is defined. Before using the role for installation, one must install package python2.7 before executing this role. Based on the work by Manuel Laurent (@mlaurent205 on Github).
-