- Jun 23, 2022
-
-
Rafael Guterres Jeffman authored
New roles for smartcard server and client setup
-
- Jun 22, 2022
-
-
Thomas Woerner authored
There are new smartcard roles in the roles folder: roles/ipasmartcard_server roles/ipasmartcard_client This roles allows to setup smartcard for servers and clients. Here is the documentation for the roles: roles/ipasmartcard_server/README.md roles/ipasmartcard_client/README.md New example playbooks have been added: playbooks/install-smartcard-server.yml playbooks/install-smartcard-replicas.yml playbooks/install-smartcard-servers.yml playbooks/install-smartcard-clients.yml
-
- Jun 21, 2022
-
-
Thomas Woerner authored
idrange: Fix typo in test comments.
-
Thomas Woerner authored
requirements-dev: Update requirements for virtual environments
-
- Jun 17, 2022
-
-
Rafael Guterres Jeffman authored
When developing ansible-freeipa using a Python virtual environment, some ansible-freeipa utility scripts failed to execute due to missing tools. This patch add the required tools and modules to requirements-dev.txt and pin the versions to the same available in Fedora 36.
-
- Jun 15, 2022
-
-
Thomas Woerner authored
Add support to define which playbook tests to execute with pytest.
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
Due to an issue with IPA in Fedora 36, dnsconfig and dnsforwardzone plugin tests must be disabled. See FreeIPA issue: https://pagure.io/freeipa/issue/9158
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
pytest provide the means to skip tests based on patterns, but writing these patterns for ansible-freeipa might not be feasible. This PR allows the selection of playbook tests and modules that will be executed with pytest using the environmentt variables IPA_ENABLED_TESTS IPA_ENABLED_MODULES, IPA_DISABLED_TESTS or IPA_DISABLED_MODULES. When using IPA_ENABLED_MODULES, all modules will be disabled, and only the modules in the enabled list will be tested. If using the test filter, IPA_ENABLED_TESTS, all tests are disabled, unless they are in the enabled test lists. If the IPA_DISABLED_* version is used, tests and modules are enabled by default, and the list is used to disable the module or specific test. To disable a test or module in Azure CI, edit the file `tests/azure/variables` and add the desired tests or modules to the parameter variables `enabled_modules`, 'enabled_tests`, `disabled_tests` or `disable_modules`. Note that, if added to the `master` branch, this will affect the tests for every pipeline that it is include (including 'nightly'), so it should be used with care. It can be used with TEMP commits to enable only the desired tests, speeding up upstream tests.
-
- Jun 14, 2022
-
-
Thomas Woerner authored
Fix ansible-test sanity missing CHANGELOG.rst.
-
Rafael Guterres Jeffman authored
Recent versions of ansible-test require the existence of a CHANGELOG file in the root of the collection. This changes extracts the changes of the latest available release tag using `utils/changelog` and create the CHANGELOG file with the result of the command. The generated changelog will include the changes for the latest release and, if present, the available changes that were not part of a release.
-
Rafael Guterres Jeffman authored
utils/changelog: Fixed --tag option, new --galaxy option
-
Thomas Woerner authored
The --tag TAG option is now printing the changes for the given TAG and not since the given tag. The new option --galaxy is printing the changelog since the latest tag and also for the latest tag. These changes are simplifying the generation of the changelog file that is needed to pass the tests for galaxy and AutomationHub collections.
-
Thomas Woerner authored
Upstream CI updates.
-
- May 23, 2022
-
-
Rafael Guterres Jeffman authored
There were some typos in the idrange test playbook.
-
- May 12, 2022
-
-
Rafael Guterres Jeffman authored
The current ansible-core available in Fedora and RHEL is 2.12 series. This patch sets the version used for every PR CI to match this series. Other versions should be used only in the nightly/weekly tests.
-
Rafael Guterres Jeffman authored
This patch adds the latest ansible-core as a test target in upstream nightl/weekly CI. As, currently, the latest available ansible-core is still 2.12.z, the current ansible-core 2.12 targets were disabled. They should be enabled when ansible-core 2.13 is available.
-
Rafael Guterres Jeffman authored
CentOS 8 images are not supported anymore, and we are using CentOS 8 Stream images. This patch removes all configuration for CentOS 8 and updates test README to point to the available container images.
-
Rafael Guterres Jeffman authored
As Ansible versions might change, and as we don't need to report which version is used on every test, as the information is avaiable in case it is needed, the jobs labels are changed to easier display which image was used for testing.
-
Rafael Guterres Jeffman authored
utils/build-galaxy-release.sh: Add "-i" to install generated collection
-
Thomas Woerner authored
The "-i" option can be used to install the generated collection using the ansible-galaxy collection install command. It is using the force flag to install the collection if there is already a collection with the same name and namespace. The ansible-galaxy collection build command is already using the force flag to create the collection.
-
- Apr 29, 2022
-
-
Thomas Woerner authored
Add support for managing idoverrideusers in ipagroup.
-
Thomas Woerner authored
New idrange management module
-
Thomas Woerner authored
ipaautomountmap: Fix parameter evaluation.
-
- Apr 28, 2022
-
-
Rafael Guterres Jeffman authored
There is a new idrange management module placed in the plugins folder: plugins/modules/ipaidrange.py The idrange module allows to ensure presence and absence of idranges. Here is the documentation of the module: README-idrange.md New example playbooks have been added: playbooks/idrange/idrange-absent.yml playbooks/idrange/idrange-ad-posix-present.yml playbooks/idrange/idrange-ad-present.yml playbooks/idrange/idrange-present.yml New tests for the module can be found at: tests/idrange/test_idrange.yml tests/idrange/test_idrange_client_context.yml
-
- Apr 27, 2022
-
-
Rafael Guterres Jeffman authored
This patch fixes the error messages when an invalid number of 'mapname' are provided for states 'present' or 'absent'.
-
Rafael Guterres Jeffman authored
The usage of 'automountmapname' is required in all automount map IPA API calls, and this change ensures that the value is always set as an argument.
-
Thomas Woerner authored
ipatrust: fix range_type and test enhancement.
-
Rafael Guterres Jeffman authored
The group CLI option `idoverrideusers` was not supported by ansible-freeipa, and this patch adds support to it. Tests require an AD trust, and a user `aduser@ad.ipa.test` to exist, or the user name must be provided (variable, CLI) through `test_ad_user`. A new test playbook was added: tests/group/test_group_idoverrideuser.yml
-
Thomas Woerner authored
module_utils: Fix comparison of elements not in IPA object.
-
Thomas Woerner authored
ipatrust: Set valid choices for trust_type.
-
- Apr 26, 2022
-
-
Rafael Guterres Jeffman authored
The ipatrust module was ignoring the value of `range_type`, which is required to allow for different types of idranges.
-
Rafael Guterres Jeffman authored
This patch applies several changes to the ipatrust test playbook: * Add externally defined parameters so execution in local trust environments can be configured. The available parameters are: * winserver_admin_password: the Administrator password for the AD server (default: 'SomeW1Npassword') * winserver_domain: the AD server domain (default: 'windows.local') * winserver realm: the AD server realm (by default, the uppercase version of winserver_domain) * ipaserver_domain: the FreeIPA server domain (default: 'ipa.test') * ipaserver_realm: the FreeIPA server realm (by default, the uppercase version of ipaserver_domain * Modify trust verification to check for the existence of the trust as it the output of `ipa trust-find`, instead of cheking for the number of items returned, as the number might vary. * Add idempotency tests by re-executing tasks and verifying that no change was performed. * Added tests to verify creation of trusts with different 'range_type'. * Use a Kerberos cache for shell scripts, and destroy it on exit. * Properly remove all `idrange` that might be created upon setting up a trust.
-
Rafael Guterres Jeffman authored
As the task is expected to fail, the AD realm name was modified to show the expected behavior more clearly.
-
Thomas Woerner authored
DNS forward policy: ensure consistency between module parameters.
-
Rafael Guterres Jeffman authored
This patch updates the ipatrust documentation about the 'trust_type' parameter, and changes one password to be similar to the standard passwords used in other modules.
-
Rafael Guterres Jeffman authored
Ensure only valid choices for trust_type ('ad') are available for the module parameter.
-
Rafael Guterres Jeffman authored
This change allows clearing automountmap 'description' attribute by passing an empty string ("") as the playbook parameter. New test cases were added to check this behavior.
-
Rafael Guterres Jeffman authored
Due to a change in 'ansible_freeipa_module.compare_args_ipa', playbook parameters using empty strings are correctly evaluated, and do not need to be removed before comparison is performed. A new test playbook, with tests for clearing attributes with an empty string ("") is available at: tests/user/test_user_empty_lists.yml
-