- Sep 14, 2023
-
-
Thomas Woerner authored
The use of del os.environ assumes that the environment variable exists. If the variable does not exist, this call will result in a traceback. The solution is to use os.environ.pop(VARIABLE, None) instead. This is the ansible-freeipa fix for https://pagure.io/freeipa/issue/9446 (Nightly test failure for replica installation with --setup-ca)
-
- Jun 05, 2023
-
-
Rafael Guterres Jeffman authored
If server FQDN matches the domain name, the installation will succeed, but DNS records will not work. If 'setup_dns: true' is used, there will be no A record for the host, only a NS record, and the PTR record will point to the domain name. Based on: https://github.com/freeipa/freeipa/pull/6853 Related to: https://pagure.io/freeipa/issue/9003
-
- May 05, 2023
-
-
Thomas Woerner authored
random_serial_numbers was missing the default value in the DOCMENTATION section.
-
Thomas Woerner authored
Automatic field numbering specification is not allowed by ansible-test.
-
- Apr 04, 2023
-
-
Rafael Guterres Jeffman authored
Since FreeIPA version 4.10 it is possible to deploy servers that use Random Serial Number v3 support for certificates. This patch exposes the 'random_serial_numbers' parameter, as 'ipaserver_random_serial_numbers', allowing a user to have random serial numbers enabled for the domain. The use of random serial numbers is allowed on new installations only.
-
- Mar 28, 2023
-
-
Thomas Woerner authored
New variables have been added to ipareplica and ipaserver role to enable the removal from the domein with the undeployment. `ipaserver_remove_from_domain` This enables the removal of the server from the domain additionally to the undeployment. `ipaserver_remove_on_server` The value defines the server/replica in the domain that will to be used to remove the server/replica from the domain if `ipaserver_ignore_topology_disconnect` and `ipaserver_remove_from_domain` are enabled. Without the need to enable `ipaserver_ignore_topology_disconnect`, the value will be automatically detected using the replication agreements of the server/replica. For the replica role it is possible to use the server variables, but also the replica versions: `ipareplica_remove_from_domain` and `ipareplica_remove_on_server`. The already existing parameters `ipaserver_ignore_topology_disconnect` and `ipaserver_ignore_last_of_role` have been added to the README files for server and replica with descriptions. The same for the replica versions of the parameters. The ipareplica role is not calling the `ipa-server-install` anymore, it is instead using (including) the server role for the task. The new module `ipaserver_get_connected_server` has been added to the server role to be able to get a connected server using the replication agreements. This module is only used if `ipaserver_ignore_topology_disconnect` is not needed.
-
- Nov 14, 2022
-
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` - `choices` needs to match `argument_spec` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` - `choices` needs to match `argument_spec` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `type: list` needs to be set for list parameters - `elements: str` needs to be given for list of string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `default` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters - `elements='str'` needs to be added to all list of string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` RETURN section - `type: str` needs to be used for string parameters argument_spec - `type='str'` needs to be set for string parameters supports_check_mode is turned off as it is not supported. A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
Thomas Woerner authored
ansible-test with ansible-2.14 is adding a lot of new tests to ensure that the documentation section and the agument spec is complete. Needed changes: DOCUMENTATION section - `type: str` needs to be set for string parameters - `required` tags need to be fixed according to the `argument_spec` - `type` tag needs to match `argument_spec` - `author` needs to be given with the github user also: `Name (@user)` argument_spec - `type='str'` needs to be set for string parameters A call to ansible_ipa_server.check_imports has been added to check for import errors. The `copyright` date is extended with `-2022`.
-
- Aug 30, 2022
-
-
Thomas Woerner authored
The idstart needs to be larger than UID_MAX or GID_MAX from /etc/login.defs. This is "Require idstart to be larger than UID_MAX" for freeipa. Fixes: #896 (Invalid RID/SID SSSD backtrace after deployment)
-
- Aug 26, 2022
-
-
Thomas Woerner authored
Before "short description" was used in most plugins, modules and also in the new module templates. ansible-doc was therefore not showing the short description. To fix the issue the flag was renamed to short_description instead. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2121362 'ansible-doc' -l lists most idm modules as 'UNDOCUMENTED'
-
- Jul 27, 2022
-
-
Thomas Woerner authored
The SID is always generated in the command line installers in newer IPA versions. This also needs to be done in the ipaserver and ipareplica roles. For the IPA versions that are supporting this, the adtrust setup is always executed to generated the SIDs, but only configures AD trust if ipaserver_setup_adtrust or ipareplica_setup_adtrust is also enabled. A check has been added to ipaserver_test and ipareplica_test to only enable the SID generation for the IPA versions supporting this. This is related to https://pagure.io/freeipa/8995 Fixes: - https://bugzilla.redhat.com/show_bug.cgi?id=2110478 - https://bugzilla.redhat.com/show_bug.cgi?id=2110491
-
- Jul 25, 2022
-
-
Thomas Woerner authored
The option _random_serial_numbers was using with the wrong type in ipaserver_setup_ca.py and ipareplica_setup_ca.py. Therefore RSN was always enabled. Fixes: - https://bugzilla.redhat.com/show_bug.cgi?id=2110523 - https://bugzilla.redhat.com/show_bug.cgi?id=2110526
-
- Jul 06, 2022
-
-
Thomas Woerner authored
Python 3.11 dropped compat inspect.getargspec. As the roles and modules need to support Python2 and Python3, the code for getargspec has been copied from Python 3.10 and is added as a fallback as soon as getargspec can not be imported from inspect. The copied getargspec is using getfullargspec internally. Fixes: #855 (Python's inspect.getargspec was removed in version 3.11)
-
Thomas Woerner authored
With the support for Random Serial Numbers v3 in FreeIPA 4.10, the attribute random_serial_numbers has been added to the installer options. options._random_serial_numbers is generated by ca.install_check and later used by ca.install in the _setup_ca module. ca.install_check is using options.random_serial_numbers and generating options._random_serial_numbers which is later used by ca.install in ca.install the _setup_ca module. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2103928 https://bugzilla.redhat.com/show_bug.cgi?id=2103924
-
- Jan 13, 2022
-
-
Thomas Woerner authored
ERROR: Found 6 pylint issue(s) which need to be resolved: ERROR: plugins/modules/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/library/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:333:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:348:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:361:12: invalid-name: Variable name "ip" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:364:12: invalid-name: Variable name "e" doesn't conform to snake_case naming style e has been replaced with err, ds with _ds, ip with _ip.
-
- Jan 12, 2022
-
-
Rafael Guterres Jeffman authored
Fix pylint warnings raised by enabling linter on ansible-freeipa roles.
-
- Nov 24, 2021
-
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
- Nov 25, 2020
-
-
Thomas Woerner authored
The common_check function in the replica installer code has been changed for the new memory checker code. With this the server and replica command line installers got the option --skip-mem-check. The server and replica role now also support the memory cheker and there are new variables for server and replica: ipaserver_mem_check - for ipaserver ipareplica_mem_check - for ipaserver These bool values default to yes and can be turned off in the inventory or playbook if needed. Related to freeipa PR https://pagure.io/freeipa/issue/8404 (Detect and fail if not enough memory is available for installation) Fixes: #450 (IPA Replica Installation Fails)
-
- Jun 15, 2020
-
-
Thomas Woerner authored
The ca-less PR introduced a bug when http_ca_cert is not set. The test for loading the certificate is testing for None, but the string will only be empty in this case. Related: #298 (Install server and replicas without CA)
-
- Jun 03, 2020
-
-
Thomas Woerner authored
With the encoded _http_ca_cert from ipaserver_test it is possible to revert back to the IPA upstream code to write the pkcs12 http certificates. The passed _http_ca_cert only needs to be decoded with decode_certificate.
-
Thomas Woerner authored
The function load_pkcs12 should not be skipped to verify the given certificates. After the certificates have been verified and the temporary certificate copies have been generated, these files are copied to /etc/ipa/.tmp_pkcs12_* as the temporary files will simply be removed as soon as the file descriptors have been closed. Additionally the [http,dirsrv,pkinit]_pkcs12_info is recreated to point to the copied temporary files. With this revertion the need to change other modules has been rediced to the minium, the IPA upstream code can simply be used. The passed back certificates [http,dirsrv,pkinit]_ca_cert are encoded using encode_certificate.
-
Samuel Veloso authored
-
- Mar 30, 2020
-
-
Thomas Woerner authored
The use of "default: idstart+199999" in the description of the idmax parameter was resulting in the galaxy import error: Cannot parse "DOCUMENTATION": mapping values are not allowed here in "<unicode string>", line 52, column 58: ... value for the IDs range (default: idstart+199999) The ":" has simply been removed to fix this issue.
-