- Nov 17, 2020
-
-
Rafael Guterres Jeffman authored
Support namespace and name in utils/build-galaxy-release.sh as args
-
Thomas Woerner authored
The currently used namespace and collection name are hard coded in utils/build-galaxy-release.sh. They can now be defined as args 1 and 2 and default to freeipa and ansible_freeipa..
-
- Nov 16, 2020
-
-
Thomas Woerner authored
Fix ipapermission documentation issue with ansible-doc.
-
Thomas Woerner authored
Add KRA requirement to test documentation.
-
Thomas Woerner authored
Add FreeIPA version check to module_utils.ansible_freeipa_module.
-
Rafael Guterres Jeffman authored
FreeIPA 4.8.7 has introduced bind type 'self' as a valid value, and this PR adds checks so the module fails early if the value is used with an unsupported version. Tests and documentation have been updated to reflect the changes.
-
Rafael Guterres Jeffman authored
Some attribute values are only accepted for specific FreeIPA versions, for example `self` for permission's `bindtype`. Although there are options to check for command and parameter availability, there is no check for verifying if a value should be accepted. This patch add a function to evaluate the target FreeIPA host version, by comparing a giver version to the current installed one. The version evaluation uses Python packaging's version comparision, which is compatible with PEP 440, if available. If not available, it falls back to a string split, that will work for the most common cases, but might fail for versions including strings with `rc` or `dev`, for example.
-
Thomas Woerner authored
Bypass Ansible filtering on data returned by the module.
-
- Nov 13, 2020
-
-
Rafael Guterres Jeffman authored
Fix utils/changelog for merge commits without subject
-
Rafael Guterres Jeffman authored
Due to Ansible filtering out values in the output that might be match values in sensible attributes that have `no_log` set, if a module need to return data to the controller, it cannot rely on `ansible_module.exit_json` if there is a chance that a partial match may occur. See: https://github.com/ansible/ansible/issues/71789 The change provided here uses the same implementation that is used on Ansible's `AnsibleModule.exit_json`, without the data filtering layer, so every attribute with be printed and, therefore, logged by Ansible. This is needed for the Vault module, as we need to return values that are explicit requested by the user and that might, at least partially, match the values in attributes with `no_log` set. Tests that reproduced the issue, and show it was fixed were provided for all Vault types.
-
Thomas Woerner authored
Add support for adding external members to ipagroup.
-
Rafael Guterres Jeffman authored
build-galaxy-release: Galaxyfy READMEs, module EXAMPLES and tests
-
Thomas Woerner authored
Up to now the snippets in the README files, the EXAMPLES in the modules and also the tests playbooks have not been adapted while building the collection. These are the invoved python files: utils/galaxyfy-README.py utils/galaxyfy-module-EXAMPLES.py utils/galaxyfy-playbook.py utils/galaxyfy.py utils/galaxyfy.py provides the function galaxyfy_playbook, which has been extended and is used in galaxyfy-playbook.py, galaxyfy-README.py and galaxyfy-module-EXAMPLES.py.
-
- Nov 09, 2020
-
-
Thomas Woerner authored
There is curently a merge commit without a subject, which leads into a traceback in the changelog script. The merge information provides the commit hash, which is now used to get the subject later on using the generated commits hash.
-
- Nov 06, 2020
-
-
Rafael Guterres Jeffman authored
New backup role
-
Thomas Woerner authored
There is a new backup role in the roles folder: roles/ipabackup This role allows to backup an IPA server, to copy a backup from the server to the controller, to copy all backups from the server to the controller, to remove a backup from the server, to remove all backups from the server, to restore an IPA server locally and from the controller and also to copy a backup from the controller to the server. Here is the documentation for the role: roles/ipabackup/README.md New example playbooks have been added: playbooks/backup-server.yml playbooks/backup-server-to-controller.yml playbooks/copy-backup-from-server.yml playbooks/copy-all-backups-from-server.yml playbooks/remove-backup-from-server.yml playbooks/remove-all-backups-from-server.yml playbooks/copy-backup-to-server.yml playbooks/restore-server-from-controller.yml playbooks/restore-server.yml
-
- Oct 31, 2020
-
-
Rafael Guterres Jeffman authored
The test README only required than DNS support was enabled, but, currently, testing support requires KRA for ipavault.
-
- Oct 29, 2020
-
-
Rafael Guterres Jeffman authored
-
- Oct 28, 2020
-
-
Thomas Woerner authored
Add note about `no_log` use on vault data retrieve.
-
Rafael Guterres Jeffman authored
When using the ipavault module to retrieve stored data, this data is often sensitive, and if `no_log` is not enabled on the playbook, the sensitive data will be logged by Ansible. This change in de documentation, and playbook examples, suggests the use of `no_log: true` when using `state: retrieved` with ipavault.
-
Varun Mylaraiah authored
Fix symmetric vault password change when using password_files.
-
- Oct 23, 2020
-
-
Rafael Guterres Jeffman authored
-
Seth Kress authored
There is a new permission management module placed in the plugins folder: plugins/modules/ipapermission.py The permission module allows to ensure presence of absence of permissions and manage permission members. Here is the documentation for the module: README-permission.md New example plabooks have been added: playbooks/permission/permission-absent.yml playbooks/permission/permission-allow-read-employeenum.yml playbooks/permission/permission-member-absent.yml playbooks/permission/permission-member-present.yml playbooks/permission/permission-present.yml playbooks/permission/permission-renamed.yml New tests for the module: tests/permission/test_permission.yml
-
- Oct 14, 2020
-
-
Rafael Guterres Jeffman authored
This patch add support for adding external members to ipagroup which have the `external` attribute set. It adds another attribute to the module, `external_members`, which is a list of users or groups from an external trust, to be added to the group. This patch requires server-trust-ad to be tested, as such, the tests have been guarded by a test block, for when such tests are available in ansible-freeipa CI. Fixes issue #418
-
- Oct 13, 2020
-
-
Rafael Guterres Jeffman authored
New script utils/changelog
-
Rafael Guterres Jeffman authored
New script utils/ansible-doc-test
-
- Oct 08, 2020
-
-
Thomas Woerner authored
This scrip can be used to generate the changelog text for a new ansible-freeipa release on github. usage: Usage: changelog [options] [<new version>] optional arguments: -h, --help show this help message and exit --tag TAG git tag If the script is used without a givn tag, it will show all the changes since the last tag. If a tag (this can be a also a commit) is given, then all changes since this commit are shown.
-
Thomas Woerner authored
This script can check modules in roles and also plugins folder to have a valid documentation section. It is using anisble-doc internally. usage: Usage: ansible-doc-test [options] [path] optional arguments: -h, --help show this help message and exit -v increase output verbosity There are different verbose levels: -v Shows the modules that are tested at the moment. -vv Shows the modules and also the doc output. You can use the script to check specific modules, roles or modules in roles. Here are some examples: Test specific module with verbose level 1: $ utils/ansible-doc-test -vv plugins/modules/ipauser.py Test all modules in plugins folder: $ utils/ansible-doc-test -v plugins Test ipaserver_prepare.py in ipaserver role: $ utils/ansible-doc-test -v roles/ipaserver/library/ipaserver_prepare.py Test all modules in ipaserver role: $ utils/ansible-doc-test -v roles/ipaserver Test all roles: $ utils/ansible-doc-test -v roles Test all roles and modules in plugins: $ utils/ansible-doc-test -v
-
- Sep 25, 2020
-
- Sep 21, 2020
-
-
Rafael Guterres Jeffman authored
Fix module documentation
-
Thomas Woerner authored
ansible-doc is reporting several issues in modules. Most of them have benn due to misspelled description key word or due to use of multi line text without the | in the description line.
-
- Sep 18, 2020
-
-
Rafael Guterres Jeffman authored
ipa[server,replica,client]: Fix moved sysrestore and is_ipa_configured
-
Thomas Woerner authored
https://pagure.io/freeipa/issue/8458 moved more things to the ipalib and ipalib.facts: - sysrestore has been moved from ipalib.install to ipalib - is_ipa_configured has been moved from ipaserver.install.installutils to ipalib.facts Fixes: #394 (TASK [ipaclient : Install - IPA client test] Error: module 'ipalib.install.sysrestore' has no attribute 'SYSRESTORE_STATEFILE')
-
- Sep 17, 2020
-
-
Rafael Guterres Jeffman authored
When using changing passwords, using password files, the file name was being used as the password, and not its content. This patch fixes the behavior to use the contents of the password file. Tests have been added to ensure the correct behavior.
-
- Sep 09, 2020
-
-
Rafael Guterres Jeffman authored
ipa[server,replica,client]: Drop deactivated Python2/3 test
-
Rafael Guterres Jeffman authored
ipa[server,replica]: New variables to set firewalld zone
-
- Sep 08, 2020
-
-
Thomas Woerner authored
These tests have been deactivated for some time with b51397eb and are removed now.
-
Thomas Woerner authored
The new variables ipa[server,replica]_firewalld_zone have been added to be able to set the zone in which the needed services for IPA are enabled. New tasks have been added to check if the zone is available in the runtime and also permamanet environment. The code to enable firewalld has been moved out of thee ipa[server,replica]_install_packages blocks to make sure that the firewalld service is also enabled if the package is already installed. Fixes: issue #177 (How to set up firewalld zones?)
-
- Sep 04, 2020
-
-
Rafael Guterres Jeffman authored
Added helpers to config tests for execution on idm-ci
-
Thomas Woerner authored
Fixed log of vault data return when retrieving to a file.
-