- Jul 19, 2023
-
-
Rafael Guterres Jeffman authored
Ubuntu does not have a FreeIPA server package since version 20.04. As versions 16.04 (Xenial Xerus) and 18.04 (Bionic Beaver) will be supported by Canonical until 2026 and 2028, repectively, we should keep existing support for both versions in the ipaserver, ipareplica and ipabackup roles until them. This patch changes documentation to reflect that only those versions are supported.
-
- Jul 17, 2023
-
-
Thomas Woerner authored
utils/run-tests.sh: Install Ansible collections on virtual environment
-
Thomas Woerner authored
ipauser: Add support for SMB attributes.
-
- Jul 15, 2023
-
-
Rafael Guterres Jeffman authored
When runing tests using 'utils/run-tests.sh' from inside an existing Python virtual environment the Ansible collections are not installed due to the order of execution of the script. On a machine that does not have the 'containers.*' collection the test fails as there is no container connector available. This patch moves the section that installs Ansible collections to run after the virtual environment is configured, and then install the collections (usually, only 'containers.podman'), allowing the tests to be executed.
-
- Jul 14, 2023
-
-
Rafael Guterres Jeffman authored
Since FreeIPA version 4.8.0 ipauser has support for smb-logon-script, smb-profile-path, smb-home-dir, and smb-home-drive drive attributes. On FreeIPA, these attributes are only available when modifying a user, so if the user defined in the playbook does not exist, two calls to IPA API are executed, a 'user_add' followed by a 'user_mod'. (see https://github.com/freeipa/freeipa/blob/master/doc/designs/adtrust/samba-domain-controller.md A new example playbook can be found at: playbooks/user/smb-attributes.yml A new test playbook can be found at: tests/user/test_user_smb_attrs.yml
-
Thomas Woerner authored
doc: Differentiate location meaning between host and server
-
Rafael Guterres Jeffman authored
Host location and server location have very different meanings in IPA. ipahost uses 'location' as an optional hint to where the host may be physically located, ipaserever uses location to identify which DNS location the server is part of. This change updates documentation to make attribute description more clear. Surrounding text have been changed to match text style as used in other plugins. This patch is related to: https://github.com/freeipa/freeipa/pull/6840
-
Thomas Woerner authored
Fix handling of ipapwpolicy attributes usercheck and dictcheck
-
Thomas Woerner authored
upstream CI: Update ansible-core version
-
Thomas Woerner authored
Remove dependency on 'virtualenv'
-
- Jul 13, 2023
-
-
Rafael Guterres Jeffman authored
'virtualenv' is an external dependency with the same purpose of Python's 'venv' module. This patch removes the external dependency in favor of the readily available package.
-
- Jul 12, 2023
-
-
Thomas Woerner authored
ipauser: Add support for parameter "street"
-
Rafael Guterres Jeffman authored
ipauser plugin was missing user parameter "street". Tests were updated to reflect the new parameter.
-
Thomas Woerner authored
ipauser: Add support to modify GECOS field.
-
- Jul 11, 2023
-
-
Rafael Guterres Jeffman authored
Most of ipapwpolicy parameters can be set to an empty string ("") so that the policy is not applied to pwpolicy. This was not refelected on the documentation. This change adds 'or ""' to all the fields that can be disabled by setting it to an empty string. Also, `data types were reviewed and fixed.
-
Rafael Guterres Jeffman authored
Modified handling of boolean values by using Ansible's 'boolean()' check function so that a string can be used and either a bool value is accepted or an empty string. As the error message was changed to use the same Ansible message, tests were also updated.
-
Rafael Guterres Jeffman authored
Export Ansible's 'boolean' parsing function so it can be used to verify if a string can be handled as a truthy value, allowing module parameters to use strings instead of bools, as strings can be cleared by using empty strings.
-
- Jul 10, 2023
-
-
Rafael Guterres Jeffman authored
This patch adds a new parameter to ipauser, 'gecos', which can be used to set the 'gecos' field of an IPA user. The default behavior of automatically set the GECOS field to "<first> <last>" is not modified, it is only possible to change the field to a custom value. No validation on the value provided is done, as it is with FreeIPA.
-
- Jun 15, 2023
-
-
Rafael Guterres Jeffman authored
Singular to plural on random serial numbers setting
-
Renich Bon Ciric authored
The setting was in singular in the example while being documented in plural form.
-
- Jun 09, 2023
-
-
Rafael Guterres Jeffman authored
ansible-core 2.15 has been released on May 15th, 2023, and version 2.12 has reached EOL on May 22nd, 2023. This patch updates the ansible-core versions used on upstream CI tests to reflect Ansible's new releases.
-
- Jun 07, 2023
-
-
Rafael Guterres Jeffman authored
pwpolicy test: Fix maxsequence test
-
Thomas Woerner authored
The maxsequence test was testing maxrepeat. Therefore the typo reported with https://github.com/freeipa/ansible-freeipa/pull/1081 was never seen. The test has been fixed.
-
Thomas Woerner authored
Fix typo in ipapwpolicy.py
-
Thomas Woerner authored
ipapwpolicy: simplified and faster attribute verification
-
Jacob Cutright authored
The 'maxsequence' attribute was never applied as there was a typo when it was set. By fixing the field name, 'maxsequence' is correclty set. The failure was not seen before due to missing tests. The tests will be added in a separate PR.
-
Thomas Woerner authored
Upstream CI: Disable execution of pytest tests
-
Thomas Woerner authored
Don't allow the FQDN to match the domain on server installs
-
Thomas Woerner authored
ipacert module
-
Rafael Guterres Jeffman authored
Multiple service management
-
Sam Morris authored
There is a new certificate management module placed in the plugins folder: plugins/modules/ipacert.py The certificate module allows to request, revoke, release and retrieve certificates for users, hosts and services. Here is the documentation for the module: README-cert.md New example playbooks have been added: playbooks/cert/cert-hold.yml playbooks/cert/cert-release.yml playbooks/cert/cert-request-host.yml playbooks/cert/cert-request-service.yml playbooks/cert/cert-request-user.yml playbooks/cert/cert-retrieve.yml playbooks/cert/cert-revoke.yml New tests for the module can be found at: tests/cert/test_cert_client_context.yml tests/cert/test_cert_host.yml tests/cert/test_cert_service.yml tests/cert/test_cert_user.yml The module has been co-authored by Sam Morris (@yrro) and Rafael Guterres Jeffman (@rjeffman).
-
Thomas Woerner authored
The tests test_services_absent.yml, test_services_present.yml and test_services_present_slice.yml have been updated to use in memory data for testing instead of loading json files. This made is simpler to use variables from the playbook for example for fqdn host names. New tests for certificates with and without trailing new lines have been added for single service and multiple service handling.
-
Thomas Woerner authored
Denis added the multi service handling code. Therefore he should be listed in the file header.
-
Thomas Woerner authored
Any leading or trailing whitespace is removed while adding the certificates with serive_add_cert. To be able to compare the results from service_show with the given certificates we have to remove the white space also.
-
- Jun 06, 2023
-
-
Denis Karpelevich authored
Adding an option to create multiple services in one go. Adding tests (present/absent/without_skip_host_check) Copied from PR #1054 Signed-off-by:
Denis Karpelevich <dkarpele@redhat.com>
-
- Jun 05, 2023
-
-
Rafael Guterres Jeffman authored
If server FQDN matches the domain name, the installation will succeed, but DNS records will not work. If 'setup_dns: true' is used, there will be no A record for the host, only a NS record, and the PTR record will point to the domain name. Based on: https://github.com/freeipa/freeipa/pull/6853 Related to: https://pagure.io/freeipa/issue/9003
-
- May 30, 2023
-
-
Rafael Guterres Jeffman authored
Make Git ignore temporary and output files.
-
Thomas Woerner authored
upstream CI: Disable ansible-lint var-naming check
-
- May 16, 2023
-
-
Rafael Guterres Jeffman authored
Latest ansible-lint version (6.16.1) started to raise an error when variable names from within roles are not prefixed with the role name. Error: var-naming[no-role-prefix]. As Ansible sanity check does not enforce this, it will be disabled, for now on ansible-freeipa's upstream CI. A future effort to reduce the checks that are not being evaluated should be done as preparation for future Ansible Galaxy and Automation Hub requirements.
-
- May 15, 2023
-
-
Rafael Guterres Jeffman authored
The tests under 'tests/pytests' were a POC to bring tests that evaluate the result of playbook execution on the IPA environment. This is currently only implemented for dnszone tests, and similar test coverage is obtained with other tests. As there is an ongoing issue with Ansible's docker pluging ("the connection plugin 'docker' was not found"), which is stil under investigation, by removing the pytest tests we'll remove the consistent failures currently seen on upstream CI, and will not loose test coverage, specially if we take into account downstream tests. Also, a new version for the pytests will be available once multihost testing is implemented for upstream.
-