- Jul 06, 2022
-
-
Thomas Woerner authored
Fix handling of boolean values for FreeIPA 4.9.10+
-
Rafael Guterres Jeffman authored
Provide own getargspec for roles and modules with Python 3.11
-
Rafael Guterres Jeffman authored
Evaluating boolean values output by FreeIPA must use regular expressions to handle both "TRUE/FALSE" and "True/False".
-
Rafael Guterres Jeffman authored
Checking if some output is present or absent from standard streams was done by simple string searching. Due to recent changes in FreeIPA, this search is not effective due to capitalization differences in boolean values output. Changing the string searching to regular expression searches fixes this behavior for current and previous versions of FreeIPA. This patch also adds more information on the assert tests in case of an error, so that it is easier to understand why the test failed.
-
Rafael Guterres Jeffman authored
The fallback function used to compare IPA versions was spliting the version string into a tuple of strings, and the comparison of the tuple would fail if comparing a field with one digit aginst a two-digit one, for example, '8' with '10', as the string comparison would put '10' before the '8'. This patch forces the version fields to be converted to integers, so a numerical comparison will be performed. If a version string field cannot be converted to a number, than the string comparison will still be used.
-
Rafael Guterres Jeffman authored
FreeIPA 4.9.10+ and 4.10 use proper mapping for boolean values, and only searching for "TRUE" does not work anymore. This patch fix ipadnszone plugin and IPAParamMapping class handling of boolean values.
-
Rafael Guterres Jeffman authored
tests/server/test_server.yml: Fix generation of ipaserver_domain
-
Rafael Guterres Jeffman authored
ipaserver,ipareplica: Add random_serial_numbers to options
-
Thomas Woerner authored
The generation of ipaserver_domain has issues: At first ansible_facts['hostname'] instead of ansible_facts['fqdn'] is used and second the first entry after the split operation is used and third the final join is missing.
-
Thomas Woerner authored
Python 3.11 dropped compat inspect.getargspec. As the roles and modules need to support Python2 and Python3, the code for getargspec has been copied from Python 3.10 and is added as a fallback as soon as getargspec can not be imported from inspect. The copied getargspec is using getfullargspec internally. Fixes: #855 (Python's inspect.getargspec was removed in version 3.11)
-
Thomas Woerner authored
With the support for Random Serial Numbers v3 in FreeIPA 4.10, the attribute random_serial_numbers has been added to the installer options. options._random_serial_numbers is generated by ca.install_check and later used by ca.install in the _setup_ca module. ca.install_check is using options.random_serial_numbers and generating options._random_serial_numbers which is later used by ca.install in ca.install the _setup_ca module. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2103928 https://bugzilla.redhat.com/show_bug.cgi?id=2103924
-
- Jul 05, 2022
-
-
Rafael Guterres Jeffman authored
ipaserver: Use jinja for list concatenation
-
Thomas Woerner authored
With ansible-2.13 it is required to use jinja for list concatenation. list: "[] + ['a'] + ['b']" needs to become list: "{{ [] + ['a'] + ['b'] }}" copy_external_cert.yml needed to be changed.
-
- Jun 24, 2022
-
-
Thomas Woerner authored
upstream CI: Update nightly Ansible versions.
-
- Jun 23, 2022
-
-
Rafael Guterres Jeffman authored
As the current latest upstream version of ansible-core is 2.13.0, to test against ansible-core 2.12 series we need to pin the version used on the test. This patch enables the already defined tests for ansible-core 2.12 that were available but commented out.
-
Rafael Guterres Jeffman authored
Ansible 2.9 is EOL, and we should only test with supported upstream versions of Ansible. This patch removes tests against Ansible 2.9.
-
Thomas Woerner authored
upstream CI: Add support for testing ansible-freeipa as a collection.
-
Thomas Woerner authored
idrange: Fix list of invalid parameters for 'state:absent'.
-
Thomas Woerner authored
idrange: Fix usage of dom_name when idrange doesn't exist.
-
Rafael Guterres Jeffman authored
New roles for smartcard server and client setup
-
- Jun 22, 2022
-
-
Thomas Woerner authored
There are new smartcard roles in the roles folder: roles/ipasmartcard_server roles/ipasmartcard_client This roles allows to setup smartcard for servers and clients. Here is the documentation for the roles: roles/ipasmartcard_server/README.md roles/ipasmartcard_client/README.md New example playbooks have been added: playbooks/install-smartcard-server.yml playbooks/install-smartcard-replicas.yml playbooks/install-smartcard-servers.yml playbooks/install-smartcard-clients.yml
-
- Jun 21, 2022
-
-
Rafael Guterres Jeffman authored
As an idrange has no members, when using `state: absent`, all parameters but 'name' and 'state' are invalid. The list of invalid parameters when 'state: absent', have been fixed to include some missing parameters.
-
Rafael Guterres Jeffman authored
Provide a pipeline to test ansible-freeipa as an Ansible Galaxy collection. The tests will use 'utils/build-galaxy-release.sh' to create the galaxy release file, install it as a collection, and run the tests in it, which were modified to use FQCN. The tests will run only on 'fedora-latest' for each PR, and on all platforms for nightly and weekly tests.
-
Thomas Woerner authored
idrange: Fix typo in test comments.
-
Thomas Woerner authored
requirements-dev: Update requirements for virtual environments
-
- Jun 20, 2022
-
-
Rafael Guterres Jeffman authored
When evaluating imports, pylint does not have access to IPA imports, so they need to be ignored during import or usage.
-
- Jun 17, 2022
-
-
Rafael Guterres Jeffman authored
When ensuring presence of an idrange using dom_name instead of dom_sid, the SID must be obtained so that the idrange can be created. Related to RHBZ#2086993 and RHBZ#2086994.
-
Rafael Guterres Jeffman authored
When managing idranges, it might be needed to obtain the domain SID from the domain name. As this method needs to use the IPA API object and requires imorting some ipaserver modules, teh best place for this method to be implemented is on ansible_module_utils.
-
Rafael Guterres Jeffman authored
When developing ansible-freeipa using a Python virtual environment, some ansible-freeipa utility scripts failed to execute due to missing tools. This patch add the required tools and modules to requirements-dev.txt and pin the versions to the same available in Fedora 36.
-
- Jun 15, 2022
-
-
Thomas Woerner authored
Add support to define which playbook tests to execute with pytest.
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
Due to an issue with IPA in Fedora 36, dnsconfig and dnsforwardzone plugin tests must be disabled. See FreeIPA issue: https://pagure.io/freeipa/issue/9158
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
pytest provide the means to skip tests based on patterns, but writing these patterns for ansible-freeipa might not be feasible. This PR allows the selection of playbook tests and modules that will be executed with pytest using the environmentt variables IPA_ENABLED_TESTS IPA_ENABLED_MODULES, IPA_DISABLED_TESTS or IPA_DISABLED_MODULES. When using IPA_ENABLED_MODULES, all modules will be disabled, and only the modules in the enabled list will be tested. If using the test filter, IPA_ENABLED_TESTS, all tests are disabled, unless they are in the enabled test lists. If the IPA_DISABLED_* version is used, tests and modules are enabled by default, and the list is used to disable the module or specific test. To disable a test or module in Azure CI, edit the file `tests/azure/variables` and add the desired tests or modules to the parameter variables `enabled_modules`, 'enabled_tests`, `disabled_tests` or `disable_modules`. Note that, if added to the `master` branch, this will affect the tests for every pipeline that it is include (including 'nightly'), so it should be used with care. It can be used with TEMP commits to enable only the desired tests, speeding up upstream tests.
-
- Jun 14, 2022
-
-
Thomas Woerner authored
Fix ansible-test sanity missing CHANGELOG.rst.
-
Rafael Guterres Jeffman authored
Recent versions of ansible-test require the existence of a CHANGELOG file in the root of the collection. This changes extracts the changes of the latest available release tag using `utils/changelog` and create the CHANGELOG file with the result of the command. The generated changelog will include the changes for the latest release and, if present, the available changes that were not part of a release.
-
Rafael Guterres Jeffman authored
utils/changelog: Fixed --tag option, new --galaxy option
-
Thomas Woerner authored
The --tag TAG option is now printing the changes for the given TAG and not since the given tag. The new option --galaxy is printing the changelog since the latest tag and also for the latest tag. These changes are simplifying the generation of the changelog file that is needed to pass the tests for galaxy and AutomationHub collections.
-
Thomas Woerner authored
Upstream CI updates.
-
- May 23, 2022
-
-
Rafael Guterres Jeffman authored
There were some typos in the idrange test playbook.
-