Ansible Freeipa Versions Save

Ansible roles and modules for FreeIPA

v1.12.1

3 months ago

Highlights in 1.12.1

Fix ipaserver deployment on CentOS 8 Stream
Fix ipaclient deployment with automount
Fix ipaclient OTP error reporting
Add missing support for renaming groups and users
Idempotency fixes in several modules

Changes since 1.12.0

Disable config tests for pac type without ms pac (#1211)
ipaclient_setup_automount with new install states (#1208)
ipaclient: Enable SELinux for SSSD (#1207)
ipaserver: Fix deployment after Bronze-bit fix (#1206)
ipahbacrule: Fix handling of hbacsvcgroup in members (#1203)
ipahostgroup: Fix idempotence issues due to capitalization (#1202)
ipagroup: Fix idempotence issues due to capitalization (#1201)
Fixes for ansible-lint 6.22.1 (#1195)
Revert "[TEMP] Enable only idp, service and user module tests" (#1189)
Bump minimum ansible-lint version to 6.22 (#1188)
ipaclient: Fix OTP error reporting (#1187)
test_host_random: No jinja2 templating in conditional statements (#1186)
upstream ci: Increase timeout for PR tests (#1184)
ipaidp: Fix validation and reset of parameters (#1183)
test_pwpolicy: minlength parameter can be reset with empty string now (#1180)
ipagroup: Add support for renaming groups (#1178)
ipauser: Add support for renaming users (#1174)
ipaclient: Properly name automount_location var and add documentation (#1169)
ipareplica: Support inventory groups.ipaserver (#1151)
ipauser: Do not try to modify user when not changing password (#1149)
ipadnszone: Add support for per-zone privilege delegation (#1147)
Handle data type or empty string in module_utils (#1143)
ipasudorule: Allow setting groups for runasuser. (#899)
ipadelegation: Fix idempotence issues due to capitalization. (#760)

Detailed changelog since 1.12.0 by author

2 authors, 31 commits

Rafael Guterres Jeffman (20)

ipadelegation: Fix idempotence issues due to capitalization.
ipagroup: Fix idempotence issues due to capitalization
ipahostgroup: Fix idempotence issues due to capitalization
ipaserver: Fix deployment after Bronze-bit fix
ipahbacrule: Fix handling of hbacsvcgroup in members
ipasudorule: Allow setting groups for runasuser.
ipagroup: Add support for renaming groups
tests/group: Use module_defaults on tests_group
ipauser: Add support for renaming users
ipadnszone: Add support for per-zone privilege delegation
idoveridegroup: Use module.params_get_type
idoverideuser: Use module.params_get_type
ipapwpolicy: Use modules.params_get_type
ansible_freeipa_module: Ensure data type when retrieving parameter
Rename parameter 'allow_empty_string' to 'allow_empty_list_item'
upstream ci: Increase timeout for PR tests
Bump minimum ansible-lint version to 6.22
ipaclient: Fix OTP error reporting
ipauser: Do not try to modify user when not changing password
ipareplica: Support inventory groups.ipaserver

Thomas Woerner (11)

config: Disable config tests due to pac type requirement MS-PAC
ipaclient_setup_automount: Only return changed if there was a change
ipaclient_setup_automount with new install states
ipaclient: Enable SELinux for SSSD
Fixes for ansible-lint 6.22.1
Revert "[TEMP] Enable only idp, service and user module tests"
test_host_random: No jinja2 templating in conditional statements
[TEMP] Enable only idp, service and user module tests
ipaidp: Fix validation and reset of parameters
test_pwpolicy: minlength parameter can be reset with empty string now
ipaclient: Properly name automount_location var and add documentation

v1.12.0

6 months ago

Highlights in 1.12.0

New idoverridegroup management module.
New idoverrideuser management module.
New idview management module.
New idp management module.
Bug fixes and CI improvements.

Changes since 1.11.1

idoverride{user,group}: Fix delete_continue with state absent (#1176)
ipahost: Remove dangling dns records during test setup (#1173)
Update ansible-lint and pylint versions (#1170)
Reproduce upstream CI groups in developer's machine (#1168)
upstream CI: Pin ansible-lint version to 6.20 series (#1159)
ipaidview: Fail to apply unknown (invalid) hosts (#1158)
upstream CI: Pin Python version to 3.11 (#1157)
hbacsvcgroup: Remove obsolete result_handler (#1156)
hbacrule: Fix use of builtin sudo hbacsvcgroup (#1155)
upstream CI: Fix test selection for CheckPR pipeline. (#1148)
utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management (#1146)
Revert "upstream ci: Run nightly tests against Ansible 2.9" (#1145)
Ensure CI runs against the oldest supported Ansible versions. (#1144)
Do not use "del os.environ" as the variable might not exist (#1142)
New idoverridegroup management module. (#1141)
new_module template fixes (#1140)
New idoverrideuser management module. (#1139)
spec file: Updated list of modules (#1138)
Bump Ansible version to 2.13 (#1136)
New idview management module. (#1134)
ipacert: Fix revocation example playbook on README (#1133)
Updated supported distros (#1131)
upstream ci: fix sanity test ansible lint failures (#1120)
Bump linter versions. (#1112)
New idp management module (#1105)
upstream CI: Build containers in parallel jobs (#1104)

Detailed changelog since 1.11.1 by author

2 authors, 40 commits

Rafael Guterres Jeffman (28)

ipahost: Remove dangling dns records during test setup
utils/run-tests.sh: Replicate Azure's test grouping
Update ansible-lint and pylint versions
upstream CI: Build containers in parallel jobs
upstream ci: Run PR tests using a single job.
upstream ci: Use a single random seed for spliting tests
upstream CI: Fix test selection for CheckPR pipeline.
upstream CI: Pin ansible-lint version to 6.20 series
upstream CI: Pin Python version to 3.11
Revert "upstream ci: Run nightly tests against Ansible 2.9"
upstream ci: Run nightly tests against Ansible 2.9
upstream ci: Run PR checks against the oldest supported ansible-core
pylint: Fix redefined-builtin
pylint: Fix unused-argument
ci: Bump pylint version
development: Bump versions of development checks
pylint: Unnecessary parens after '=' keyword
Change 'Exception' to 'RuntimeError' when FreeIPA version is too old
pylint: Disable broad exception warnings
pylint: Fix warning 'unnecessary "else" after "return"'
pylint: Disable warning when using non-literal dict
spec file: Updated list of modules
ansible-freeipa: Bump minimum supported Ansible version to 2.13
README-*: Bump minimum supported Ansible version to 2.13
roles: Bump minimum Ansible version to 2.13
ansible-lint: Use the same command line as galaxy-importer
ipacert: Fix revocation example playbook on README
Updated supported distros

Thomas Woerner (12)

idoverride{user,group}: Fix delete_continue with state absent
ipaidview: Fail to apply unknown (invalid) hosts
hbacsvcgroup: Remove obsolete result_handler
hbacrule: Fix use of builtin sudo hbacsvcgroup
utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management
New idp management module
New idoverridegroup management module.
New idoverrideuser management module.
Do not use "del os.environ" as the variable might not exist
utils/templates/ipamodule*.py.in: Fix superfluous type in argument spec
utils/templates/test_module_client_context.yml.in: Fix FQDN issue
New idview management module.

v1.11.1

10 months ago

Highlights in 1.11.1

Support for GECOS, street, smb and idp attributes in ipauser module
Support for indirect maps in ipaautomountmap module
Update of user_auth_type choices in ipaconfig and ipauser modules
Update of auth_ind choices in ipahost and ipaservice modules
Upstream test and environment enhancements
Documentation updates

Changes since 1.11.0

ci: Increase verbosity for Ansible playbook runs (#1123)
ansible_freeipa_module: Fix ipa_command_invalid_param_choices (#1122)
Update authtypes authind readmes (#1119)
Update authtypes authind (#1118)
ipaserver: Update README with detailed Ubuntu support (#1117)
utils/run-tests.sh: Install Ansible collections on virtual environment (#1116)
Remove dependency on 'virtualenv' (#1114)
Singular to plural on random serial numbers setting (#1106)
upstream CI: Update ansible-core version (#1100)
doc: Differentiate location meaning between host and server (#1098)
Fix handling of ipapwpolicy attributes usercheck and dictcheck (#1076)
ipaautomountmap: add support for indirect maps (#1075)
ipauser: Add support for SMB attributes. (#1056)
ipauser: Support for External IdP attributes. (#1055)
ipauser: Add support for parameter "street" (#1044)
ipauser: Add support to modify GECOS field. (#1039)

Detailed changelog since 1.11.0 by author

3 authors, 25 commits

Rafael Guterres Jeffman (14)

ci: Increase verbosity for Ansible playbook runs
ipauser: Support for External IdP attributes.
ipaserver: Update README with detailed Ubuntu support
ipaautomountmap: add support for indirect maps
utils/run-tests.sh: Install Ansible collections on virtual environment
ipauser: Add support for SMB attributes.
doc: Differentiate location meaning between host and server
Remove dependency on 'virtualenv'
ipauser: Add support for parameter "street"
ipapwpolicy: Updated module documentation.
ipapwpolicy: Modify handling of usercheck and dictcheck
module_utils: Export Ansible's 'boolean' parsing function.
ipauser: Add support to modify GECOS field.
upstream CI: Update ansible-core version

Renich Bon Ciric (1)

Singular to plural on random serial numbers setting

Thomas Woerner (10)

ansible_freeipa_module: Fix ipa_command_invalid_param_choices
README-user.md: Add choices pkinit, hardened and idp to user_auth_type
README-service.md: Add choice idp to auth_ind
README-host.md: Add choice idp to auth_ind
README-config.md: Add choices pkinit, hardened and idp to user_auth_type
ipauser: Add choices pkinit, hardened and idp to user_auth_type
ipaservice: Add choice idp to auth_ind
ipahost: Add choice idp to auth_ind
ipaconfig: Add choices pkinit, hardened and idp to user_auth_type
ansible_freeipa_module: New ipa_command_invalid_param_choices method

v1.11.0

11 months ago

Highlights in 1.11.0

Multiple service management with ipaservice module
New ipacert module for certificate management
Action group support for the Ansible collections on Ansible Galaxy and Ansible AutomationHub
Fixed maxsequence handling in ipapwpolicy module
Even more Ansible lint driven changes

Changes since 1.10.0

Multiple service management (#1101)
Don't allow the FQDN to match the domain on server installs (#1099)
upstream CI: Disable ansible-lint var-naming check (#1097)
Upstream CI: Disable execution of pytest tests (#1094)
tests/azure/templates/build_container.yml: Quote requests with version (#1092)
Pin requests to < 2.29 temporarily (#1089)
Fix new ansible lint disallowes ignores (#1088)
tests/azure: Install molecule-plguins to get docker driver (#1083)
pwpolicy test: Fix maxsequence test (#1082)
Fix typo in ipapwpolicy.py (#1081)
Create action group in collection for use with module_defaults (#1080)
ipapwpolicy: simplified and faster attribute verification (#1078)
Make Git ignore temporary and output files. (#1077)
Fixes and enhancements for utils/new_module and templates (#1035)
ipacert module (#687)

Detailed changelog since 1.10.0 by author

5 authors, 30 commits

Denis Karpelevich (1)

Allow multiple services creation

Jacob Cutright (1)

Fix typo in ipapwpolicy.py

Rafael Guterres Jeffman (6)

Don't allow the FQDN to match the domain on server installs
upstream CI: Disable ansible-lint var-naming check
Upstream CI: Disable execution of pytest tests.
Make Git ignore temporary and output files.
utils/new_module: Ensure correct number of parameters for new_module
ipapwpolicy: simplified and faster attribute verification

Sam Morris (1)

New certificate management module.

Thomas Woerner (21)

pwpolicy test: Fix maxsequence test
ipaservice: Updated and new tests for certificates and multi service handling
ipaservice: Add Denis Karpelevich to the authors header
ipaservice: Properly Handle certs with leading or trailing white space
tests/azure/templates/build_container.yml: Quote requests with version
ansible_freeipa_module.py: Calm down ansible-test on print and sys.exit
ipaserver_test.py: Add missing default for random_serial_numbers
ansible-test: Do not use automatic field numbering specification
Use "#!/usr/bin/env python" for python shebang
Add -eu to all bash shebangs
Remove old or empty sanity ignore files
Pin requests to < 2.29 temporarily
tests/azure: Install molecule-plguins to get docker driver
utils/templates/test_module*.yml.in: Use generic module_defaults
utils/templates/test_module*.yml.in: Better docs for become and gather_facts
utils/templates/{README*.md.in,test_module*.yml.in}: Use true and false
utils/build-galaxy-release.sh: Create module action group
utils/galaxyfy.py: Handle module_defaults, match roles and modules
New utils/facts.py: Provide facts about the repo like role and module lists
utils/templates/ipamodule.py.in: Add missing bracket
utils/new_module: Fix github_user test

v1.10.0

1 year ago

Highlights in 1.10.0

ipagroup: Allow multiple group management.
ipaclient: Add subid option to select the sssd profile with-subid.
ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup.
ipaclient: Keep server affinity while deploying by deferring the creation the final krb5.conf.
ipaserver: Allow deployments with random serial numbers.
ipareplica/server: Enable removal from domain with undeployment.
More Ansible lint fixes.

Changes since 1.9.2

ipaserver: Do not enable random serial numbers by default (#1073)
ipagroup: Fix ensuring external group group members (without trust-ad) (#1072)
Ansible lint fixes (#1069)
ipareplica/server: Enable removal from domain with undeployment (#1068)
ipaclient: Defer krb5 configuration fix (#1067)
ipareplica role: Remove usage of undefined parameters. (#1062)
roles/ipaserver: Allow deployments with random serial numbers (#1060)
ipahost: Make return value depending on hosts parameter (#1058)
ipauser: Make return value depending on users parameter (#1053)
Migrated to SPDX license. (#1051)
ipaclient: Defer creating the final krb5.conf on clients (#1050)
Update EXAMPLE sections for multiuser and multihost handling. (#1047)
Fix ansible-lint on tests (#1046)
ipauser: Better description of UID and GID parameters (#1045)
ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup (#1037)
[RFE] Allow multiple groups creation (#1001)
Add subid option to select the sssd profile with-subid. (#974)

Detailed changelog since 1.9.2 by author

3 authors, 26 commits

Denis Karpelevich (3)

[RFE] Allow multiple groups creation.
Add subid option to select the sssd profile with-subid.
Update EXAMPLE sections for multiuser and multihost handling.

Rafael Guterres Jeffman (8)

roles/ipaserver: Allow deployments with random serial numbers
ipareplica role: Remove usage of undefined parameters.
Migrated to SPDX license.
ipauser: Better description of UID and GID parameters
ansible-lint: License must be defined as a list.
ansible-lint: Fixed dangling 'when' clause.
ansible-lint: Fix key order on upstream tests
ansible-lint: Use 'missing-import' instead of '505'

Thomas Woerner (15)

ipaserver: Do not enable random serial numbers by default
ipagroup: Handle ensuring groups with mixed types without IPA fix 6741
ipagroup: Fix ensuring external group group members (without trust-ad)
ipareplica/server: Enable removal from domain with undeployment
tests/config/test_config_sid: Mark tasks as noqa 503
ipareplica/server: Always cleanup root IPA cache
ipaclient_configure_dns_resolver: Removed bad aliases
ipapwpolicy: The alias for usercheck in argument_spec had typo
ipanetgroup: Missing type for action and state DOCUMENTATION section
ipaclient: ipaclient_fix_ca also needs krb_name parameter
ipaclient: ipaclient_setup_nss also needs krb_name parameter
ipahost: Make return value depending on hosts parameter
ipauser: Make return value depending on users parameter
ipaclient: Defer creating the final krb5.conf on clients
ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup

v1.9.2

1 year ago

Changes since 1.9.1

ipabackup: Use ipabackup_item again in copy_backup_to_server (#1033)

Detailed changelog since 1.9.1 by author

1 authors, 1 commits

Thomas Woerner (1)

ipabackup: Use ipabackup_item again in copy_backup_to_server

v1.9.1

1 year ago

Highlights in 1.9.1

Ansible 2.14 test and lint fixes
pwpolicy: Allow clearing policy values
More bug fixes

Changes since 1.9.0

upstream CI: increase Azure test timeout. (#1031)
Use yml extension for pytest tests (#1030)
playbooks: Fix automount tasks to make ansible-lint happy (#1029)
dnszone tests: Fix typo on task names. (#1028)
playbooks/automount: All playbooks should use .yml (#1027)
Ansible lint tests (#1026)
pwpolicy: Fix tests for 'minlength: ""' (#1024)
.github/workflows/lint.yml: ansible-lint needs collection source dir (#1023)
pwpolicy: Fix new bool checks for IPA prior to 4.9.10 (#1022)
utils files: Support builtins with ansible.builtin. prefix (#1016)
Fix ansible-test lint warnings in roles. (#1014)
yamllint: All tasks need to be named (#1013)
pwpolicy: Allow clearing policy values. (#1012)
upstream ci: Allow tasks to retry in case of connection failure. (#1009)
Use FQCN for ansible.builtin (#1007)
Use netgroup_find instead of netgroup_show to workaround IPA bug. (#1003)
ansible-freeipa.spec.in: Fix for loop with wildcard (#1002)
Update development and Github workflow tools. (#999)
upstream ci: Update Ansible versions on Azure pipelines. (#977)

Detailed changelog since 1.9.0 by author

3 authors, 66 commits

Denis Karpelevich (1)

Use netgroup_find instead of netgroup_show to workaround IPA bug.

Rafael Guterres Jeffman (19)

upstream CI: increase Azure test timeout.
playbooks: Fix automount tasks to make ansible-lint happy
dnszone tests: Fix typo on task names.
pwpolicy: Fix tests for 'minlength: ""'
ansible-lint: Fix file kind and ignores.
roles: Fix ansible-lint name:template warnings
roles: Fix ansible-lint warning on var-naming.
Fix issues raised by Flake8 version 5.0.3
Fix issues raised by Pylint version 2.14.4.
Update Github workflow linter and check tools.
pwpolicy: Allow clearing policy values.
upstream ci: Update Ansible versions on Azure pipelines.
Update development tools.
roles: Fix when, block and always key order.
roles: Fix jinja2 template spacing
roles: Fix task names to start with uppercase letters
roles: Fix use of ansible.builtin.fail free-form message.
roles: Fix type of data used for for versions in meta files
upstream ci: Allow tasks to retry in case of connection failure.

Thomas Woerner (46)

Use yml extension for pytest tests
playbooks/automount: All playbooks should use .yml
ansible-lint: All names should start with an uppercase letter
Fix jinja2 white spaces issues reported by ansible-lint
Improve jinja2 spacing: Remove space between join and ()
.github/workflows/lint.yml: Enable ansible-lint for the whole collection
.ansible-lint: Deactivate experimental and name[template] tests
.github/workflows/lint.yml: ansible-lint needs collection source dir
pwpolicy: Fix new bool checks for IPA prior to 4.9.10
yamllint: All tasks need to be named
utils/get_test_modules.py: Support ansible.builtin. prefix
utils/galaxyfy.py: Support builtins with ansible.builtin. prefix
vault: Use FQCN for ansible.builtin
user: Use FQCN for ansible.builtin
trust: Use FQCN for ansible.builtin
sudo*: Use FQCN for ansible.builtin
servicedelegation*: Use FQCN for ansible.builtin
service: Use FQCN for ansible.builtin
server: Use FQCN for ansible.builtin
selfservice: Use FQCN for ansible.builtin
role: Use FQCN for ansible.builtin
pwpolicy: Use FQCN for ansible.builtin
privilege: Use FQCN for ansible.builtin
permission: Use FQCN for ansible.builtin
netgroup: Use FQCN for ansible.builtin
location: Use FQCN for ansible.builtin
idrange: Use FQCN for ansible.builtin
host*: Use FQCN for ansible.builtin
hbac*: Use FQCN for ansible.builtin
group: Use FQCN for ansible.builtin
tests/external-signed-ca-*: Use FQCN for ansible.builtin
tests/env_freeipa_facts.yml: Use FQCN for ansible.builtin
dnszone: Use FQCN for ansible.builtin
dnsrecord: Use FQCN for ansible.builtin
dnsforwardzone: Use FQCN for ansible.builtin
dnsconfig: Use FQCN for ansible.builtin
delegation: Use FQCN for ansible.builtin
config: Use FQCN for ansible.builtin
tests/ca-less: Use FQCN for ansible.builtin
automount: Use FQCN for ansible.builtin
automember: Use FQCN for ansible.builtin
ipabackup role: Use FQCN for ansible.builtin
ipaclient role: Use FQCN for ansible.builtin
ipareplica role: Use FQCN for ansible.builtin
ipaserver role: Use FQCN for ansible.builtin
ansible-freeipa.spec.in: Fix for loop with wildcard

v1.9.0

1 year ago

Highlights in 1.9.0

New netgroup management module
sudorule: Add support for 'hostmask' parameter
pwpolicy: Add support for password check and grace limit
ipaclient: No kinit on controller for deployment using OTP
ipaclient: Configure DNS resolver
Support for ansible-core 2.14 tests

Changes since 1.8.4

tests/azure: Temporarily stay at Ubuntu 20.04 (#1000)
environment: Fix os.environ language setting. (#997)
ipaclient: No DNS resolver configuration on master (#996)
tests/sanity: Add ignore file for ansible-core 2.14 (#992)
utils: Remove deprecated shell scripts used to deploy IPA. (#991)
pre-commit: Fix pycqa pre-commit repos. (#989)
ipaclient: Configure DNS resolver (#988)
ipaclient: No kinit on controller for deployment using OTP (#987)
github worflows: speed up git checkout. (#986)
upstream tests: Removal of 'warn: no' from shell plugins (#984)
netgroup: Fix environment cleanup on ipanetgroup tests. (#981)
upstream ci: Update Github actions due to old Node.js. (#980)
ipaclient_setup_nss: Fix undefined ca_certs for NoCertificateError case (#979)
linters: Fix versions of linter packages due to Python 3.11. (#978)
Fix ipaserver role for ansible test (#976)
Fix ipareplica role for ansible test (#975)
Fix upstream ansible test ansible 2.13 (#973)
Fix ipaclient role for ansible test (#972)
pwpolicy: Add support for password check and grace limit. (#971)
Fix ipasmartcard server role for ansible test (#969)
Fix ipasmartcard client role for ansible test (#968)
ipabackup_get_backup_dir: Fix documentation sections and agument spec (#967)
ipamodule_base_docs: Fix documentation sections (#966)
ipaconfig: Do not require enable_sid for add_sids or netbios_name (#961)
new_module: Modify new_module and templates for Ansible 2.14 (#960)
documentation: Change occurences of whitelist to allowlist. (#959)
ipavault: Fix documentation sections and agument spec (#958)
ipauser: Fix documentation sections and agument spec (#957)
ipatrust Fix documentation sections and agument spec (#956)
ipatopologysuffix: Fix documentation sections and agument spec (#955)
ipatopologysegment: Fix documentation sections and agument spec (#954)
ipasudorule: Fix documentation sections and agument spec (#953)
ipasudocmdgroup: Fix documentation sections and agument spec (#952)
ipasudocmd: Fix documentation sections and agument spec (#951)
ipaservicedelegationtarget: Fix documentation sections and agument spec (#950)
ipaservicedelegationrule: Fix documentation sections and agument spec (#949)
ipaservice:: Fix documentation sections and agument spec (#948)
ipaserver: Fix documentation sections and agument spec (#947)
ipaselfservice: Fix documentation sections and agument spec (#946)
iparole: Fix documentation sections and agument spec (#945)
ipapwpolicy: Fix documentation sections and agument spec (#944)
ipaprivilege: Fix documentation sections and agument spec (#943)
ipapermission: Fix documentation sections and agument spec (#942)
ipalocation: Fix documentation sections and agument spec (#941)
ipaidrange: Fix documentation sections and agument spec (#940)
ipahostgroup: Fix documentation sections and agument spec (#939)
ipahost: Fix documentation sections and agument spec (#938)
ipahbacsvcgroup: Fix documentation sections and agument spec (#937)
ipahbacsvc: Fix documentation sections and agument spec (#936)
ipahbacrule: Fix documentation sections and agument spec (#935)
ipagroup: Fix documentation sections and agument spec (#934)
ipadnszone: Fix documentation sections and agument spec (#933)
ipadnsrecord: Fix documentation sections and agument spec (#932)
ipadnsforwardzone: : Fix documentation sections and agument spec (#931)
ipadnsconfig: Fix documentation sections and agument spec (#930)
ipadelegation: : Fix documentation sections and agument spec (#929)
ipaconfig: Fix documentation sections and agument spec (#928)
ipaautomountmap: Fix documentation sections and agument spec (#927)
ipaautomountlocation: Fix documentation sections and agument spec (#926)
ipaautomountkey: Fix documentation sections and agument spec (#925)
ipaautomember: Fix documentation sections and agument spec (#924)
sudorule: Add support for 'hostmask' parameter (#922)
ipaconfig: Do not allow enable_sid set to False. (#921)
ipaconfig: Fix fail_json calls. (#920)
Fix plugins for ansible fake execution test (#918)
ipabackup_get_backup_dir: Fix for ansible-test fake execution test (#917)
ipasmartcard_client_get_vars: Fix for ansible-test fake execution test (#916)
ipasmartcard_server_get_vars: Fix for ansible-test fake execution test (#915)
Re-enable dnsforwardzone tests (#914)
ansible_freeipa_module: Remove deprecated FreeIPABaseModule (#913)
New netgroup management module (#875)

Detailed changelog since 1.8.4 by author

3 authors, 142 commits

Denis Karpelevich (1)

New netgroup management module

Rafael Guterres Jeffman (22)

tests/sanity: Add ignore file for ansible-core 2.14
environment: Fix os.environ language setting.
utils: Remove deprecated shell scripts used to deploy IPA.
pre-commit: Fix pycqa pre-commit repos.
sudorule: Add support for 'hostmask' parameter
github worflows: speed up git checkout.
pwpolicy: Add support for password check and grace limit.
upstream tests: Removal of 'warn: no' from shell plugins
upstream ci: Use Shellcheck action from 'master'.
upstream ci: Update Github actions due to old Node.js.
pylint: Fix pylint issues on utils/galaxyfy-module-EXAMPLES.py
pylint: Update configuration for Python 3.11
pylint: Modify certificate loader function definition.
linters: Fix versions of linter packages due to Python 3.11.
netgroup: Fix environment cleanup on ipanetgroup tests.
documentation: Change occurences of whitelist to allowlist.
ipaconfig: Do not require enable_sid for add_sids or netbios_name
ipaconfig: Do not allow enable_sid set to False.
new_module: Modify new_module and templates for Ansible 2.14
ipaconfig: Fix fail_json calls.
Azure CI: Re-enable dnszone tests with forwarder ports
Azure CI: Update variable files instructions.

Thomas Woerner (119)

tests/azure: Temporarily stay at Ubuntu 20.04
ipaclient: No DNS resolver configuration on master
ipaclient: No kinit on controller for deployment using OTP
ipaclient: Configure DNS resolver
ipaserver_test: Fix documentation sections and agument spec
ipaserver_setup_otpd: Fix documentation sections and agument spec
ipaserver_setup_ntp: Fix documentation sections and agument spec
ipaserver_setup_krb: Fix documentation sections and agument spec
ipaserver_setup_kra: Fix documentation sections and agument spec
ipaserver_setup_http: Fix documentation sections and agument spec
ipaserver_setup_ds: Fix documentation sections and agument spec
ipaserver_setup_dns: Fix documentation sections and agument spec
ipaserver_setup_custodia: Fix documentation sections and agument spec
ipaserver_setup_ca: Fix documentation sections and agument spec
ipaserver_setup_adtrust: Fix documentation sections and agument spec
ipaserver_set_ds_password: Fix documentation sections and agument spec
ipaserver_prepare: Fix documentation sections and agument spec
ipaserver_master_password: Fix documentation sections and agument spec
ipaserver_load_cache: Fix documentation sections and agument spec
ipaserver_enable_ipa: Fix documentation sections and agument spec
ansible_ipa_server: Fix ansible-test fake execution test findings
ipareplica_test: Fix documentation sections and agument spec
ipareplica_setup_otpd: Fix documentation sections and agument spec
ipareplica_setup_krb: Fix documentation sections and agument spec
ipareplica_setup_kra: Fix documentation sections and agument spec
ipareplica_setup_http: Fix documentation sections and agument spec
ipareplica_setup_ds: Fix documentation sections and agument spec
ipareplica_setup_dns: Fix documentation sections and agument spec
ipareplica_setup_custodia: Fix documentation sections and agument spec
ipareplica_setup_certmonger: Fix documentation sections and agument spec
ipareplica_setup_ca: Fix documentation sections and agument spec
ipareplica_setup_adtrust: Fix documentation sections and agument spec
ipareplica_restart_kdc: Fix documentation sections and agument spec
ipareplica_promote_sssd: Fix documentation sections and agument spec
ipareplica_promote_openldap_conf: Fix documentation sections and agument spec
ipareplica_prepare: Fix documentation sections and agument spec
ipareplica_master_password: Fix documentation sections and agument spec
ipareplica_krb_enable_ssl: Fix documentation sections and agument spec
ipareplica_install_ca_certs: Fix documentation sections and agument spec
ipareplica_enable_ipa: Fix documentation sections and agument spec
ipareplica_ds_enable_ssl: Fix documentation sections and agument spec
ipareplica_ds_apply_updates: Fix documentation sections and agument spec
ipareplica_custodia_import_dm_password: Fix doc sections and agument spec
ipareplica_create_ipa_conf: Fix documentation sections and agument spec
ipareplica_add_to_ipaservers: Fix documentation sections and agument spec
ansible_ipa_replica: Fix ansible-test fake execution test findings
ipaclient_test_keytab: Fix documentation sections and agument spec
ipaclient_test: Fix documentation sections and agument spec
ipaclient_setup_sssd: Fix documentation sections and agument spec
ipaclient_setup_ssh: Fix documentation sections and agument spec
ipaclient_setup_ntp: Fix documentation sections and agument spec
ipaclient_setup_nss: Fix documentation sections and agument spec
ipaclient_setup_nis: Fix documentation sections and agument spec
ipaclient_setup_krb5: Fix documentation sections and agument spec
ipaclient_setup_firefox: Fix documentation sections and agument spec
ipaclient_setup_automount: Fix documentation sections and agument spec
ipaclient_set_hostname: Fix documentation sections and agument spec
ipaclient_join: Fix documentation sections and agument spec
ipaclient_ipa_conf: Fix documentation sections and agument spec
ipaclient_get_otp: Fix documentation sections and agument spec
ipaclient_get_facts: Fix documentation sections and agument spec
ipaclient_fstore: Fix documentation sections and agument spec
ipaclient_fix_ca: Fix documentation sections and agument spec
ipaclient_api: Fix documentation sections and agument spec
ansible_ipa_client: Fix ansible-test fake execution test findings
ipaclient_setup_nss: Fix undefined ca_certs for NoCertificateError case
tests/sanity/sanity.sh: shellcheck: Fix command for use_docker
tests/sanity: New tests/sanity/ignore-2.13.txt for ansible-test
ipasmartcard_server_validate_ca_certs: Fix doc sections and agument spec
ipasmartcard_server_get_vars: Fix doc sections and agument spec
ipasmartcard_client_validate_ca_certs: Fix doc sections and agument spec
ipasmartcard_client_get_vars: Fix doc sections and agument spec
ipabackup_get_backup_dir: Fix documentation sections and agument spec
ipamodule_base_docs: Fix documentation sections
ipadnsrecord: Fix documentation sections and agument spec
ipahost: Fix documentation sections and agument spec
ipatopologysegment: Fix documentation sections and agument spec
README-vault: Add new_public_key and new_public_key_file
ipavault: Fix documentation sections and agument spec
ipauser: Fix documentation sections and agument spec
ipatrust Fix documentation sections and agument spec
ipatopologysuffix: Fix documentation sections and agument spec
ipasudorule: Fix documentation sections and agument spec
ipasudocmdgroup: Fix documentation sections and agument spec
ipasudocmd: Fix documentation sections and agument spec
ipaservicedelegationtarget: Fix documentation sections and agument spec
ipaservicedelegationrule: Fix documentation sections and agument spec
ipaservice:: Fix documentation sections and agument spec
ipaserver: Fix documentation sections and agument spec
ipaselfservice: Fix documentation sections and agument spec
iparole: Fix documentation sections and agument spec
ipapwpolicy: Fix documentation sections and agument spec
ipaprivilege: Fix documentation sections and agument spec
ipapermission: Fix documentation sections and agument spec
ipalocation: Fix documentation sections and agument spec
ipaidrange: Fix documentation sections and agument spec
ipahostgroup: Fix documentation sections and agument spec
ipahbacsvcgroup: Fix documentation sections and agument spec
ipahbacsvc: Fix documentation sections and agument spec
ipahbacrule: Fix documentation sections and agument spec
ipagroup: Fix documentation sections and agument spec
ipadnszone: Fix documentation sections and agument spec
ipadnsforwardzone: : Fix documentation sections and agument spec
ipadnsconfig: Fix documentation sections and agument spec
ipadelegation: : Fix documentation sections and agument spec
ipaconfig: Fix documentation sections and agument spec
ipaautomountmap: Fix documentation sections and agument spec
ipaautomountlocation: Fix documentation sections and agument spec
ipaautomountkey: Fix documentation sections and agument spec
ipaautomember: Fix documentation sections and agument spec
tests/sanity/ignore-2.12.txt: Remove unnecessary entries
ipadnszone: import netaddr and DNSName from ansible_freeipa_module
ipadnsrecord: Fix for ansible-test fake execution test
ansible_freeipa_module: Fix ansible-test fake execution test findings
ipabackup_get_backup_dir: Fix for ansible-test fake execution test
ipasmartcard_client_get_vars: Fix for ansible-test fake execution test
ipasmartcard_server_get_vars: Fix for ansible-test fake execution test
tests/sanity/ignore-2.12.txt: Remove ansible-deprecated-no-collection-name
ansible_freeipa_module: Remove deprecated FreeIPABaseModule

v1.8.4

1 year ago

Highlights in 1.8.4

Support for SID related attributes in ipaconfig
Minimum value check of idstart parameter for ipaserver role
Deployment roles fixes and optimization

Changes since 1.8.3

ipaconfig: Fix example playbook titles. (#912)
utils/ansible-freeipa.spec.in: Sync with Fedora rawhide spec file (#911)
upstream CI: Force retrieval of ansible-freeipa master. (#910)
upstream CI: Ensure 'master' branch is available for set_test_modules (#908)
ipaconfig: Add support for SID related attributes. (#906)
ipaserver/ipareplica: Add isatty method to AnsibleModuleLog (#905)
ipabackup: Fix order of ipabackup_name parameter evaluation. (#904)
ipabackup: Add playbook tests for ipabackup. (#901)
ipaserver: Add missing idstart check (#897)
fedora rawhide: Temporarily disable failing DNS tests (#895)
ipaserver: ipaclient part does not need to install packages (#894)
upstream CI: run PR tests only for affected plugins (#893)
Fix short_description flag in plugins, role modules and templates (#892)
upstream CI: Fix list evaluation in IPA_ENABLED/IPA_DISABLED tests (#890)
ipauser: Add note on attributes 'first' and 'last' requirements (#889)
ipasudorule: Fix usage of 'action' and 'state' in examples. (#887)
upstream CI: enable/disable tests based on test image (#884)
ipareplica: Do not overwrite ipaclient_no_ntp for client part deployment (#876)
Run tests locally with upstream CI images. (#849)

Detailed changelog since 1.8.3 by author

2 authors, 24 commits

Rafael Guterres Jeffman (17)

ipaconfig: Add support for SID related attributes.
ipaconfig: Fix example playbook titles.
upstream CI: Force retrieval of ansible-freeipa master.
upstream CI: Force retrieval of ansible-freeipa master.
ipabackup: Fix order of ipabackup_name parameter evaluation.
upstream CI: Ensure 'master' branch is available for set_test_modules
ipabackup: Add playbook tests for ipabackup.
upstream CI: run PR tests only for affected plugins
check_test_configuration: Add support for IPA_* environment variables
tests: Drop pytest-split-tests in favor of pytest-split
run-tests: Run tests locally with upstream CI images
upstream CI: Fix list evaluation in IPA_ENABLED/IPA_DISABLED tests
ipauser: Add note on attributes 'first' and 'last' requirements
upstream ci: Add step to display scenario configuration
upstream ci: Avoid scheduling tests that will not be executed.
upstream ci: Add support for distro specific test configuration.
ipasudorule: Fix usage of 'action' and 'state' in examples.

Thomas Woerner (7)

utils/ansible-freeipa.spec.in: Sync with Fedora rawhide spec file
ipaserver/ipareplica: Add isatty method to AnsibleModuleLog
ipaserver: Add missing idstart check
fedora rawhide: Temporarily disable failing DNS tests
ipaserver: ipaclient part does not need to install packages
Fix short_description flag in plugins, role modules and templates
ipareplica: Do not overwrite ipaclient_no_ntp for client part deployment

v1.8.3

1 year ago

Highlight in version 1.8.3

Fix replica deployment issue for domains without SID support.

Changes since 1.8.2

ipavault: Fix missing whitespace after keyword issue (#880)
ipareplica: ipareplica_setup_adtrust fails while updating ipaNTFlatName (#877)

Detailed changelog since 1.8.2 by author

1 authors, 2 commits

Thomas Woerner (2)

ipavault: Fix missing whitespace after keyword issue
ipareplica: ipareplica_setup_adtrust fails while updating ipaNTFlatName