New dnsrecord management module.

There is a new dnsrecord managem module placed in the plugins folder: plugins/modules/ipadnsrecord.py The dnsrecord module allows management of DNS records and is as compatible as possible with the Ansible upstream `ipa_dnsrecord` module, but provide some other features like multiple record management in one execution, support for more DNS record types, and more. Here is the documentation for the module: README-dnsrecord New example playbooks have been added: playbooks/dnsrecord/ensure-dnsrecord-is-absent.yml playbooks/dnsrecord/ensure-dnsrecord-is-present.yml playbooks/dnsrecord/ensure-presence-multiple-records.yml playbooks/dnsrecord/ensure-dnsrecord-with-reverse-is-present.yml playbooks/dnsrecord/ensure-multiple-A-records-are-present.yml playbooks/dnsrecord/ensure-A-and-AAAA-records-are-absent.yml playbooks/dnsrecord/ensure-A-and-AAAA-records-are-present.yml playbooks/dnsrecord/ensure-CNAME-record-is-absent.yml playbooks/dnsrecord/ensure-CNAME-record-is-present.yml playbooks/dnsrecord/ensure-MX-record-is-present.yml playbooks/dnsrecord/ensure-PTR-record-is-present.yml playbooks/dnsrecord/ensure-SRV-record-is-present.yml playbooks/dnsrecord/ensure-SSHFP-record-is-present.yml playbooks/dnsrecord/ensure-TLSA-record-is-present.yml playbooks/dnsrecord/ensure-TXT-record-is-present.yml playbooks/dnsrecord/ensure-URI-record-is-present.yml New tests for the module can be found at: tests/dnsrecord/test_dnsrecord.yml tests/dnsrecord/test_compatibility_with_ansible_module.yml tests/dnsrecord/test_dnsrecord_full_records.yml
2026-05-08 06:13:21 +00:00 · 2020-03-10 23:29:28 -03:00
parent 2e7df27fe3
commit 0abfe8ab90
25 changed files with 4035 additions and 0 deletions
--- a/tests/dnsrecord/env_cleanup.yml
+++ b/tests/dnsrecord/env_cleanup.yml
@@ -0,0 +1,135 @@
+---
+  # Cleanup tasks.
+   - name: Ensure that dns records are absent
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ testzone }}"
+       del_all: yes
+       name:
+       - host01
+       - host02
+       - host03
+       - host04
+       - _ftp._tcp
+       - _sip._udp
+       state: absent
+
+   - name: Ensure that dns reverse ipv6 records are absent
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: ip6.arpa.
+       del_all: yes
+       name:
+       - 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       - 1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       - 1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       - 4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       - 4.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       - 4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.f
+       state: absent
+
+   - name: Ensure that dns reverse ipv6 records are absent (workaround)
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ zone_ipv6_reverse_workaround }}"
+       del_all: yes
+       name:
+       - 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       - 1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       - 1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       - 4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       - 4.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       - 4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
+       state: absent
+
+   - name: Ensure that dns reverse records are absent
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ zone_prefix_reverse_24 }}"
+       name:
+       - "101"
+       - "102"
+       - "103"
+       - "104"
+       - "111"
+       - "112"
+       - "113"
+       - "114"
+       - "121"
+       - "122"
+       - "123"
+       - "124"
+       del_all: yes
+       state: absent
+
+   - name: Ensure that dns reverse records are absent (workaround 1)
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ zone_prefix_reverse_16 }}"
+       name:
+       - "101.122"
+       - "102.122"
+       - "103.122"
+       - "104.122"
+       - "111.122"
+       - "112.122"
+       - "113.122"
+       - "114.122"
+       - "121.122"
+       - "122.122"
+       - "123.122"
+       - "124.122"
+       del_all: yes
+       state: absent
+
+   - name: Ensure that dns reverse records are absent (workaround 2)
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ zone_prefix_reverse_8 }}"
+       name:
+       - "168.101.122"
+       - "168.102.122"
+       - "168.103.122"
+       - "168.104.122"
+       - "168.111.122"
+       - "168.112.122"
+       - "168.113.122"
+       - "168.114.122"
+       - "168.121.122"
+       - "168.122.122"
+       - "168.123.122"
+       - "168.124.122"
+       del_all: yes
+       state: absent
+
+   - name: Ensure that "{{ safezone }}" dns records are absent
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       zone_name: "{{ safezone }}"
+       records:
+       - name: iron01
+         del_all: yes
+       state: absent
+
+   - name: Ensure that NS record for "{{ safezone }}" is absent
+     ipadnsrecord:
+       ipaadmin_password: SomeADMINpassword
+       name: iron01
+       zone_name: "{{ safezone }}"
+       ns_rec: iron01
+       state: absent
+
+   - name: Ensure DNS testing zones are absent.
+     ipadnszone:
+       ipaadmin_password: SomeADMINpassword
+       name: "{{ item }}"
+       state: absent
+     with_items:
+       - "{{ zone_prefix_reverse }}"
+       - "{{ zone_prefix_reverse_24 }}"
+       - "{{ zone_prefix_reverse_16 }}"
+       - "{{ zone_prefix_reverse_8 }}"
+       - "{{ testzone }}"
+       - ip6.arpa.
+       - d.f.ip6.arpa.
+       - "{{ safezone }}"
--- a/tests/dnsrecord/env_setup.yml
+++ b/tests/dnsrecord/env_setup.yml
@@ -0,0 +1,31 @@
+---
+  - name: Setup variables and facts.
+    include_tasks: env_vars.yml
+
+  # Cleanup before setup.
+  - name: Cleanup test environment.
+    include_tasks: env_cleanup.yml
+
+  # Common setup tasks.
+  - name: Ensure DNS testing zones are present.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+      skip_nameserver_check: yes
+      skip_overlap_check: yes
+    with_items:
+    - "{{ zone_prefix_reverse }}"
+    - "{{ zone_prefix_reverse_24 }}"
+    - "{{ zone_prefix_reverse_16 }}"
+    - "{{ zone_prefix_reverse_8 }}"
+    - "{{ testzone }}"
+    - ip6.arpa.
+
+  - name: Ensure DNSSEC zone '"{{ safezone }}"' is present.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ safezone }}"
+      dnssec: yes
+      skip_nameserver_check: yes
+      skip_overlap_check: yes
+    ignore_errors: yes
--- a/tests/dnsrecord/env_vars.yml
+++ b/tests/dnsrecord/env_vars.yml
@@ -0,0 +1,17 @@
+---
+# Set common vars and facts for test.
+- name: Set IPv4 address prefix.
+  set_fact:
+    ipv4_prefix: '192.168.122'
+    ipv4_reverse_sufix: '122.168.192'
+
+- name: Set zone prefixes.
+  set_fact:
+    testzone: 'testzone.test'
+    safezone: 'safezone.test'
+    zone_ipv6_reverse: "ip6.arpa."
+    zone_ipv6_reverse_workaround: "d.f.ip6.arpa."
+    zone_prefix_reverse: "in-addr.arpa"
+    zone_prefix_reverse_24: "{{ ipv4_prefix.split('.')[::-1] | join ('.') }}.in-addr.arpa"
+    zone_prefix_reverse_16: "{{ ipv4_prefix.split('.')[1::-1] | join ('.') }}.in-addr.arpa"
+    zone_prefix_reverse_8: "{{ ipv4_prefix.split('.')[2::-1] | join ('.') }}.in-addr.arpa"
--- a/tests/dnsrecord/test_compatibility_with_ansible_module.yml
+++ b/tests/dnsrecord/test_compatibility_with_ansible_module.yml
@@ -0,0 +1,234 @@
+---
+- name: Test compatibility with Ansible ipa_dnsrecord module.
+  hosts: ipaserver
+  become: true
+  gather_facts: false
+
+  tasks:
+
+  # setup
+  - name: Ensure DNS zones to be used are absent.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+      state: absent
+    with_items:
+      - testzone.local
+      - 2.168.192.in-addr.arpa
+
+  - name: Ensure DNS zones to be used are present.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+    with_items:
+      - testzone.local
+      - 2.168.192.in-addr.arpa
+
+  - name: Ensure that dns record 'host01' is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: testzone.local
+      record_type: 'AAAA'
+      record_value: '::1'
+      state: absent
+
+  - name: Ensure that dns record 'vm-001' is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: vm-001
+      zone_name: testzone.local
+      record_type: 'AAAA'
+      record_value: '::1'
+      state: absent
+
+  - name: Ensure a PTR record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: 5
+      record_type: 'PTR'
+      record_value: 'internal.ipa.testzone.local'
+      zone_name: 2.168.192.in-addr.arpa
+      state: absent
+
+  - name: Ensure a TXT record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos
+      record_type: 'TXT'
+      record_value: 'TESTZONE.LOCAL'
+      zone_name: testzone.local
+      state: absent
+
+  - name: Ensure a SRV record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos._udp.testzone.local
+      record_type: 'SRV'
+      record_value: '10 50 88 ipa.testzone.local'
+      zone_name: testzone.local
+      state: absent
+
+  - name: Ensure an MX record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: '@'
+      record_type: 'MX'
+      record_value: '1 mailserver.testzone.local'
+      zone_name: testzone.local
+      state: absent
+
+  # tests
+  - name: Ensure dns record is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: vm-001
+      record_type: 'AAAA'
+      record_value: '::1'
+      zone_name: testzone.local
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns record exists with a TTL
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      record_type: 'AAAA'
+      record_value: '::1'
+      record_ttl: 300
+      zone_name: testzone.local
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a PTR record is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: 5
+      record_type: 'PTR'
+      record_value: 'internal.ipa.testzone.local'
+      zone_name: 2.168.192.in-addr.arpa
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a TXT record is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos
+      record_type: 'TXT'
+      record_value: 'TESTZONE.LOCAL'
+      zone_name: testzone.local
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a SRV record is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos._udp.testzone.local
+      record_type: 'SRV'
+      record_value: '10 50 88 ipa.testzone.local'
+      zone_name: testzone.local
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure an MX record is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: '@'
+      record_type: 'MX'
+      record_value: '1 mailserver.testzone.local'
+      zone_name: testzone.local
+      state: present
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns record is removed
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: testzone.local
+      record_type: 'AAAA'
+      record_value: '::1'
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+   # cleanup
+  - name: Ensure that dns record 'host01' is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: testzone.local
+      record_type: 'AAAA'
+      record_value: '::1'
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure that dns record 'vm-001' is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: vm-001
+      zone_name: testzone.local
+      record_type: 'AAAA'
+      record_value: '::1'
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a PTR record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: 5
+      record_type: 'PTR'
+      record_value: 'internal.ipa.testzone.local'
+      zone_name: 2.168.192.in-addr.arpa
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a TXT record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos
+      record_type: 'TXT'
+      record_value: 'TESTZONE.LOCAL'
+      zone_name: testzone.local
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure a SRV record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: _kerberos._udp.testzone.local
+      record_type: 'SRV'
+      record_value: '10 50 88 ipa.testzone.local'
+      zone_name: testzone.local
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure an MX record is absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: '@'
+      record_type: 'MX'
+      record_value: '1 mailserver.testzone.local'
+      zone_name: testzone.local
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure DNS zones to be used are absent.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+      state: absent
+    with_items:
+      - testzone.local
+      - 2.168.192.in-addr.arpa
--- a/tests/dnsrecord/test_dnsrecord.yml
+++ b/tests/dnsrecord/test_dnsrecord.yml
--- a/tests/dnsrecord/test_dnsrecord_full_records.yml
+++ b/tests/dnsrecord/test_dnsrecord_full_records.yml
@@ -0,0 +1,150 @@
+---
+- name: Test dnsrecord with full records (*-rec variables).
+  hosts: ipaserver
+  become: yes
+  gather_facts: yes
+
+  tasks:
+
+  - name: Setup test environment
+    include_tasks: env_setup.yml
+
+  # tests
+
+  - name: Ensure that dns A record for 'host01' is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec: 192.168.122.101
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns A record for 'host01' is present, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec: 192.168.122.101
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure that dns A records for 'host01' are present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec:
+      - 192.168.122.101
+      - 192.168.122.102
+      - 192.168.122.103
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns A records for 'host01' are present, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec:
+      - 192.168.122.101
+      - 192.168.122.102
+      - 192.168.122.103
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure that dns A records for 'host01' are absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec:
+      - 192.168.122.101
+      - 192.168.122.102
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns A records for 'host01' are absent, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      a_rec:
+      - 192.168.122.101
+      - 192.168.122.102
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  ####
+
+  - name: Ensure that dns AAAA record for 'host01' is present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec: fd00::0001
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns AAAA record for 'host01' is present, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec: fd00::0001
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure that dns AAAA records for 'host01' are present
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec:
+      - fd00::0001
+      - fd00::0011
+      - fd00::0021
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns AAAAA records for 'host01' are present, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec:
+      - fd00::0001
+      - fd00::0011
+      - fd00::0021
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure that dns AAAAA records for 'host01' are absent
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec:
+      - fd00::0001
+      - fd00::0011
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure that dns AAAAA records for 'host01' are absent, again
+    ipadnsrecord:
+      ipaadmin_password: SomeADMINpassword
+      name: host01
+      zone_name: "{{ testzone }}"
+      aaaa_rec:
+      - fd00::0001
+      - fd00::0011
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  # Cleanup
+  - name: Cleanup test environment.
+    include_tasks: env_cleanup.yml