From 92972fd1bba5da78b51ad58ef205c5d24dfb29de Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Tue, 10 Nov 2020 20:37:32 -0300 Subject: [PATCH 1/2] ipahost: fix adding host for servers without DNS configuration. When using ipahost module with servers where DNS was not configured it failed to add hosts due to an exception raised on `dnsrecord_show` that was not being correctly handled. As the exception was being handled twice, the This patch simply removes one of the handlers, allowing the exception to propagate to the caller, where it is handled. Fixes issue #434. --- plugins/modules/ipahost.py | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/plugins/modules/ipahost.py b/plugins/modules/ipahost.py index 1fe11dc5..ccec5d79 100644 --- a/plugins/modules/ipahost.py +++ b/plugins/modules/ipahost.py @@ -439,6 +439,12 @@ def find_host(module, name): def find_dnsrecord(module, name): + """ + Search for a DNS record. + + This function may raise ipalib_errors.NotFound in some cases, + and it should be handled by the caller. + """ domain_name = name[name.find(".")+1:] host_name = name[:name.find(".")] @@ -447,14 +453,8 @@ def find_dnsrecord(module, name): "idnsname": to_text(host_name) } - try: - _result = api_command(module, "dnsrecord_show", to_text(domain_name), - _args) - except ipalib_errors.NotFound as e: - msg = str(e) - if "record not found" in msg or "zone not found" in msg: - return None - module.fail_json(msg="dnsrecord_show failed: %s" % msg) + _result = api_command(module, "dnsrecord_show", to_text(domain_name), + _args) return _result["result"] @@ -876,8 +876,11 @@ def main(): msg = str(e) dns_not_configured = "DNS is not configured" in msg dns_zone_not_found = "DNS zone not found" in msg - if ip_address is None and ( - dns_not_configured or dns_zone_not_found + dns_res_not_found = "DNS resource record not found" in msg + if ( + dns_res_not_found + or ip_address is None + and (dns_not_configured or dns_zone_not_found) ): # IP address(es) not given and no DNS support in IPA # -> Ignore failure From 9819658dba1028432755711c9ca1edd9024aba07 Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Fri, 13 Nov 2020 17:10:03 -0300 Subject: [PATCH 2/2] Update ipaserver requirements for testing. Altough configuring DNS and KRA support on the testing server node provides broad coverage support, it does not represent all scenarios where ansible-freeipa can be used, for example without DNS support. This documentation updates removes the requirement for DNS and KRA support, and highlights what is expected with different configurations. --- tests/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/README.md b/tests/README.md index cbc8aa0c..b1a3168e 100644 --- a/tests/README.md +++ b/tests/README.md @@ -9,11 +9,10 @@ You will also need to have a remote host with freeipa server installed and confi Some other requirements: * The `controller` must be able to connect to `ipaserver` through ssh using keys. - * `ipaserver` must be configured with DNS and KRA support. - See [ipaserver role](../roles/ipaserver/README.md). * IPA admin password must be `SomeADMINpassword`. * Directory Server admin password must be `SomeDMpassword`. +To provide broader test coverage, `ipaserver` should be configured with DNS and KRA support, and playbook tests are written based on this configuration. Without such support, some tests are expected to fail. Use a different configuration to evaluate those scenarios. See also [ipaserver role](../roles/ipaserver/README.md). ## Running the tests