This patch updates the ipatrust documentation about the 'trust_type'
parameter, and changes one password to be similar to the standard
passwords used in other modules.
Failing to identify task files included by playbooks raised false
positives when runnnig ansible lint. This change force ansible-lint to
correctly identify YAML files named "env_*.yml" or "tasks_*.yml" as task
files that are imported by other playbooks, and treat them accordingly.
Some example playbooks do not had the parameter `ipaadmin_password`
set, and some had a different value than the standard value
"SomeADMINpassword".
This patch fixes this difference in all example playbooks.
The parameters user_auth_type, pac_type and configstring are allowing to
use "" to reset to the default value or for configstring to set an empty
list.
The new check in params_get is not allowing to use empty strings in lists,
therefore allow_empty_string=True had to be added to the call.
A test has been added to verify that the empty strings are supported and
working.
Additionally empty pac_type, user_auth_type and domain_resolution_order
have been added to exit_args as if they have not been set.
The parameter auth_ind is allowing to use "" to reset to the default
value.
The new check in params_get is not allowing to use empty strings in lists,
therefore allow_empty_string=True had to be added to the call.
A test has been added to verify that the empty strings are supported and
working.
The parameters auth_ind and pac_type are allowing to use "" to reset to
the default value.
The new check in params_get is not allowing to use empty strings in lists,
therefore allow_empty_string=True had to be added to the call.
A test has been added to verify that the empty strings are supported and
working. An idempotency issue with pac_type has been found with the test
and fixed additionally.
The parameters userauthtype and sshpubkey allowing to use "" to reset to
the default value.
The new check in params_get is not allowing to use empty strings in lists,
therefore allow_empty_string=True had to be added to the call.
A test has been added to verify that the empty strings are supported and
working. An idempotency issue with sshpubkey has been found with the test
and fixed additionally.
So far it is possible to pass list parameters with empty strings to the
modules. The use of empty strings in list does not make a lot of sense,
though. The simple solution is to add a check to module_params_get for
empty strings in returned lists.
The option allow_empty_string can be set to True to allow an empty string
in the list with a list len of 1. The option defaults to False. It is
needed for some parameters the modules, like for example userauthtype in
the user module. It is using "" to reset to the default value.
module_params_get_lowercase has been changed to use module_params_get to
have one place to add the check.
Due to an issue in Ansible it is possible to use the empty string "" for
lists with choices, even if the empty list is not part of the choices.
Ansible issue https://github.com/ansible/ansible/issues/77108
This patch add the lines necessary to allow the use of the attribute
`delete_continue`, as it is a commom attribute, and if newer commom
attributes are added to IPAAnsibleModule in the future, the usage will
be similar.
Some modules should be compared in a case insensitive manner, and this
patch adds an example of a call to IPAAnsibleModule.params_get_lowercase
and a note on its usage.
This patch refactors the module template for modules with member
management, in a way that the addition of member management command
logic is not duplicated in different states or actions.
This idiom has been applied recently along with other fixes to modules
with idempotence issues reducing the modules code size and centering
code logic in specific blocks.
Allows the creation of IPAAnsibleModule objects with specific
`ipa_arguments` which are defined in a dictionary of argumets in
the base class.
Every module using `delete_continue` should provide the proper behavior
and the module must be instantiated with:
ansible_module = IPAAnsibleModule(
...,
ipa_arguments=["delete_continue"]
)
The plugin documentation must be extended with
'ipamodule_arguments.delete_continue'.
The correct name for upcoming release of CentOS is CentOS 9 Stream,
usually abbreviated to 'c9s'. As we need to differentiate from the
stream and the standard versions, this patch modifies the Azure
piipelines to use 'c9s' instead of 'CentOS 9'.
The test for dnsrecord creates a DNSSEC zone, and was forcing the task
to ignore errors using `ignore_errors: true`. The test environment
should be clean at that point, and without the zone, tests would fail,
so there is no need to keep the attribute set. If the task fails, it
should be fixed.
Newer Ansible versions will require at least Python 3.8 to be used,
and the build containers pipeline was requiring Python 3.6, which is
EOL.
This patch requests the latest Python version available for the
controller, and allows it to be configured to a specific version if,
and when, needed.
Add configuration to build a testing CentOS 8 stream image and to
execute upstream tests using that image in pull requests (Ansible
2.9) and on the nightly tests (all supported Ansible versions).
CentOS 9 Stream package pytho3-devel was not installable, and as it is
not required for the testing container, it was removed from the
Dockerfile used to create the image.
This disables the generation of the collection using the default
galaxy.yml. The installation of the generated collection fails with
invalid version A.B.C.
The collection is not used when building containers and the generated
collection is not using proper name and namespace in the collection files.
Currently the pipeline used to create test containers is using Python
3.6.15, and Ansible 2.12 requires, at least, Python 3.8.
This change adds a new parameter to build container template,
`python_version`, which is set by default to '3.x', meaning it will use
the latest Python version available (for version 3) if the parameter is
not explicitly set.
This disables the generation of the collection using the default
galaxy.yml. The installation of the generated collection fails with
invalid version A.B.C.
The collection is not used in the tests and the generated collection
is not using proper name and namespace in the collection files.
Note: utils/build-galaxy-releasesh needs to be used to generate the correct
collection.
Ensuring absence of members (services and targets) that do not exist may
not fail as they are not members for servicedelegationtarget and
servicedelegationrule.
servicedelegation_normalize_principals in ansible_freeipa_module has
been extended with a check_exists argument that defaults to False. state
== "present" is now given as this argument to turn on the element exists
check only if elements should be added.
