The hbacsvc members of hbacsvcgroup must be compared in a case
insensitive manner. This patch fixes comparation of member parameters
against existing members by converting parameters to lowercase, as it
is how the hbacsvc members are stored for hbacsvcgroups.
Also, there were some cases where a change with an empty set of members
was issued to IPA API, leading to a result of 'changed: yes' when
'changed: no' was expected. The fix involved a refactoring of the
hbacsvcgroup member management code.
Many module member attributes must be handled in a case insensitive
manner. To ease handling these cases, a function and a method to get
the module parameters converted to lowercase is provided.
All modules should use the same description for IPA API connection
variables. This change add description for ipaapi_context and
ipaapi_ldap_cache variable to the module README templates.
The items in extends_documentation_fragments of the modules need to
have the proper galaxy prefix.
The documentation fragment
- ipamodule_base_docs
needs to be changed to
- ${collection_prefix}.ipamodule_base_docs
This patch adds support for configuring IPA API connection use of
LDAP cache. It adds a new variable 'ipaapi_ldap_cache' to the base
module, and provides the variable documentation in its doc fragment.
This change adds a keyword parameter to api_connect() which can be
used to configure IPA API connection, for example, controlling the
use of LDAP cache, by passing 'ldap_cache' as an argument.
Also, IPAAnsibleModule is modified to automatically filter all
parameters of the module starting with 'ipaapi_' to be used as
arguments to configure api_connect(). The argument name will have
the same name as the module parameter with 'ipaapi_' stripped off.
Almost all modules require an algorithm ta validade if the user
provided arguments for the playbook are valid for the requested
state and/or action.
This patch provides a function that tests if any of a list of
arguments were set, and fail with a standardized message, making
all modules fail in the same way.
When running the tests that can be executed either on server or client
context, without defining 'ipa_context', the context is automatically
identified.
Currently, the tests in upstream CI run only on a server, and the
context is identified as "server" context, and in order to run the test
using a client context 'ipa_context' must be set to 'client'.
This patch fixes all the client context tests by correctly setting
ipa_context when running the client context tests in a server host.
When running pylint against 'setup.py' it warns that an import is
not used. While it is not directly used, this is a fix for an issue
with older versions of Python, so this change tells pylint to ignore
the error.
As of September, 2021, Ansible-lint cannot evaluate task files which
included through `include_tasks`, as it fails syntax-check.
This change exclude evaluation of these files (`env_*`) when evaluating
files before commit (pre-commit).
This patch modifies configuration of both ansible-lint and yamllint
to check for more rules, resulting in a more strict verification.
For ansible-lint verification of errors 301, 305 and 505 are skipped,
due to false positives. For the same reason, 'experimental' rules
are skipped.
ansible-lint error 306 is skipped since the fix is to set pipefail,
which is not available in all shells (for example dash, which runs
ansible-freeipa CI).
Yamllint disabled rules (comments, and indentation) would introduce a
huge amount of small changes, and are left for future changes, it
deemed necessary.
