ansible-freeipa-1.6.0

Highlights in version 1.6.0

• New managament modules for automount keys and maps. Indirect automount maps are not supported yet.
• The sudorule and role management modules are now creating FQDN lowercase from all hostnames to fix idempotency issues with single names, mixed case names and FQDN.
• The idempotency issues with members in role, hbacsvcgroup and hbacrule management modules have been fixed. The modules are now comparing members lowercase.
• The role management module is now supporting the state renamed for role renaming in the same way as other modules do.
• The group management module is now properly handling lists of members, where some are already part or not part of the group.
• The build-galaxy-release.sh script has been extended and fixed. It is now using a build directory and is not resetting uncommitted changes anymore.
• ansible-test is now also used in the upstream tests.
• Several fixes to pre-commit, upstream tests and workflows.

Changes since 1.5.3

• ansible-test: Fix new findings (#729)
• pre-commit: Update ansible-lint version to v5.3.2 (#728)
• pre-commit: Use system shellcheck. (#727)
• Github Workflows: Run ansible-lint without an action. (#726)
• ansible-test fixes (#725)
• build-galaxy-release.sh: Use build dir, new options, checks, no reset (#724)
• Enable ansible-test in github workflow (#723)
• ipagroup: Refactor and fix group member management. (#721)
• upstream CI: Wait for KDC to be available. (#717)
• iparole: Add state 'renamed'. (#716)
• Enable pylint for ansible-freeipa roles. (#708)
• upstream CI: Enable nightly tests using ansible-core 2.12. (#706)
• upstream CI: Enable ansible-doc-test for ansible-core 2.12. (#704)
• upstrem CI: Fix Ansible version in pytest playbooks. (#697)
• upstream CI: Add support for CentOS 9 stream. (#696)
• hbacrule: Fix member management idempotence issues. (#686)
• hbacsvcgroup: Fix member management idempotence issues. (#685)
• iparole: Fix idempotence issues (#684)
• sudorule: Create FQDN from single hostnames (#674)
• add module to create and manage automount keys (#498)
• add module to create and manage automount maps (#497)

Detailed changelog since 1.5.3 by author

3 authors, 34 commits

Rafael Guterres Jeffman (27)

• iparole: Skip ansible-test verifications for Python 2.6.
• hbacrule: Fix member management idempotence issues.
• test playbooks: Add fact to define ipaserver_domain if not set.
• pre-commit: Use system shellcheck.
• Github Workflows: Run ansible-lint without an action.
• iparole: Add tests to verify if capitalisation is ignored.
• iparole: rename function get_lowercase to result_get_value_lowercase
• iparole: Fix idempotence issues with members.
• iparole: Ensure host members are lowercase and FQDN.
• IPAAnsibleModule: cache IPA domain.
• iparole: Case insensitive comparison of service members.
• iparole: Remove custom code in favor of commom functions.
• iparole: Removed unused code.
• pylint: Enable pylint for ansible-freeipa roles.
• pylint: Fix pylint issues with modules.
• pylint: Add modules and names that should be ignored by linter.
• Fixed automountkey code review issues.
• Adapt automount to IPAAnsibleModule and add code review modifications.
• ipagroup: Refactor and fix group member management.
• upstream CI: Wait for KDC to be available.
• iparole: Add state 'renamed'.
• sudorule: Create FQDN from single hostnames
• upstream CI: Enable ansible-doc-test for ansible-core 2.12.
• upstream CI: Enable nightly tests using ansible-core 2.12.
• hbacsvcgroup: Fix member management idempotence issues.
• ci: Add support for CentOS 9 Stream on upstream CI.
• upstrem CI: Fix Ansible version in pytest playbooks.

Thomas Woerner (5)

• ansible-test: Fix new findings
• pre-commit: Update ansible-lint version to v5.3.2
• ansible-test fixes
• Enable ansible-test in github workflow
• build-galaxy-release.sh: Use build dir, new options, checks, no reset

chrisp (2)

• New automount key management module
• New automount map management module.

ansible-freeipa-1.5.3

Changes since 1.5.2

• galaxy.yml: Add linux tag for AH (#714)
• Remove unused, old example of ipaclient deploy. (#713)
• Readme fixes (#712)

Detailed changelog since 1.5.2 by author

2 authors, 4 commits

Rafael Guterres Jeffman (1)

• Remove unused, old example of ipaclient deploy.

Thomas Woerner (3)

• galaxy.yml: Add linux tag for AH
• module README files: Drop extra module header in Variables section
• README.md: Add automount location, fix some README links

ansible-freeipa-1.5.2

Changes since 1.5.1

• Automember fixes (#711)
• ipaservice: code refactor (#694)

Detailed changelog since 1.5.1 by author

2 authors, 6 commits

Rafael Guterres Jeffman (2)

• Fix automember test
• ipaservice: code refactor.

Thomas Woerner (4)

• automember: Add support for action: orphans_removed
• automember: Add automember default group handling
• automember: Add automember state: rebuilt
• ansible_freeipa_module: New api_get_basedn, IPAAnsibleModule.ipa_get_basedn

ansible-freeipa-1.5.1

Highlights in version 1.5.1

• More changes related to Automation Hub tests.
• Deprecation of FreeIPABaseModule in favor of IPAAnsibleModule.
• Ubuntu 18.04 deployment fixes.
• Documentation fixes.

Changes since 1.5.0

• More Automation Hub fixes (#709)
• yamllint: Fix missing document start. (#705)
• correct comment in example playbook (#703)
• Login shell is called defaultshell and not defaultlogin (#702)
• Fix role issues in Debian based distros. (#699)
• upstream ci: Build images for CentOS 9 Stream. (#698)
• Deprecate FreeIPABaseModule in favor of IPAAnsibleModule. (#671)

Detailed changelog since 1.5.0 by author

3 authors, 15 commits

Rafael Guterres Jeffman (7)

• yamllint: Fix missing document start.
• upstream ci: Build images for CentOS 9 Stream.
• Debian Buster: Fix "No module named 'ipapython'".
• Ubuntu 18.04: Fix role instalation for Ubuntu Bionic Beaver.
• DNSZone: Use IPAAnsibleModule.
• automountlocation: Use IPAAnsibleModule.
• Deprecate FreeIPABaseModule in favor of IPAAnsibleModule.

Thomas Woerner (6)

• Fix ansible-test reported pep8 errors
• ipabackup_get_backup_dir.py: Add missing ":" in example
• Ignore file for ansible-test sanity 2.12
• utils/gen_module_docs.py: Drop duplicate setup_adtrust key
• Add version for ansible deprecated calls
• build-galaxy-release: Real cleanup of ipabackup_get_backup_dir.py link

jh23453 (2)

• correct comment in example playbook
• Login shell is called defaultshell and not defaultlogin

ansible-freeipa-1.5.0

Highlights in version 1.5.0

• Automation Hub demands that the version of an Ansible Collection is at minumum 1.0.0, therefore the major version of ansible-freeipa has been increased by 1.
• Several changes to be able to pass Automation Hub tests.
• Idempotency fixes in ipaautomember, ipaservice and ipasudorule.
• Upstream tests against multiple Ansible versions.

Changes since 0.4.2

• build-galaxy-release: Cleanup of ipabackup_get_backup_dir.py link (#692)
• Changes needed to pass Automation Hub tests (#691)
• CI: Add supoprt for Shellcheck (#690)
• ansible_module_utils: Add method to get parameters as lowercase. (#683)
• automember: Fix behavior of unused parameters. (#675)
• ipaprivilege: Fix permissions handling. (#670)
• ipaservice: Use IPAAnsibleModule member result handler. (#668)
• ipaservice: Fix idempotent behavior for principal aliases. (#667)
• sudorule: Fix runas with external users and groups. (#665)
• CI: Test modules against Ansible core 2.11 and latest Ansible (#612)

Detailed changelog since 0.4.2 by author

2 authors, 23 commits

Rafael Guterres Jeffman (12)

• ipaservice: Remove custom error handler.
• ipaservice: Use gen_*_lists to avoid unneded API calls.
• linters: Fix shellcheck warnings in 'utils' scripts.
• shellcheck: Run shellcheck as a Github action.
• pre-commit: Add shellcheck to pre-commit configuration.
• CI: Test modules against different Ansible versions.
• ansible_module_utils: Add method to get parameters as lowercase.
• automember: Fix behavior of unused parameters.
• sudorule: Fix runas with external users and groups.
• ipaprivilege: Fix module execution in check_mode.
• ipaprivilege: fix creation of add/del lists for permissions.
• ipaservice: Fix idempotent behavior for principal aliases.

Thomas Woerner (11)

• build-galaxy-release: Cleanup of ipabackup_get_backup_dir.py link
• pylint upstream: Ignore metaclass
• yamllint: Fix EXAMPLE issues
• shellcheck: Double quote to prevent globbing and word splitting
• Use ansible.module_utils.six instead of six
• Add missing whitespace around arithmetic operator
• ipaclient_get_facts: Fix closing bracket does not match indentation
• Remove "’" from yaml files
• Replace asserts with raise AssertionError
• Remove non-module shebang
• Add future imports and metaclass for automationhub

ansible-freeipa-0.4.2

Changes since 0.4.1

• galaxyfy: Fix newline issue in module examples (#659)

Detailed changelog since 0.4.1 by author

1 authors, 1 commits

Thomas Woerner (1)

• galaxyfy: Fix newline issue in module examples

ansible-freeipa-0.4.1

Highlights in version 0.4.1

• This release fixes the client deployment with OTP using the galaxy collection.

Changes since 0.4.0

• galaxyfy: Fix roles after vars (#658)
• build-galaxy-release.sh: Use proper action plugins path plugins/action (#657)

Detailed changelog since 0.4.0 by author

1 authors, 2 commits

Thomas Woerner (2)

• galaxyfy: Fix roles after vars
• build-galaxy-release.sh: Use proper action plugins path plugins/action

ansible-freeipa-0.4.0

Highlights in version 0.4.0

• This release adds a management module for automount location.
• All management modules have been reworked and are using the new IPAAnsibleModule base class. A lot of the common code has been moved into this class and the size of the modules has been reduced. This also simplifies the development of new modules.
• Support for the ipaapi_context parameter has been added to be able to use modules also on IPA client hosts.
• The also new ipaapi_ldap_cache parameter makes it possible to disable the new LDAP cache introduced with latest IPA versions.
• Additionally a lot of bug fixes and cleanups have been done.

Changes since 0.3.8

• Fix module templates README and invalid parameter tests. (#654)
• utils/build-galaxy-release: Fix doc_fragment prefix for galaxy (#653)
• Standardize algorithm to verify if invalid argument was used. (#652)
• Fix execution of client context tests. (#651)
• setup.py: Disable pylint rule import-error. (#650)
• playbooks, README-host: Change exmaple to example (#649)
• server: Express inability to deploy a server in example doc strings (#647)
• tests: Fix facts for iparole tests. (#646)
• Add support for ldap_cache and IPA API configuration. (#645)
• ipaclient_setup_nss: Use proper nosssd_files list (#643)
• ipaserver: Allow configuration of test server name. (#641)
• group: Fix nonposix, posix and external handling and conversions (#640)
• config: Remove unused code. (#639)
• config: Fix data returned from module. (#637)
• ipaconfig: Prevent configuration issues due to test failure. (#635)
• Use execute_ipa_commands for sudocmd plugins. (#634)
• Fix documentation and usage of IPAAnsibleModule (#633)
• ipadnszone: Accept localhost and localnet in allow_query. (#632)
• Remote module execution (#631)
• Use execute ipa commands (#630)
• pylint: Upgrade to version 2.10.2. (#628)
• Use Ansible fact "os_family" as fallback, when distro is not directly suppported. (#627)
• New IPAAnsibleModule class (#626)
• ansible-lint: Add paths and files to exclude list. (#625)
• New ipamodule_base_vars (#624)
• dnszone: remove variable serial. (#623)
• sudorule: Reduce addition and deletion of members to changed only (#622)
• hbacrule: Create FQDN from single hostnames (#619)
• Replace json_query in tests/user/test_users_absent.yml (#614)
• CI: pin ansible-core version for ansible-doc-test. (#613)
• pre-commit: Update version of pre-commit hooks. (#605)
• templates: Use become: no in tests by default. (#603)
• iparole: Add 'new_name' as an alias to 'rename'. (#600)
• ipapermission: Add 'new_name' as an alias to 'rename'. (#599)
• Fix task name in selfservice example playbook. (#598)
• build_containers: build CI container images on Sundays. (#585)
• ipadnszone: add check mode support (#582)
• tests/trust: Add ipaadmin_password to test playbooks. (#578)
• add module to create and manage automount locations (#496)
• Make ansible-lint and yamllint use more strict rules. (#400)

Detailed changelog since 0.3.8 by author

5 authors, 177 commits

Rafael Guterres Jeffman (111)

• templates: Add IPA API connection variables to README.
• templates: Use IPAAnsibleModule params_fail_used_invalid.
• Documentation: Update modules README with ldap_cache variable.
• IPAAnsibleModule: add support for ldap_cache configuration.
• api_connect: Allow configuration of IPA API connection.
• vault: Use IPAAnsibleModule method to validate arguments.
• user: Use IPAAnsibleModule method to validate arguments.
• sudorule: Use IPAAnsibleModule method to validate arguments.
• sudocmdgroup: Use IPAAnsibleModule method to validate arguments.
• sudocmd: Use IPAAnsibleModule method to validate arguments.
• service: Use IPAAnsibleModule method to validate arguments.
• server: Use IPAAnsibleModule method to validate arguments.
• selfservice: Use IPAAnsibleModule method to validate arguments.
• role: Use IPAAnsibleModule method to validate arguments.
• pwpolicy: Use IPAAnsibleModule method to validate arguments.
• privilege: Use IPAAnsibleModule method to validate arguments.
• permission: Use IPAAnsibleModule method to validate arguments.
• location: Use IPAAnsibleModule method to validate arguments.
• hostgroup: Use IPAAnsibleModule method to validate arguments.
• host: Use IPAAnsibleModule method to validate arguments.
• hbacsvcgroup: Use IPAAnsibleModule method to validate arguments.
• hbacsvc: Use IPAAnsibleModule method to validate arguments.
• hbacrule: Use IPAAnsibleModule method to validate arguments.
• group: Use IPAAnsibleModule method to validate arguments.
• dnszone: Use IPAAnsibleModule method to validate arguments.
• dnsrecord: Use IPAAnsibleModule method to validate arguments.
• dnsforwardzone: Use IPAAnsibleModule method to validate arguments.
• dnsconfig: : Use IPAAnsibleModule method to validate arguments.
• delegation: Use IPAAnsibleModule method to validate arguments.
• automember: Use IPAAnsibleModule method to validate arguments.
• IPAAnsibleModule: Provide function to fail in param is invalid.
• Fix execution of client context tests.
• setup.py: Disable pylint rule import-error.
• pre-commit: Exclude env_*.yml files from ansible-lint.
• Fix example playbooks task name to better represent action performed.
• Fix user example playbooks that manage certificate members.
• ipauser, ipahost: Enable verification for certificate tests.
• Make ansible-lint and yamllint use more strict rules.
• Fix comment identation in test playbooks.
• Fix yamllint line-length warnings.
• Fix yamllint colons occurrences.
• Fix yamllint empty-lines occurrences.
• Fix yamllint document-start occurrences.
• Fix Ansible warning on using an integer where a string is expected.
• Ignore ansible-lint error E505 for 'users.json' file.
• Fix ansible-lint error 502 (unnamed-task) for example playbooks.
• Fix ansible-lint E502 for test playbooks.
• Fix ansible-lint E208 by setting file modes in file and copy tasks.
• Fix ansible-lint E206 (var-spacing) on all test and example playbooks.
• Fix ansible-lint E201 by removing trailing white space from playbooks.
• ipavault: Allow execution of plugin in client host.
• topology: Allow execution of plugin in client host.
• ipaselfservice: Allow execution of plugin in client host.
• ipaservice: Allow execution of plugin in client host.
• ipauser: Allow execution of plugin in client host.
• ipatrust: Allow execution of plugin in client host.
• ipasudorule: Allow execution of plugin in client host.
• ipasudocmdgroup: Allow execution of plugin in client host.
• ipasudocmd: Allow execution of plugin in client host.
• ipaserver: Allow execution of plugin in client host.
• iparole: Allow execution of plugin in client host.
• ipapwpolicy: Allow execution of plugin in client host.
• ipaprivilege: Allow execution of plugin in client host.
• ipapermission: Allow execution of plugin in client host.
• ipalocation: Allow execution of plugin in client host.
• ipahostgroup: Allow execution of plugin in client host.
• ipahost: Allow execution of plugin in client host.
• ipahbacsvcgroup: Allow execution of plugin in client host.
• ipahbacsvc: Allow execution of plugin in client host.
• ipahbacrule: Allow execution of plugin in client host.
• ipagroup: Allow execution of plugin in client host.
• ipadnszone: Allow execution of plugin in client host.
• ipadnsrecord: Allow execution of plugin in client host.
• ipadnsforwardzone: Allow execution of plugin in client host.
• ipadnsconfig: Allow execution of plugin in client host.
• ipadelegation: Allow execution of plugin in client host.
• ipaconfig: Allow execution of plugin in client host.
• ipaautomountlocation: Allow execution of plugin in client host.
• tests: Fix facts for iparole tests.
• ipaautomember: Allow execution of plugin in client host.
• tests: Create IPA fact ipa_host_is_client.
• templates: Allow execution of plugins in an IPA client host.
• modules: Allow execution of plugins in an IPA client host.
• ipaserver: Allow configuration of test server name.
• ipaconfig: Prevent configuration issues due to test failure.
• config: Fix data returned from module.
• sudocmdgroup: Use execute_ipa_commands
• sudocmdgroup: Reduce addition and deletion of members to changed only
• config: Remove unused code.
• sudocmd: Use execute_ipa_commands
• CI: pin ansible-core version for ansible-doc-test.
• ipatopologysuffix: Fix usage of IPAAnsibleModule.
• IPAAnsibleModule: Fix example in documentation.
• automountlocation: Use IPAAnsibleModule class
• dnszone: Use IPAAnsibleModule class.
• Make IPAAnsibleModule base class of FreeIPABaseModule.
• templates: Use become: no in playbooks by default.
• iparole: Add 'new_name' as an alias to 'rename'.
• pylint: Upgrade to version 2.10.2.
• ipaserver: Modify vars loading in ansible-freeipa roles.
• ipareplica: Modify vars loading in ansible-freeipa tests.
• ipaclient: Modify vars loading in ansible-freeipa roles.
• ipabackup: Modify vars loading in ansible-freeipa roles.
• ansible-lint: Add paths and files to exclude list.
• dnszone: remove variable serial.
• ipapermission: Add 'new_name' as an alias to 'rename'.
• Fix task name in selfservice example playbook.
• tests/trust: Add ipaadmin_password to test playbooks.
• dnszone: Add support for check_mode.
• FreeIPABaseModule: Add support for check_mode.
• build_containers: build CI container images on Sundays.

Rafael Jeffman (1)

• pre-commit: Update version of pre-commit hooks.

Thomas Woer...

ansible-freeipa-0.3.8

Changes since 0.3.7

• New meta/runtime.yml for galaxy for requires_ansible (#597)
• automember: Verify condition keys (#596)
• ipaautomember: Fix documentation. (#595)

Detailed changelog since 0.3.7 by author

2 authors, 4 commits

Thomas Woerner (2)

• automember: Verify condition keys
• New meta/runtime.yml for galaxy for requires_ansible

Varun Mylaraiah (2)

• Update README-automember.md
• ipaautomember: Fix documentation.

ansible-freeipa-0.3.7

Changes since 0.3.6

• automember: Fix result["failed"] issues with conditions (#590)
• automember: Fix action to be automember or member, not service (#584)
• automember: Fail on wrong in/ex/clusive parameter names (#583)
• ipasudorule: Fix documentation attribute. (#581)
• Remove ignore_errors from pwpolicy tests. (#577)
• galaxy.yml: Drop empty dependencies (#574)
• ipabackup: Use module to get IPA_BACKUP_DIR from ipaplatform (#570)
• Fix display of variables in ipaserver role README. (#569)

Detailed changelog since 0.3.6 by author

2 authors, 9 commits

Rafael Guterres Jeffman (4)

• ipasudorule: Fix documentation attribute.
• tests: Remove ignore_errors from pwpolicy tests.
• ipaserver: Fix display of ipaserver_forward_policy in README.
• ipaserver: Better display or README 'choice' variables.

Thomas Woerner (5)

• automember: Fix result["failed"] issues with conditions
• automember: Fail on wrong in/ex/clusive parameter names
• automember: Fix action to be automember or member, not service
• galaxy.yml: Drop empty dependencies
• ipabackup: Use module to get IPA_BACKUP_DIR from ipaplatform