Skip to content

Releases: freeipa/ansible-freeipa

ansible-freeipa-1.14.1

27 Nov 09:40
6513375
Compare
Choose a tag to compare

Changes since 1.14.0

  • Change minimum Ansible version to 2.14 (#1317)

Detailed changelog since 1.14.0 by author

1 authors, 1 commits

Thomas Woerner (1)

  • Change minimum Ansible version to 2.14

ansible-freeipa-1.14.0

22 Nov 10:01
d580431
Compare
Choose a tag to compare

Highlights in 1.14.0

  • Multi sudorule management with the ipasudorule module
  • Use batch command internally for ipasudorule
  • Lots of CI/infra fixes and enhancements
  • Documentation fixes

Changes since 1.13.2

  • infra/image/build.sh: Use consistent options for hostname (#1311)
  • linters: Remove pydocstyle from linter checks (#1310)
  • Update images to Fedora 41 (#1309)
  • upstream CI: Move scripts that evaluate repo changes to infra/azure (#1308)
  • upstream CI: Use Azure 'loops' to create stages (#1306)
  • ipacert: Fix ipacert tests (#1305)
  • Fix upstream CI and remove molecule (#1300)
  • pylint gihub workflow: Disable too-many-positional-arguments (#1299)
  • fixipaip infra image service: No need for hard coded admin password (#1298)
  • New infra image start (#1292)
  • ipasudorule: Add support for batch mode and multiple sudorules (#1290)
  • fix minor typo in hbacrule and hbacsvcgroup docs (#1285)
  • Infra image system services dns and kinit (#1284)
  • infra/image/system-services: Enhance checks, also fix reverse zone (#1282)
  • tests/user/test_users_present_*: Use new generate_test_data.yml (#1281)
  • README-host.md: correction of managedby_host description (#1280)
  • Run tests with podman and ubuntu 20.04 (#1276)
  • test_services_absent is also part of test_services_present, not needed (#1275)
  • Fix multi user tests (#1274)
  • New image builder without molecule using podman (#1273)
  • tests/service/test_services_present.yml: Add missing cleanup (#1272)
  • Truncate stdout and stderr in upstream test log (#1270)
  • ipauser: Use date string, not datetime object for expiration dates (#1268)

Detailed changelog since 1.13.2 by author

4 authors, 51 commits

Jon Moore (1)

  • fix minor typo in hbacrule and hbacsvcgroup docs

Kees Bakker (1)

  • README-host.md: correction of managedby_host description

Rafael Guterres Jeffman (27)

  • tests/sudorule: Don't become or gather_facts and use only true/false
  • ipasudorule: Add support for batch mode and multiple sudorules
  • ansible_freeipa_module_utils: Add EntryFactory class
  • upstream CI: Use Azure 'loops' to create stages
  • infra/image/build.sh: Use consistent options for hostname
  • linters: Remove pydocstyle from linter checks
  • build images: Force use --privileged on containers
  • build images: Update images for Fedora 41
  • upstream CI: Move scripts that evaluate repo changes to infra/azure
  • upstream CI: Update Ansible version
  • upstream CI: Use Ubuntu 24.04 to build test images
  • upstream CI: Enable creation of CentOS 10 Stream images
  • upstream CI: Simplify pipelines enviroment creation
  • upstream ci: Move Azure scripts to infra directory
  • Remove molecule dependencies
  • upstream CI: Allow podman options when creating containers
  • utils/set_test_modules: Allow to ignore Git differences
  • ipacert: Fix ipacert tests
  • upstream ci: Remove 'molecule' from tests.
  • gitignore: Ignore test results from run-tests.sh
  • tests: Allow to set Python interpreter to be used by Ansible
  • utils: Rewrite run-tests.sh to use functions and extenal scripts
  • ci lint: Allow ShellCheck to test source-d scripts.
  • fixup! New image builder without molecule using podman
  • ustream ci: Use infra scripts to build testing images
  • rjeffman: this is a fixup for infra/images/build.sh
  • Add shell utitily functions for scripts

Thomas Woerner (22)

  • ipauser: Use date string, not datetime object for expiration dates
  • test_services_absent is also part of test_services_present, not needed
  • tests/user/test_users_present_*: Use new generate_test_data.yml
  • fixipaip infra image service: No need for hard coded admin password
  • pylint gihub workflow: Disable too-many-positional-arguments
  • Add ansible-freeipa-tests inventory using podman
  • infra/image/system-service/fixipaip.sh: Behave idempotent
  • infra/image/build.sh: "-s" help fix and cleanup
  • Use container-ipa.target from freeipa-container container project
  • Renamed infra/image/inventory to build-inventory, dropped interpreter
  • infra/image/build.sh: Use new shcontainer
  • New infra/image/start.sh script to start the generated containers
  • infra/image/system-service/fixipaip.sh: Use of admin for kinit call
  • infra/image system-services: Fix DNS forwarder
  • infra/image/system-services: Enhance checks, also fix reverse zone
  • tests/utils.py: Shorten run_playbook for smaller traceback with assert
  • infra/image/build.sh: Fail if deployment failed or podman is missing
  • tests/azure/templates/build_container.yml: Use new image builder
  • New image builder without molecule using podman
  • Fix multi user tests
  • tests/service/test_services_present.yml: Add missing cleanup
  • Truncate stdout and stderr in upstream test log

ansible-freeipa-1.13.2

01 Jul 13:41
16a4eb8
Compare
Choose a tag to compare

Highlights in 1.13.2

  • Support for FreeIPA 4.12
  • Idempotency fixes
  • Minimum supported ansible-core version: 2.15.0
  • Fixes for ansible-test 2.17.1

Changes since 1.13.1

  • Documentation fixes for issues found by ansible-test part of ansible-core 2.17.1 (#1264)
  • tests/sanity/sanity.sh: Install setuptools with pip (#1263)
  • user: Fix idp_user_id aliases (#1262)
  • plugins/inventory/freeipa: Try imports for requests and urllib3 (#1261)
  • permission: Fix idempotency issues for DN parameters (#1259)
  • README-service.md: Add multi service handling (#1255)
  • Convert input certificates (#1250)
  • ansible_freeipa_module: Fix errors in batch mode (#1248)
  • Fixes for FreeIPA 4.12 (#1246)
  • Bump minimum supported Ansible version (#1130)

Detailed changelog since 1.13.1 by author

2 authors, 35 commits

Rafael Guterres Jeffman (9)

  • ansible-freeipa.spec: Bump minimum supported Ansible version to 2.15
  • utils/templates: Bump minimum supported Ansible version to 2.15
  • ipasmartcard_*: Bump minimum supported Ansible version to 2.15
  • ipabackup: Bump minimum supported Ansible version to 2.15
  • ipaserver: Bump minimum supported Ansible version to 2.15
  • ipareplica: Bump minimum supported Ansible version to 2.15
  • ipaclient: Bump minimum supported Ansible version to 2.15
  • README-*: Bump minimum Ansible supported version to 2.15
  • Set collection ansible-core minimum version to 2.15

Thomas Woerner (26)

  • Role modules: Docs: Fix default value for string list parameters
  • tests/utils.py: Fix missing whitespace around arithmetic operator (E226)
  • ipareplica_prepare: Documentation: Fixed name of ipa_client_installed
  • ipaclient_setup_nss: Documentation: Add default for selinux_works
  • service: Docs: Fix required for name, add delete_continue to services
  • idp: Drop no_log from docs section, allow to log token_uri and keys_uri
  • idoverrideuser: Docs: Fix sshpubkey element type, nomembers type
  • cert: Fix short_description tag, add chain option, remove authors
  • inventory/freeipa: Documentation: Fix version_added and drop plugin_type
  • ipamodule_base_docs: Documentation: Fix default for delete_continue
  • tests/sanity/sanity.sh: Install setuptools with pip
  • user: Fix idp_user_id aliases
  • service: Add multi service examples to EXAMPLES
  • README-service.md: Add multi service handling
  • plugins/inventory/freeipa: Try imports for requests and urllib3
  • permission: Fix idempotency issues for DN parameters
  • ansible_freeipa_module: Fix errors in batch mode
  • ipauser: Use new convert_input_certificates
  • ipaidoverrideusere: Use new convert_input_certificates
  • ipahost: Use new convert_input_certificates
  • ipaservice: Use new convert_input_certificates
  • ansible_freeipa_module: New function convert_input_certificates
  • ipareplica: After an HSM replica install ensure all certs are visible
  • ipareplica: Refactor CA file handling
  • ipareplica_install_ca_certs: Do not return unchanged config attributes
  • ipaserver: Set hsm attributes to None for now

ansible-freeipa-1.13.1

27 May 14:06
a1230ca
Compare
Choose a tag to compare

Changes since 1.13.0

  • utils/build-galaxy-release.sh: Fix unary operator expected (v2) (#1242)

Detailed changelog since 1.13.0 by author

1 authors, 1 commits

Thomas Woerner (1)

  • utils/build-galaxy-release.sh: Fix unary operator expected (v2)

ansible-freeipa-1.13.0

27 May 12:56
8779384
Compare
Choose a tag to compare

Highlights in 1.13.0

  • New inventory plugin
  • Use batch command internally for ipahost, ipaservice and ipauser
  • Fix idempotency issues in ipahost, ipaservice and ipauser
  • Fix idempotency in ipaclient_dns_resolver
  • Documentation fixes

Changes since 1.12.1

  • README-group.md: Add missing ":" in multi rename example (#1239)
  • README-user.md: Fix state for user rename in example playbook (#1238)
  • ipahost: Fix idempotency issues (#1237)
  • ipaservice: Do not set continue to None for service_del (#1236)
  • ipauser: Fix idempotency issues for members (#1235)
  • New inventory plugin (#1231)
  • Use batch command internally (#1229)
  • utils/build-galaxy-release.sh: Fix offline default value (#1227)
  • ipalib.install.kinit moved to ipalib (#1226)
  • Bump linter tools versions an fix linter errors (#1225)
  • ipaclient_configure_dns_resolver: Return proper changed state (#1224)
  • utils/build-galaxy-release.sh: Enable offline generation for rpm (#1223)
  • ipaserver_prepare: Properly create IPA_DEFAULT_CONF (#1222)
  • ipaserver: Run custodia setup only once (#1221)
  • ipaserver_test: Return generated domain_name (#1220)
  • Fix ca-less test to use X.509 v3 certificates (#1215)
  • README-dnszone: Fix yaml code block declaration. (#1213)

Detailed changelog since 1.12.1 by author

2 authors, 27 commits

Rafael Guterres Jeffman (6)

  • fixup! pylint: Ignore usage of 'unicode' before assignment
  • pylint: ensure variables are initialized
  • pylint: Ignore usage of 'unicode' before assignment
  • upstream ci: Update Github actions
  • lint tools: bump code verification tools versions
  • README-dnszone: Fix yaml code block declaration.

Thomas Woerner (21)

  • ipahost: Enable batch command with keeponly
  • ipagroup: Enable batch command use with keeponly
  • ipaservice: Enable batch command use with keeponly
  • ipauser: Enable batch command use with keeponly
  • IPAAnsibleModule: Add support for batch command in execute_ipa_commands
  • README-group.md: Add missing ":" in multi rename example
  • README-user.md: Fix state for user rename in example playbook
  • utils/build-galaxy-release.sh: Fix unary operator expected
  • New inventory plugin
  • ipahost: Fix idempotency issues
  • ansible_freeipa_module: Import and provide normalize_sshpubkey
  • ipaservice: Do not set continue to None for service_del
  • ipauser: Fix idempotency issues for members
  • ipalib.install.kinit moved to ipalib
  • utils/build-galaxy-release.sh: Fix offline default value
  • ipaclient_configure_dns_resolver: Return proper changed state
  • utils/build-galaxy-release.sh: Enable offline generation for rpm
  • ipaserver_prepare: Properly create IPA_DEFAULT_CONF
  • ipaserver: Run custodia setup only once
  • ipaserver_test: Return generated domain_name
  • Fix ca-less test to use X.509 v3 certificates

ansible-freeipa-1.12.1

12 Feb 14:37
a3a6919
Compare
Choose a tag to compare

Highlights in 1.12.1

  • Fix ipaserver deployment on CentOS 8 Stream
  • Fix ipaclient deployment with automount
  • Fix ipaclient OTP error reporting
  • Add missing support for renaming groups and users
  • Idempotency fixes in several modules

Changes since 1.12.0

  • Disable config tests for pac type without ms pac (#1211)
  • ipaclient_setup_automount with new install states (#1208)
  • ipaclient: Enable SELinux for SSSD (#1207)
  • ipaserver: Fix deployment after Bronze-bit fix (#1206)
  • ipahbacrule: Fix handling of hbacsvcgroup in members (#1203)
  • ipahostgroup: Fix idempotence issues due to capitalization (#1202)
  • ipagroup: Fix idempotence issues due to capitalization (#1201)
  • Fixes for ansible-lint 6.22.1 (#1195)
  • Revert "[TEMP] Enable only idp, service and user module tests" (#1189)
  • Bump minimum ansible-lint version to 6.22 (#1188)
  • ipaclient: Fix OTP error reporting (#1187)
  • test_host_random: No jinja2 templating in conditional statements (#1186)
  • upstream ci: Increase timeout for PR tests (#1184)
  • ipaidp: Fix validation and reset of parameters (#1183)
  • test_pwpolicy: minlength parameter can be reset with empty string now (#1180)
  • ipagroup: Add support for renaming groups (#1178)
  • ipauser: Add support for renaming users (#1174)
  • ipaclient: Properly name automount_location var and add documentation (#1169)
  • ipareplica: Support inventory groups.ipaserver (#1151)
  • ipauser: Do not try to modify user when not changing password (#1149)
  • ipadnszone: Add support for per-zone privilege delegation (#1147)
  • Handle data type or empty string in module_utils (#1143)
  • ipasudorule: Allow setting groups for runasuser. (#899)
  • ipadelegation: Fix idempotence issues due to capitalization. (#760)

Detailed changelog since 1.12.0 by author

2 authors, 31 commits

Rafael Guterres Jeffman (20)

  • ipadelegation: Fix idempotence issues due to capitalization.
  • ipagroup: Fix idempotence issues due to capitalization
  • ipahostgroup: Fix idempotence issues due to capitalization
  • ipaserver: Fix deployment after Bronze-bit fix
  • ipahbacrule: Fix handling of hbacsvcgroup in members
  • ipasudorule: Allow setting groups for runasuser.
  • ipagroup: Add support for renaming groups
  • tests/group: Use module_defaults on tests_group
  • ipauser: Add support for renaming users
  • ipadnszone: Add support for per-zone privilege delegation
  • idoveridegroup: Use module.params_get_type
  • idoverideuser: Use module.params_get_type
  • ipapwpolicy: Use modules.params_get_type
  • ansible_freeipa_module: Ensure data type when retrieving parameter
  • Rename parameter 'allow_empty_string' to 'allow_empty_list_item'
  • upstream ci: Increase timeout for PR tests
  • Bump minimum ansible-lint version to 6.22
  • ipaclient: Fix OTP error reporting
  • ipauser: Do not try to modify user when not changing password
  • ipareplica: Support inventory groups.ipaserver

Thomas Woerner (11)

  • config: Disable config tests due to pac type requirement MS-PAC
  • ipaclient_setup_automount: Only return changed if there was a change
  • ipaclient_setup_automount with new install states
  • ipaclient: Enable SELinux for SSSD
  • Fixes for ansible-lint 6.22.1
  • Revert "[TEMP] Enable only idp, service and user module tests"
  • test_host_random: No jinja2 templating in conditional statements
  • [TEMP] Enable only idp, service and user module tests
  • ipaidp: Fix validation and reset of parameters
  • test_pwpolicy: minlength parameter can be reset with empty string now
  • ipaclient: Properly name automount_location var and add documentation

ansible-freeipa-1.12.0

24 Nov 16:40
1930d8c
Compare
Choose a tag to compare

Highlights in 1.12.0

  • New idoverridegroup management module.
  • New idoverrideuser management module.
  • New idview management module.
  • New idp management module.
  • Bug fixes and CI improvements.

Changes since 1.11.1

  • idoverride{user,group}: Fix delete_continue with state absent (#1176)
  • ipahost: Remove dangling dns records during test setup (#1173)
  • Update ansible-lint and pylint versions (#1170)
  • Reproduce upstream CI groups in developer's machine (#1168)
  • upstream CI: Pin ansible-lint version to 6.20 series (#1159)
  • ipaidview: Fail to apply unknown (invalid) hosts (#1158)
  • upstream CI: Pin Python version to 3.11 (#1157)
  • hbacsvcgroup: Remove obsolete result_handler (#1156)
  • hbacrule: Fix use of builtin sudo hbacsvcgroup (#1155)
  • upstream CI: Fix test selection for CheckPR pipeline. (#1148)
  • utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management (#1146)
  • Revert "upstream ci: Run nightly tests against Ansible 2.9" (#1145)
  • Ensure CI runs against the oldest supported Ansible versions. (#1144)
  • Do not use "del os.environ" as the variable might not exist (#1142)
  • New idoverridegroup management module. (#1141)
  • new_module template fixes (#1140)
  • New idoverrideuser management module. (#1139)
  • spec file: Updated list of modules (#1138)
  • Bump Ansible version to 2.13 (#1136)
  • New idview management module. (#1134)
  • ipacert: Fix revocation example playbook on README (#1133)
  • Updated supported distros (#1131)
  • upstream ci: fix sanity test ansible lint failures (#1120)
  • Bump linter versions. (#1112)
  • New idp management module (#1105)
  • upstream CI: Build containers in parallel jobs (#1104)

Detailed changelog since 1.11.1 by author

2 authors, 40 commits

Rafael Guterres Jeffman (28)

  • ipahost: Remove dangling dns records during test setup
  • utils/run-tests.sh: Replicate Azure's test grouping
  • Update ansible-lint and pylint versions
  • upstream CI: Build containers in parallel jobs
  • upstream ci: Run PR tests using a single job.
  • upstream ci: Use a single random seed for spliting tests
  • upstream CI: Fix test selection for CheckPR pipeline.
  • upstream CI: Pin ansible-lint version to 6.20 series
  • upstream CI: Pin Python version to 3.11
  • Revert "upstream ci: Run nightly tests against Ansible 2.9"
  • upstream ci: Run nightly tests against Ansible 2.9
  • upstream ci: Run PR checks against the oldest supported ansible-core
  • pylint: Fix redefined-builtin
  • pylint: Fix unused-argument
  • ci: Bump pylint version
  • development: Bump versions of development checks
  • pylint: Unnecessary parens after '=' keyword
  • Change 'Exception' to 'RuntimeError' when FreeIPA version is too old
  • pylint: Disable broad exception warnings
  • pylint: Fix warning 'unnecessary "else" after "return"'
  • pylint: Disable warning when using non-literal dict
  • spec file: Updated list of modules
  • ansible-freeipa: Bump minimum supported Ansible version to 2.13
  • README-*: Bump minimum supported Ansible version to 2.13
  • roles: Bump minimum Ansible version to 2.13
  • ansible-lint: Use the same command line as galaxy-importer
  • ipacert: Fix revocation example playbook on README
  • Updated supported distros

Thomas Woerner (12)

  • idoverride{user,group}: Fix delete_continue with state absent
  • ipaidview: Fail to apply unknown (invalid) hosts
  • hbacsvcgroup: Remove obsolete result_handler
  • hbacrule: Fix use of builtin sudo hbacsvcgroup
  • utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management
  • New idp management module
  • New idoverridegroup management module.
  • New idoverrideuser management module.
  • Do not use "del os.environ" as the variable might not exist
  • utils/templates/ipamodule*.py.in: Fix superfluous type in argument spec
  • utils/templates/test_module_client_context.yml.in: Fix FQDN issue
  • New idview management module.

ansible-freeipa-1.11.1

24 Jul 11:05
cf779e4
Compare
Choose a tag to compare

Highlights in 1.11.1

  • Support for GECOS, street, smb and idp attributes in ipauser module
  • Support for indirect maps in ipaautomountmap module
  • Update of user_auth_type choices in ipaconfig and ipauser modules
  • Update of auth_ind choices in ipahost and ipaservice modules
  • Upstream test and environment enhancements
  • Documentation updates

Changes since 1.11.0

  • ci: Increase verbosity for Ansible playbook runs (#1123)
  • ansible_freeipa_module: Fix ipa_command_invalid_param_choices (#1122)
  • Update authtypes authind readmes (#1119)
  • Update authtypes authind (#1118)
  • ipaserver: Update README with detailed Ubuntu support (#1117)
  • utils/run-tests.sh: Install Ansible collections on virtual environment (#1116)
  • Remove dependency on 'virtualenv' (#1114)
  • Singular to plural on random serial numbers setting (#1106)
  • upstream CI: Update ansible-core version (#1100)
  • doc: Differentiate location meaning between host and server (#1098)
  • Fix handling of ipapwpolicy attributes usercheck and dictcheck (#1076)
  • ipaautomountmap: add support for indirect maps (#1075)
  • ipauser: Add support for SMB attributes. (#1056)
  • ipauser: Support for External IdP attributes. (#1055)
  • ipauser: Add support for parameter "street" (#1044)
  • ipauser: Add support to modify GECOS field. (#1039)

Detailed changelog since 1.11.0 by author

3 authors, 25 commits

Rafael Guterres Jeffman (14)

  • ci: Increase verbosity for Ansible playbook runs
  • ipauser: Support for External IdP attributes.
  • ipaserver: Update README with detailed Ubuntu support
  • ipaautomountmap: add support for indirect maps
  • utils/run-tests.sh: Install Ansible collections on virtual environment
  • ipauser: Add support for SMB attributes.
  • doc: Differentiate location meaning between host and server
  • Remove dependency on 'virtualenv'
  • ipauser: Add support for parameter "street"
  • ipapwpolicy: Updated module documentation.
  • ipapwpolicy: Modify handling of usercheck and dictcheck
  • module_utils: Export Ansible's 'boolean' parsing function.
  • ipauser: Add support to modify GECOS field.
  • upstream CI: Update ansible-core version

Renich Bon Ciric (1)

  • Singular to plural on random serial numbers setting

Thomas Woerner (10)

  • ansible_freeipa_module: Fix ipa_command_invalid_param_choices
  • README-user.md: Add choices pkinit, hardened and idp to user_auth_type
  • README-service.md: Add choice idp to auth_ind
  • README-host.md: Add choice idp to auth_ind
  • README-config.md: Add choices pkinit, hardened and idp to user_auth_type
  • ipauser: Add choices pkinit, hardened and idp to user_auth_type
  • ipaservice: Add choice idp to auth_ind
  • ipahost: Add choice idp to auth_ind
  • ipaconfig: Add choices pkinit, hardened and idp to user_auth_type
  • ansible_freeipa_module: New ipa_command_invalid_param_choices method

ansible-freeipa-1.11.0

12 Jun 08:58
45700bc
Compare
Choose a tag to compare

Highlights in 1.11.0

  • Multiple service management with ipaservice module
  • New ipacert module for certificate management
  • Action group support for the Ansible collections on Ansible Galaxy and Ansible AutomationHub
  • Fixed maxsequence handling in ipapwpolicy module
  • Even more Ansible lint driven changes

Changes since 1.10.0

  • Multiple service management (#1101)
  • Don't allow the FQDN to match the domain on server installs (#1099)
  • upstream CI: Disable ansible-lint var-naming check (#1097)
  • Upstream CI: Disable execution of pytest tests (#1094)
  • tests/azure/templates/build_container.yml: Quote requests with version (#1092)
  • Pin requests to < 2.29 temporarily (#1089)
  • Fix new ansible lint disallowes ignores (#1088)
  • tests/azure: Install molecule-plguins to get docker driver (#1083)
  • pwpolicy test: Fix maxsequence test (#1082)
  • Fix typo in ipapwpolicy.py (#1081)
  • Create action group in collection for use with module_defaults (#1080)
  • ipapwpolicy: simplified and faster attribute verification (#1078)
  • Make Git ignore temporary and output files. (#1077)
  • Fixes and enhancements for utils/new_module and templates (#1035)
  • ipacert module (#687)

Detailed changelog since 1.10.0 by author

5 authors, 30 commits

Denis Karpelevich (1)

  • Allow multiple services creation

Jacob Cutright (1)

  • Fix typo in ipapwpolicy.py

Rafael Guterres Jeffman (6)

  • Don't allow the FQDN to match the domain on server installs
  • upstream CI: Disable ansible-lint var-naming check
  • Upstream CI: Disable execution of pytest tests.
  • Make Git ignore temporary and output files.
  • utils/new_module: Ensure correct number of parameters for new_module
  • ipapwpolicy: simplified and faster attribute verification

Sam Morris (1)

  • New certificate management module.

Thomas Woerner (21)

  • pwpolicy test: Fix maxsequence test
  • ipaservice: Updated and new tests for certificates and multi service handling
  • ipaservice: Add Denis Karpelevich to the authors header
  • ipaservice: Properly Handle certs with leading or trailing white space
  • tests/azure/templates/build_container.yml: Quote requests with version
  • ansible_freeipa_module.py: Calm down ansible-test on print and sys.exit
  • ipaserver_test.py: Add missing default for random_serial_numbers
  • ansible-test: Do not use automatic field numbering specification
  • Use "#!/usr/bin/env python" for python shebang
  • Add -eu to all bash shebangs
  • Remove old or empty sanity ignore files
  • Pin requests to < 2.29 temporarily
  • tests/azure: Install molecule-plguins to get docker driver
  • utils/templates/test_module*.yml.in: Use generic module_defaults
  • utils/templates/test_module*.yml.in: Better docs for become and gather_facts
  • utils/templates/{README*.md.in,test_module*.yml.in}: Use true and false
  • utils/build-galaxy-release.sh: Create module action group
  • utils/galaxyfy.py: Handle module_defaults, match roles and modules
  • New utils/facts.py: Provide facts about the repo like role and module lists
  • utils/templates/ipamodule.py.in: Add missing bracket
  • utils/new_module: Fix github_user test

ansible-freeipa-1.10.0

05 Apr 14:30
b861a61
Compare
Choose a tag to compare

Highlights in 1.10.0

  • ipagroup: Allow multiple group management.
  • ipaclient: Add subid option to select the sssd profile with-subid.
  • ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup.
  • ipaclient: Keep server affinity while deploying by deferring the creation the final krb5.conf.
  • ipaserver: Allow deployments with random serial numbers.
  • ipareplica/server: Enable removal from domain with undeployment.
  • More Ansible lint fixes.

Changes since 1.9.2

  • ipaserver: Do not enable random serial numbers by default (#1073)
  • ipagroup: Fix ensuring external group group members (without trust-ad) (#1072)
  • Ansible lint fixes (#1069)
  • ipareplica/server: Enable removal from domain with undeployment (#1068)
  • ipaclient: Defer krb5 configuration fix (#1067)
  • ipareplica role: Remove usage of undefined parameters. (#1062)
  • roles/ipaserver: Allow deployments with random serial numbers (#1060)
  • ipahost: Make return value depending on hosts parameter (#1058)
  • ipauser: Make return value depending on users parameter (#1053)
  • Migrated to SPDX license. (#1051)
  • ipaclient: Defer creating the final krb5.conf on clients (#1050)
  • Update EXAMPLE sections for multiuser and multihost handling. (#1047)
  • Fix ansible-lint on tests (#1046)
  • ipauser: Better description of UID and GID parameters (#1045)
  • ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup (#1037)
  • [RFE] Allow multiple groups creation (#1001)
  • Add subid option to select the sssd profile with-subid. (#974)

Detailed changelog since 1.9.2 by author

3 authors, 26 commits

Denis Karpelevich (3)

  • [RFE] Allow multiple groups creation.
  • Add subid option to select the sssd profile with-subid.
  • Update EXAMPLE sections for multiuser and multihost handling.

Rafael Guterres Jeffman (8)

  • roles/ipaserver: Allow deployments with random serial numbers
  • ipareplica role: Remove usage of undefined parameters.
  • Migrated to SPDX license.
  • ipauser: Better description of UID and GID parameters
  • ansible-lint: License must be defined as a list.
  • ansible-lint: Fixed dangling 'when' clause.
  • ansible-lint: Fix key order on upstream tests
  • ansible-lint: Use 'missing-import' instead of '505'

Thomas Woerner (15)

  • ipaserver: Do not enable random serial numbers by default
  • ipagroup: Handle ensuring groups with mixed types without IPA fix 6741
  • ipagroup: Fix ensuring external group group members (without trust-ad)
  • ipareplica/server: Enable removal from domain with undeployment
  • tests/config/test_config_sid: Mark tasks as noqa 503
  • ipareplica/server: Always cleanup root IPA cache
  • ipaclient_configure_dns_resolver: Removed bad aliases
  • ipapwpolicy: The alias for usercheck in argument_spec had typo
  • ipanetgroup: Missing type for action and state DOCUMENTATION section
  • ipaclient: ipaclient_fix_ca also needs krb_name parameter
  • ipaclient: ipaclient_setup_nss also needs krb_name parameter
  • ipahost: Make return value depending on hosts parameter
  • ipauser: Make return value depending on users parameter
  • ipaclient: Defer creating the final krb5.conf on clients
  • ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup