ansible-freeipa-1.12.0

Highlights in 1.12.0

• New idoverridegroup management module.
• New idoverrideuser management module.
• New idview management module.
• New idp management module.
• Bug fixes and CI improvements.

Changes since 1.11.1

• idoverride{user,group}: Fix delete_continue with state absent (#1176)
• ipahost: Remove dangling dns records during test setup (#1173)
• Update ansible-lint and pylint versions (#1170)
• Reproduce upstream CI groups in developer's machine (#1168)
• upstream CI: Pin ansible-lint version to 6.20 series (#1159)
• ipaidview: Fail to apply unknown (invalid) hosts (#1158)
• upstream CI: Pin Python version to 3.11 (#1157)
• hbacsvcgroup: Remove obsolete result_handler (#1156)
• hbacrule: Fix use of builtin sudo hbacsvcgroup (#1155)
• upstream CI: Fix test selection for CheckPR pipeline. (#1148)
• utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management (#1146)
• Revert "upstream ci: Run nightly tests against Ansible 2.9" (#1145)
• Ensure CI runs against the oldest supported Ansible versions. (#1144)
• Do not use "del os.environ" as the variable might not exist (#1142)
• New idoverridegroup management module. (#1141)
• new_module template fixes (#1140)
• New idoverrideuser management module. (#1139)
• spec file: Updated list of modules (#1138)
• Bump Ansible version to 2.13 (#1136)
• New idview management module. (#1134)
• ipacert: Fix revocation example playbook on README (#1133)
• Updated supported distros (#1131)
• upstream ci: fix sanity test ansible lint failures (#1120)
• Bump linter versions. (#1112)
• New idp management module (#1105)
• upstream CI: Build containers in parallel jobs (#1104)

Detailed changelog since 1.11.1 by author

2 authors, 40 commits

Rafael Guterres Jeffman (28)

• ipahost: Remove dangling dns records during test setup
• utils/run-tests.sh: Replicate Azure's test grouping
• Update ansible-lint and pylint versions
• upstream CI: Build containers in parallel jobs
• upstream ci: Run PR tests using a single job.
• upstream ci: Use a single random seed for spliting tests
• upstream CI: Fix test selection for CheckPR pipeline.
• upstream CI: Pin ansible-lint version to 6.20 series
• upstream CI: Pin Python version to 3.11
• Revert "upstream ci: Run nightly tests against Ansible 2.9"
• upstream ci: Run nightly tests against Ansible 2.9
• upstream ci: Run PR checks against the oldest supported ansible-core
• pylint: Fix redefined-builtin
• pylint: Fix unused-argument
• ci: Bump pylint version
• development: Bump versions of development checks
• pylint: Unnecessary parens after '=' keyword
• Change 'Exception' to 'RuntimeError' when FreeIPA version is too old
• pylint: Disable broad exception warnings
• pylint: Fix warning 'unnecessary "else" after "return"'
• pylint: Disable warning when using non-literal dict
• spec file: Updated list of modules
• ansible-freeipa: Bump minimum supported Ansible version to 2.13
• README-*: Bump minimum supported Ansible version to 2.13
• roles: Bump minimum Ansible version to 2.13
• ansible-lint: Use the same command line as galaxy-importer
• ipacert: Fix revocation example playbook on README
• Updated supported distros

Thomas Woerner (12)

• idoverride{user,group}: Fix delete_continue with state absent
• ipaidview: Fail to apply unknown (invalid) hosts
• hbacsvcgroup: Remove obsolete result_handler
• hbacrule: Fix use of builtin sudo hbacsvcgroup
• utils/ansible-freeipa.spec.in: Add ref for idoverridegroup management
• New idp management module
• New idoverridegroup management module.
• New idoverrideuser management module.
• Do not use "del os.environ" as the variable might not exist
• utils/templates/ipamodule*.py.in: Fix superfluous type in argument spec
• utils/templates/test_module_client_context.yml.in: Fix FQDN issue
• New idview management module.

ansible-freeipa-1.11.1

Highlights in 1.11.1

• Support for GECOS, street, smb and idp attributes in ipauser module
• Support for indirect maps in ipaautomountmap module
• Update of user_auth_type choices in ipaconfig and ipauser modules
• Update of auth_ind choices in ipahost and ipaservice modules
• Upstream test and environment enhancements
• Documentation updates

Changes since 1.11.0

• ci: Increase verbosity for Ansible playbook runs (#1123)
• ansible_freeipa_module: Fix ipa_command_invalid_param_choices (#1122)
• Update authtypes authind readmes (#1119)
• Update authtypes authind (#1118)
• ipaserver: Update README with detailed Ubuntu support (#1117)
• utils/run-tests.sh: Install Ansible collections on virtual environment (#1116)
• Remove dependency on 'virtualenv' (#1114)
• Singular to plural on random serial numbers setting (#1106)
• upstream CI: Update ansible-core version (#1100)
• doc: Differentiate location meaning between host and server (#1098)
• Fix handling of ipapwpolicy attributes usercheck and dictcheck (#1076)
• ipaautomountmap: add support for indirect maps (#1075)
• ipauser: Add support for SMB attributes. (#1056)
• ipauser: Support for External IdP attributes. (#1055)
• ipauser: Add support for parameter "street" (#1044)
• ipauser: Add support to modify GECOS field. (#1039)

Detailed changelog since 1.11.0 by author

3 authors, 25 commits

Rafael Guterres Jeffman (14)

• ci: Increase verbosity for Ansible playbook runs
• ipauser: Support for External IdP attributes.
• ipaserver: Update README with detailed Ubuntu support
• ipaautomountmap: add support for indirect maps
• utils/run-tests.sh: Install Ansible collections on virtual environment
• ipauser: Add support for SMB attributes.
• doc: Differentiate location meaning between host and server
• Remove dependency on 'virtualenv'
• ipauser: Add support for parameter "street"
• ipapwpolicy: Updated module documentation.
• ipapwpolicy: Modify handling of usercheck and dictcheck
• module_utils: Export Ansible's 'boolean' parsing function.
• ipauser: Add support to modify GECOS field.
• upstream CI: Update ansible-core version

Renich Bon Ciric (1)

• Singular to plural on random serial numbers setting

Thomas Woerner (10)

• ansible_freeipa_module: Fix ipa_command_invalid_param_choices
• README-user.md: Add choices pkinit, hardened and idp to user_auth_type
• README-service.md: Add choice idp to auth_ind
• README-host.md: Add choice idp to auth_ind
• README-config.md: Add choices pkinit, hardened and idp to user_auth_type
• ipauser: Add choices pkinit, hardened and idp to user_auth_type
• ipaservice: Add choice idp to auth_ind
• ipahost: Add choice idp to auth_ind
• ipaconfig: Add choices pkinit, hardened and idp to user_auth_type
• ansible_freeipa_module: New ipa_command_invalid_param_choices method

ansible-freeipa-1.11.0

Highlights in 1.11.0

• Multiple service management with ipaservice module
• New ipacert module for certificate management
• Action group support for the Ansible collections on Ansible Galaxy and Ansible AutomationHub
• Fixed maxsequence handling in ipapwpolicy module
• Even more Ansible lint driven changes

Changes since 1.10.0

• Multiple service management (#1101)
• Don't allow the FQDN to match the domain on server installs (#1099)
• upstream CI: Disable ansible-lint var-naming check (#1097)
• Upstream CI: Disable execution of pytest tests (#1094)
• tests/azure/templates/build_container.yml: Quote requests with version (#1092)
• Pin requests to < 2.29 temporarily (#1089)
• Fix new ansible lint disallowes ignores (#1088)
• tests/azure: Install molecule-plguins to get docker driver (#1083)
• pwpolicy test: Fix maxsequence test (#1082)
• Fix typo in ipapwpolicy.py (#1081)
• Create action group in collection for use with module_defaults (#1080)
• ipapwpolicy: simplified and faster attribute verification (#1078)
• Make Git ignore temporary and output files. (#1077)
• Fixes and enhancements for utils/new_module and templates (#1035)
• ipacert module (#687)

Detailed changelog since 1.10.0 by author

5 authors, 30 commits

Denis Karpelevich (1)

• Allow multiple services creation

Jacob Cutright (1)

• Fix typo in ipapwpolicy.py

Rafael Guterres Jeffman (6)

• Don't allow the FQDN to match the domain on server installs
• upstream CI: Disable ansible-lint var-naming check
• Upstream CI: Disable execution of pytest tests.
• Make Git ignore temporary and output files.
• utils/new_module: Ensure correct number of parameters for new_module
• ipapwpolicy: simplified and faster attribute verification

Sam Morris (1)

• New certificate management module.

Thomas Woerner (21)

• pwpolicy test: Fix maxsequence test
• ipaservice: Updated and new tests for certificates and multi service handling
• ipaservice: Add Denis Karpelevich to the authors header
• ipaservice: Properly Handle certs with leading or trailing white space
• tests/azure/templates/build_container.yml: Quote requests with version
• ansible_freeipa_module.py: Calm down ansible-test on print and sys.exit
• ipaserver_test.py: Add missing default for random_serial_numbers
• ansible-test: Do not use automatic field numbering specification
• Use "#!/usr/bin/env python" for python shebang
• Add -eu to all bash shebangs
• Remove old or empty sanity ignore files
• Pin requests to < 2.29 temporarily
• tests/azure: Install molecule-plguins to get docker driver
• utils/templates/test_module*.yml.in: Use generic module_defaults
• utils/templates/test_module*.yml.in: Better docs for become and gather_facts
• utils/templates/{README*.md.in,test_module*.yml.in}: Use true and false
• utils/build-galaxy-release.sh: Create module action group
• utils/galaxyfy.py: Handle module_defaults, match roles and modules
• New utils/facts.py: Provide facts about the repo like role and module lists
• utils/templates/ipamodule.py.in: Add missing bracket
• utils/new_module: Fix github_user test

ansible-freeipa-1.10.0

Highlights in 1.10.0

• ipagroup: Allow multiple group management.
• ipaclient: Add subid option to select the sssd profile with-subid.
• ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup.
• ipaclient: Keep server affinity while deploying by deferring the creation the final krb5.conf.
• ipaserver: Allow deployments with random serial numbers.
• ipareplica/server: Enable removal from domain with undeployment.
• More Ansible lint fixes.

Changes since 1.9.2

• ipaserver: Do not enable random serial numbers by default (#1073)
• ipagroup: Fix ensuring external group group members (without trust-ad) (#1072)
• Ansible lint fixes (#1069)
• ipareplica/server: Enable removal from domain with undeployment (#1068)
• ipaclient: Defer krb5 configuration fix (#1067)
• ipareplica role: Remove usage of undefined parameters. (#1062)
• roles/ipaserver: Allow deployments with random serial numbers (#1060)
• ipahost: Make return value depending on hosts parameter (#1058)
• ipauser: Make return value depending on users parameter (#1053)
• Migrated to SPDX license. (#1051)
• ipaclient: Defer creating the final krb5.conf on clients (#1050)
• Update EXAMPLE sections for multiuser and multihost handling. (#1047)
• Fix ansible-lint on tests (#1046)
• ipauser: Better description of UID and GID parameters (#1045)
• ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup (#1037)
• [RFE] Allow multiple groups creation (#1001)
• Add subid option to select the sssd profile with-subid. (#974)

Detailed changelog since 1.9.2 by author

3 authors, 26 commits

Denis Karpelevich (3)

• [RFE] Allow multiple groups creation.
• Add subid option to select the sssd profile with-subid.
• Update EXAMPLE sections for multiuser and multihost handling.

Rafael Guterres Jeffman (8)

• roles/ipaserver: Allow deployments with random serial numbers
• ipareplica role: Remove usage of undefined parameters.
• Migrated to SPDX license.
• ipauser: Better description of UID and GID parameters
• ansible-lint: License must be defined as a list.
• ansible-lint: Fixed dangling 'when' clause.
• ansible-lint: Fix key order on upstream tests
• ansible-lint: Use 'missing-import' instead of '505'

Thomas Woerner (15)

• ipaserver: Do not enable random serial numbers by default
• ipagroup: Handle ensuring groups with mixed types without IPA fix 6741
• ipagroup: Fix ensuring external group group members (without trust-ad)
• ipareplica/server: Enable removal from domain with undeployment
• tests/config/test_config_sid: Mark tasks as noqa 503
• ipareplica/server: Always cleanup root IPA cache
• ipaclient_configure_dns_resolver: Removed bad aliases
• ipapwpolicy: The alias for usercheck in argument_spec had typo
• ipanetgroup: Missing type for action and state DOCUMENTATION section
• ipaclient: ipaclient_fix_ca also needs krb_name parameter
• ipaclient: ipaclient_setup_nss also needs krb_name parameter
• ipahost: Make return value depending on hosts parameter
• ipauser: Make return value depending on users parameter
• ipaclient: Defer creating the final krb5.conf on clients
• ipaclient: Fix allow_repair with removed krb5.conf and DNS lookup

ansible-freeipa-1.9.2

Changes since 1.9.1

• ipabackup: Use ipabackup_item again in copy_backup_to_server (#1033)

Detailed changelog since 1.9.1 by author

1 authors, 1 commits

Thomas Woerner (1)

• ipabackup: Use ipabackup_item again in copy_backup_to_server

ansible-freeipa-1.9.1

Highlights in 1.9.1

• Ansible 2.14 test and lint fixes
• pwpolicy: Allow clearing policy values
• More bug fixes

Changes since 1.9.0

• upstream CI: increase Azure test timeout. (#1031)
• Use yml extension for pytest tests (#1030)
• playbooks: Fix automount tasks to make ansible-lint happy (#1029)
• dnszone tests: Fix typo on task names. (#1028)
• playbooks/automount: All playbooks should use .yml (#1027)
• Ansible lint tests (#1026)
• pwpolicy: Fix tests for 'minlength: ""' (#1024)
• .github/workflows/lint.yml: ansible-lint needs collection source dir (#1023)
• pwpolicy: Fix new bool checks for IPA prior to 4.9.10 (#1022)
• utils files: Support builtins with ansible.builtin. prefix (#1016)
• Fix ansible-test lint warnings in roles. (#1014)
• yamllint: All tasks need to be named (#1013)
• pwpolicy: Allow clearing policy values. (#1012)
• upstream ci: Allow tasks to retry in case of connection failure. (#1009)
• Use FQCN for ansible.builtin (#1007)
• Use netgroup_find instead of netgroup_show to workaround IPA bug. (#1003)
• ansible-freeipa.spec.in: Fix for loop with wildcard (#1002)
• Update development and Github workflow tools. (#999)
• upstream ci: Update Ansible versions on Azure pipelines. (#977)

Detailed changelog since 1.9.0 by author

3 authors, 66 commits

Denis Karpelevich (1)

• Use netgroup_find instead of netgroup_show to workaround IPA bug.

Rafael Guterres Jeffman (19)

• upstream CI: increase Azure test timeout.
• playbooks: Fix automount tasks to make ansible-lint happy
• dnszone tests: Fix typo on task names.
• pwpolicy: Fix tests for 'minlength: ""'
• ansible-lint: Fix file kind and ignores.
• roles: Fix ansible-lint name:template warnings
• roles: Fix ansible-lint warning on var-naming.
• Fix issues raised by Flake8 version 5.0.3
• Fix issues raised by Pylint version 2.14.4.
• Update Github workflow linter and check tools.
• pwpolicy: Allow clearing policy values.
• upstream ci: Update Ansible versions on Azure pipelines.
• Update development tools.
• roles: Fix when, block and always key order.
• roles: Fix jinja2 template spacing
• roles: Fix task names to start with uppercase letters
• roles: Fix use of ansible.builtin.fail free-form message.
• roles: Fix type of data used for for versions in meta files
• upstream ci: Allow tasks to retry in case of connection failure.

Thomas Woerner (46)

• Use yml extension for pytest tests
• playbooks/automount: All playbooks should use .yml
• ansible-lint: All names should start with an uppercase letter
• Fix jinja2 white spaces issues reported by ansible-lint
• Improve jinja2 spacing: Remove space between join and ()
• .github/workflows/lint.yml: Enable ansible-lint for the whole collection
• .ansible-lint: Deactivate experimental and name[template] tests
• .github/workflows/lint.yml: ansible-lint needs collection source dir
• pwpolicy: Fix new bool checks for IPA prior to 4.9.10
• yamllint: All tasks need to be named
• utils/get_test_modules.py: Support ansible.builtin. prefix
• utils/galaxyfy.py: Support builtins with ansible.builtin. prefix
• vault: Use FQCN for ansible.builtin
• user: Use FQCN for ansible.builtin
• trust: Use FQCN for ansible.builtin
• sudo*: Use FQCN for ansible.builtin
• servicedelegation*: Use FQCN for ansible.builtin
• service: Use FQCN for ansible.builtin
• server: Use FQCN for ansible.builtin
• selfservice: Use FQCN for ansible.builtin
• role: Use FQCN for ansible.builtin
• pwpolicy: Use FQCN for ansible.builtin
• privilege: Use FQCN for ansible.builtin
• permission: Use FQCN for ansible.builtin
• netgroup: Use FQCN for ansible.builtin
• location: Use FQCN for ansible.builtin
• idrange: Use FQCN for ansible.builtin
• host*: Use FQCN for ansible.builtin
• hbac*: Use FQCN for ansible.builtin
• group: Use FQCN for ansible.builtin
• tests/external-signed-ca-*: Use FQCN for ansible.builtin
• tests/env_freeipa_facts.yml: Use FQCN for ansible.builtin
• dnszone: Use FQCN for ansible.builtin
• dnsrecord: Use FQCN for ansible.builtin
• dnsforwardzone: Use FQCN for ansible.builtin
• dnsconfig: Use FQCN for ansible.builtin
• delegation: Use FQCN for ansible.builtin
• config: Use FQCN for ansible.builtin
• tests/ca-less: Use FQCN for ansible.builtin
• automount: Use FQCN for ansible.builtin
• automember: Use FQCN for ansible.builtin
• ipabackup role: Use FQCN for ansible.builtin
• ipaclient role: Use FQCN for ansible.builtin
• ipareplica role: Use FQCN for ansible.builtin
• ipaserver role: Use FQCN for ansible.builtin
• ansible-freeipa.spec.in: Fix for loop with wildcard

ansible-freeipa-1.9.0

Highlights in 1.9.0

• New netgroup management module
• sudorule: Add support for 'hostmask' parameter
• pwpolicy: Add support for password check and grace limit
• ipaclient: No kinit on controller for deployment using OTP
• ipaclient: Configure DNS resolver
• Support for ansible-core 2.14 tests

Changes since 1.8.4

• tests/azure: Temporarily stay at Ubuntu 20.04 (#1000)
• environment: Fix os.environ language setting. (#997)
• ipaclient: No DNS resolver configuration on master (#996)
• tests/sanity: Add ignore file for ansible-core 2.14 (#992)
• utils: Remove deprecated shell scripts used to deploy IPA. (#991)
• pre-commit: Fix pycqa pre-commit repos. (#989)
• ipaclient: Configure DNS resolver (#988)
• ipaclient: No kinit on controller for deployment using OTP (#987)
• github worflows: speed up git checkout. (#986)
• upstream tests: Removal of 'warn: no' from shell plugins (#984)
• netgroup: Fix environment cleanup on ipanetgroup tests. (#981)
• upstream ci: Update Github actions due to old Node.js. (#980)
• ipaclient_setup_nss: Fix undefined ca_certs for NoCertificateError case (#979)
• linters: Fix versions of linter packages due to Python 3.11. (#978)
• Fix ipaserver role for ansible test (#976)
• Fix ipareplica role for ansible test (#975)
• Fix upstream ansible test ansible 2.13 (#973)
• Fix ipaclient role for ansible test (#972)
• pwpolicy: Add support for password check and grace limit. (#971)
• Fix ipasmartcard server role for ansible test (#969)
• Fix ipasmartcard client role for ansible test (#968)
• ipabackup_get_backup_dir: Fix documentation sections and agument spec (#967)
• ipamodule_base_docs: Fix documentation sections (#966)
• ipaconfig: Do not require enable_sid for add_sids or netbios_name (#961)
• new_module: Modify new_module and templates for Ansible 2.14 (#960)
• documentation: Change occurences of whitelist to allowlist. (#959)
• ipavault: Fix documentation sections and agument spec (#958)
• ipauser: Fix documentation sections and agument spec (#957)
• ipatrust Fix documentation sections and agument spec (#956)
• ipatopologysuffix: Fix documentation sections and agument spec (#955)
• ipatopologysegment: Fix documentation sections and agument spec (#954)
• ipasudorule: Fix documentation sections and agument spec (#953)
• ipasudocmdgroup: Fix documentation sections and agument spec (#952)
• ipasudocmd: Fix documentation sections and agument spec (#951)
• ipaservicedelegationtarget: Fix documentation sections and agument spec (#950)
• ipaservicedelegationrule: Fix documentation sections and agument spec (#949)
• ipaservice:: Fix documentation sections and agument spec (#948)
• ipaserver: Fix documentation sections and agument spec (#947)
• ipaselfservice: Fix documentation sections and agument spec (#946)
• iparole: Fix documentation sections and agument spec (#945)
• ipapwpolicy: Fix documentation sections and agument spec (#944)
• ipaprivilege: Fix documentation sections and agument spec (#943)
• ipapermission: Fix documentation sections and agument spec (#942)
• ipalocation: Fix documentation sections and agument spec (#941)
• ipaidrange: Fix documentation sections and agument spec (#940)
• ipahostgroup: Fix documentation sections and agument spec (#939)
• ipahost: Fix documentation sections and agument spec (#938)
• ipahbacsvcgroup: Fix documentation sections and agument spec (#937)
• ipahbacsvc: Fix documentation sections and agument spec (#936)
• ipahbacrule: Fix documentation sections and agument spec (#935)
• ipagroup: Fix documentation sections and agument spec (#934)
• ipadnszone: Fix documentation sections and agument spec (#933)
• ipadnsrecord: Fix documentation sections and agument spec (#932)
• ipadnsforwardzone: : Fix documentation sections and agument spec (#931)
• ipadnsconfig: Fix documentation sections and agument spec (#930)
• ipadelegation: : Fix documentation sections and agument spec (#929)
• ipaconfig: Fix documentation sections and agument spec (#928)
• ipaautomountmap: Fix documentation sections and agument spec (#927)
• ipaautomountlocation: Fix documentation sections and agument spec (#926)
• ipaautomountkey: Fix documentation sections and agument spec (#925)
• ipaautomember: Fix documentation sections and agument spec (#924)
• sudorule: Add support for 'hostmask' parameter (#922)
• ipaconfig: Do not allow enable_sid set to False. (#921)
• ipaconfig: Fix fail_json calls. (#920)
• Fix plugins for ansible fake execution test (#918)
• ipabackup_get_backup_dir: Fix for ansible-test fake execution test (#917)
• ipasmartcard_client_get_vars: Fix for ansible-test fake execution test (#916)
• ipasmartcard_server_get_vars: Fix for ansible-test fake execution test (#915)
• Re-enable dnsforwardzone tests (#914)
• ansible_freeipa_module: Remove deprecated FreeIPABaseModule (#913)
• New netgroup management module (#875)

Detailed changelog since 1.8.4 by author

3 authors, 142 commits

Denis Karpelevich (1)

• New netgroup management module

Rafael Guterres Jeffman (22)

• tests/sanity: Add ignore file for ansible-core 2.14
• environment: Fix os.environ language setting.
• utils: Remove deprecated shell scripts used to deploy IPA.
• pre-commit: Fix pycqa pre-commit repos.
• sudorule: Add support for 'hostmask' parameter
• github worflows: speed up git checkout.
• pwpolicy: Add support for password check and grace limit.
• upstream tests: Removal of 'warn: no' from shell plugins
• upstream ci: Use Shellcheck action from 'master'.
• upstream ci: Update Github actions due to old Node.js.
• pylint: Fix pylint issues on utils/galaxyfy-module-EXAMPLES.py
• pylint: Update configuration for Python 3.11
• pylint: Modify certificate loader function definition.
• linters: Fix versions of linter packages due to Python 3.11.
• netgroup: Fix environment cleanup on ipanetgroup tests.
• documentation: Change occurences of whitelist to allowlist.
• ipaconfig: Do not require enable_sid for add_sids or netbios_name
• ipaconfig: Do not allow enable_sid set to False.
• new_module: Modify new_module and templates for Ansible 2.14
• ipaconfig: Fix fail_json calls.
• Azure CI: Re-enable dnszone tests with forwarder ports
• Azure CI: Update variable files instructions.

Thomas Woerner (119)

• tests/azure: Temporarily stay at Ubuntu 20.04
• ipaclient: No DNS resolver configuration on master
• ipaclient: No kinit on controller for deployment using OTP
• ipaclient: Configure DNS resolver
• ipaserver_test: Fix documentation sections and agument spec
• ipaserver_setup_otpd: Fix documentation sections and agument spec
• ipaserver_setup_ntp: Fix documentation sections and agument spec
• ipaserver_setup_krb: Fix documentation sections and agument spec
• ipaserver_setup_kra: Fix documentation sections and agument spec
• ipaserver_setup_http: Fix documentation sections and agument spec
• ipaserver_setup_ds: Fix documentation sections and agument spec
• ipaserver_setup_dns: Fix documentation sections and agument spec
• ipaserver_setup_custodia: Fix documentation sections and agument spec
• ipaserver_setup_ca: Fix documentation sections and agument spec
• ipaserver_setup_adtrust: Fix documentation sections and agument spec
• ipaserver_set_ds_password: Fix documentation sections and agument spec
• ipaserver_prepare: Fix documentation sections and agument spec
• ipaserver_master_password: Fix documentation sections and agument spec
• ipaserver_load_cache: Fix documentation sections and agument spec
• ipaserver_enable_ipa: Fix documentation sections and agument spec
• ansible_ipa_server: Fix ansible-test fake execution test findings
• ipareplica_test: Fix documentation sections and agument spec
• ipareplica_setup_otpd: Fix documentation sections and agument spec
• ipareplica_setup_krb: Fix documentation sections and agument spec
• ipareplica_setup_kra: Fix documentation sections and agument spec
• ipareplica_setup_http: Fix documentation sections and agument spec
• ipareplica_setup_ds: Fix documentation sections and agument spec
• ipareplica_setup_dns: Fix documentation sections and agument spec
• ipareplica_setup_custodia: Fix documentation sections and agument spec
• ipareplica_setup_certmonger: Fix documentation sections and agument spec
• ipareplica_setup_ca: Fix documentation sections and agument spec
• ipareplica_setup_adtrust: Fix documentation sections and agument spec
• ipareplica_restart_kdc: Fix documentation sections and agument spec
• ipareplica_promote_sssd: Fix documentation sections and agument spec
• ipareplica_promote_openldap_conf: Fix documentation sections and agument spec
• ipareplica_prepare: Fix documentation sections and agument spec
• ipareplica_master_password: Fix documentation sections and agument spec
• ipareplica_krb_enable_ssl: Fix documentation sections and agument spec
• ipareplica_install_ca_certs: Fix documentation sections and agument spec
• ipareplica_enable_ipa: Fix documentation sections and agument spec
• ipareplica_ds_enable_ssl: Fix documentation sections and agument spec
• ipareplica_ds_apply_updates: Fix documentation sections and agument spec
• ipareplica_custodia_import_dm_password: Fix doc sections and agument spec
• ipareplica_create_ipa_conf: Fix documentation sections and agument spec
• ipareplica_add_to_ipaservers: Fix documentation sections and agument spec
• ansible_ipa_replica: Fix ansible-test fake execution test findings
• ipaclient_test_keytab: Fix documentation sections and agument spec
• ipaclient_test: Fix documentatio...

ansible-freeipa-1.8.4

Highlights in 1.8.4

• Support for SID related attributes in ipaconfig
• Minimum value check of idstart parameter for ipaserver role
• Deployment roles fixes and optimization

Changes since 1.8.3

• ipaconfig: Fix example playbook titles. (#912)
• utils/ansible-freeipa.spec.in: Sync with Fedora rawhide spec file (#911)
• upstream CI: Force retrieval of ansible-freeipa master. (#910)
• upstream CI: Ensure 'master' branch is available for set_test_modules (#908)
• ipaconfig: Add support for SID related attributes. (#906)
• ipaserver/ipareplica: Add isatty method to AnsibleModuleLog (#905)
• ipabackup: Fix order of ipabackup_name parameter evaluation. (#904)
• ipabackup: Add playbook tests for ipabackup. (#901)
• ipaserver: Add missing idstart check (#897)
• fedora rawhide: Temporarily disable failing DNS tests (#895)
• ipaserver: ipaclient part does not need to install packages (#894)
• upstream CI: run PR tests only for affected plugins (#893)
• Fix short_description flag in plugins, role modules and templates (#892)
• upstream CI: Fix list evaluation in IPA_ENABLED/IPA_DISABLED tests (#890)
• ipauser: Add note on attributes 'first' and 'last' requirements (#889)
• ipasudorule: Fix usage of 'action' and 'state' in examples. (#887)
• upstream CI: enable/disable tests based on test image (#884)
• ipareplica: Do not overwrite ipaclient_no_ntp for client part deployment (#876)
• Run tests locally with upstream CI images. (#849)

Detailed changelog since 1.8.3 by author

2 authors, 24 commits

Rafael Guterres Jeffman (17)

• ipaconfig: Add support for SID related attributes.
• ipaconfig: Fix example playbook titles.
• upstream CI: Force retrieval of ansible-freeipa master.
• upstream CI: Force retrieval of ansible-freeipa master.
• ipabackup: Fix order of ipabackup_name parameter evaluation.
• upstream CI: Ensure 'master' branch is available for set_test_modules
• ipabackup: Add playbook tests for ipabackup.
• upstream CI: run PR tests only for affected plugins
• check_test_configuration: Add support for IPA_* environment variables
• tests: Drop pytest-split-tests in favor of pytest-split
• run-tests: Run tests locally with upstream CI images
• upstream CI: Fix list evaluation in IPA_ENABLED/IPA_DISABLED tests
• ipauser: Add note on attributes 'first' and 'last' requirements
• upstream ci: Add step to display scenario configuration
• upstream ci: Avoid scheduling tests that will not be executed.
• upstream ci: Add support for distro specific test configuration.
• ipasudorule: Fix usage of 'action' and 'state' in examples.

Thomas Woerner (7)

• utils/ansible-freeipa.spec.in: Sync with Fedora rawhide spec file
• ipaserver/ipareplica: Add isatty method to AnsibleModuleLog
• ipaserver: Add missing idstart check
• fedora rawhide: Temporarily disable failing DNS tests
• ipaserver: ipaclient part does not need to install packages
• Fix short_description flag in plugins, role modules and templates
• ipareplica: Do not overwrite ipaclient_no_ntp for client part deployment

ansible-freeipa-1.8.3

Highlight in version 1.8.3

• Fix replica deployment issue for domains without SID support.

Changes since 1.8.2

• ipavault: Fix missing whitespace after keyword issue (#880)
• ipareplica: ipareplica_setup_adtrust fails while updating ipaNTFlatName (#877)

Detailed changelog since 1.8.2 by author

1 authors, 2 commits

Thomas Woerner (2)

• ipavault: Fix missing whitespace after keyword issue
• ipareplica: ipareplica_setup_adtrust fails while updating ipaNTFlatName

ansible-freeipa-1.8.2

Highlights in version 1.8.2

• SIDs are always generated for server and replica deployments
• Random Serial Numbers are not enabled by default any more
• Fixes comparison of bool values in IPA 4.9.10+ for ipadnsconfig
• Fixes issue with using an IP address for the server in client deployments

Changes since 1.8.1

• ipaclient: Removed invalid call logger.info() (#867)
• ipaserver/ipareplica: Always generate SIDs (#866)
• ipaserver,ipareplica: Fix Random Serial Numbers always enabled (#864)
• ipadnsconfig: Fix boolean values comparison (#863)
• ansible_freeipa_module: Use ipaplatform.tasks.parse_ipa_version (#859)
• upstream CI: enable tests on Fedora Rawide. (#854)
• sanity.sh: Allow use of podman instead of docker (#850)

Detailed changelog since 1.8.1 by author

3 authors, 10 commits

Rafael Guterres Jeffman (6)

• ipadnsconfig: Disable only tests that are failing due to python-dns
• ipadnsconfig: Separate tests for forwarders with custom ports.
• ipadnsconfig: Enable chech_mode support
• ipadnsconfig: Fixe comparison of bool values in IPA 4.9.10+
• sanity.sh: Allow use of podman instead of docker
• upstream CI: enable tests on Fedora Rawide.

Thomas Woerner (3)

• ipaserver/ipareplica: Always generate SIDs
• ipaserver,ipareplica: Fix Random Serial Numbers always enabled
• ansible_freeipa_module: Use ipaplatform.tasks.parse_ipa_version

jpclipffel (1)

• ipaclient: Removed invalid call logger.info()