From 49237a657fc4c1355b5c7217cc6e9029bae1d967 Mon Sep 17 00:00:00 2001 From: Webster Mudge Date: Thu, 7 Aug 2025 15:23:34 -0400 Subject: [PATCH] Fix FreeIPA client packages override Signed-off-by: Webster Mudge --- roles/freeipa_client/defaults/main.yml | 3 ++- roles/freeipa_client/handlers/main.yml | 1 + roles/freeipa_client/meta/argument_specs.yml | 3 ++- .../molecule/default/converge.yml | 1 + .../molecule/default/create.yml | 7 ++++--- .../molecule/default/destroy.yml | 5 +++-- .../molecule/default/molecule.yml | 1 + .../molecule/default/prepare.yml | 20 ++++++++++--------- .../molecule/default/requirements.yml | 1 + .../molecule/default/verify.yml | 1 + roles/freeipa_client/tasks/main.yml | 7 ++++--- roles/freeipa_client/vars/main.yml | 1 + 12 files changed, 32 insertions(+), 19 deletions(-) diff --git a/roles/freeipa_client/defaults/main.yml b/roles/freeipa_client/defaults/main.yml index 961b4797..4853ca0f 100644 --- a/roles/freeipa_client/defaults/main.yml +++ b/roles/freeipa_client/defaults/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2025 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -# ipaclient_packages: [] +# freeipa_client_packages: [] ipaclient_domain: "{{ undef(hint='Please define the DNS domain') }}" ipaclient_realm: "{{ undef(hint='Please define the Kerberos realm') }}" diff --git a/roles/freeipa_client/handlers/main.yml b/roles/freeipa_client/handlers/main.yml index 3e3b8fdc..c0cf4a41 100644 --- a/roles/freeipa_client/handlers/main.yml +++ b/roles/freeipa_client/handlers/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2025 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_client/meta/argument_specs.yml b/roles/freeipa_client/meta/argument_specs.yml index 7ee63f7f..51670293 100644 --- a/roles/freeipa_client/meta/argument_specs.yml +++ b/roles/freeipa_client/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- # Copyright 2025 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -23,7 +24,7 @@ argument_specs: author: Cloudera Labs version_added: "3.0.0" options: - ipaclient_packages: + freeipa_client_packages: description: - List of FreeIPA packages to install. - If not defined, the role will default to the packages defined in the diff --git a/roles/freeipa_client/molecule/default/converge.yml b/roles/freeipa_client/molecule/default/converge.yml index d2afd469..27a20d11 100644 --- a/roles/freeipa_client/molecule/default/converge.yml +++ b/roles/freeipa_client/molecule/default/converge.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_client/molecule/default/create.yml b/roles/freeipa_client/molecule/default/create.yml index 132438bf..41583e5e 100644 --- a/roles/freeipa_client/molecule/default/create.yml +++ b/roles/freeipa_client/molecule/default/create.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -25,7 +26,7 @@ run_config_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/run-config.yml" run_config_from_file: "{{ (lookup('file', run_config_path, errors='ignore') or '{}') | from_yaml }}" - run_config: '{{ default_run_config | combine(run_config_from_file) }}' + run_config: "{{ default_run_config | combine(run_config_from_file) }}" # Platform settings handling default_assign_public_ip: true @@ -38,7 +39,7 @@ default_public_key_path: "{{ default_private_key_path }}.pub" default_ssh_user: ansible default_ssh_port: 22 - default_user_data: '' + default_user_data: "" default_security_group_name: "molecule-{{ run_config.run_id }}" default_security_group_description: Ephemeral security group for Molecule instances @@ -123,7 +124,7 @@ - platform.vpc_id is string - platform.vpc_subnet_id is string and platform.vpc_subnet_id | length > 0 quiet: true - loop: '{{ platforms }}' + loop: "{{ platforms }}" loop_control: loop_var: platform label: "{{ platform.name }}" diff --git a/roles/freeipa_client/molecule/default/destroy.yml b/roles/freeipa_client/molecule/default/destroy.yml index fb95a201..a090fe0b 100644 --- a/roles/freeipa_client/molecule/default/destroy.yml +++ b/roles/freeipa_client/molecule/default/destroy.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -25,7 +26,7 @@ run_config_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/run-config.yml" run_config_from_file: "{{ (lookup('file', run_config_path, errors='ignore') or '{}') | from_yaml }}" - run_config: '{{ default_run_config | combine(run_config_from_file) }}' + run_config: "{{ default_run_config | combine(run_config_from_file) }}" # Platform settings handling default_aws_profile: "{{ lookup('env', 'AWS_PROFILE') }}" @@ -69,7 +70,7 @@ - platform.vpc_id is string - platform.vpc_subnet_id is string and platform.vpc_subnet_id | length > 0 quiet: true - loop: '{{ platforms }}' + loop: "{{ platforms }}" loop_control: loop_var: platform label: "{{ platform.name }}" diff --git a/roles/freeipa_client/molecule/default/molecule.yml b/roles/freeipa_client/molecule/default/molecule.yml index 873ce8da..be49cdbe 100644 --- a/roles/freeipa_client/molecule/default/molecule.yml +++ b/roles/freeipa_client/molecule/default/molecule.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_client/molecule/default/prepare.yml b/roles/freeipa_client/molecule/default/prepare.yml index a9e66659..1b4fcb51 100644 --- a/roles/freeipa_client/molecule/default/prepare.yml +++ b/roles/freeipa_client/molecule/default/prepare.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -14,8 +15,8 @@ - name: Prepare server hosts: server - gather_facts: yes - become: yes + gather_facts: true + become: true tasks: - name: Extract the VPC subnet ID from the Molecule platform configuration ansible.builtin.set_fact: @@ -25,14 +26,14 @@ amazon.aws.ec2_vpc_subnet_info: subnet_id: "{{ test_subnet_id }}" register: __subnet - become: no + become: false delegate_to: localhost - name: Retrieve the VPC details amazon.aws.ec2_vpc_net_info: vpc_ids: "{{ __subnet.subnets | map(attribute='vpc_id') | first }}" register: __vpc - become: no + become: false delegate_to: localhost - name: Update the core networking @@ -57,8 +58,8 @@ - name: Prepare clients hosts: clients - gather_facts: yes - become: yes + gather_facts: true + become: true tasks: - name: Extract the VPC subnet ID from the Molecule platform configuration ansible.builtin.set_fact: @@ -68,14 +69,14 @@ amazon.aws.ec2_vpc_subnet_info: subnet_id: "{{ test_subnet_id }}" register: __subnet - become: no + become: false delegate_to: localhost - name: Retrieve the VPC details amazon.aws.ec2_vpc_net_info: vpc_ids: "{{ __subnet.subnets | map(attribute='vpc_id') | first }}" register: __vpc - become: no + become: false delegate_to: localhost - name: Update the core networking @@ -86,4 +87,5 @@ network_dns_domain: "{{ ipaserver_domain }}" # See https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html vpc_cidr: "{{ __vpc.vpcs | map(attribute='cidr_block') | list }}" - network_dns_forwarders: "{{ groups['server'] | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | community.general.lists_union(vpc_cidr | map('ansible.utils.ipmath', '2') | list) }}" + network_dns_forwarders: "{{ groups['server'] | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | community.general.lists_union(vpc_cidr | map('ansible.utils.ipmath', + '2') | list) }}" diff --git a/roles/freeipa_client/molecule/default/requirements.yml b/roles/freeipa_client/molecule/default/requirements.yml index 6464be94..1779da38 100644 --- a/roles/freeipa_client/molecule/default/requirements.yml +++ b/roles/freeipa_client/molecule/default/requirements.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_client/molecule/default/verify.yml b/roles/freeipa_client/molecule/default/verify.yml index fca60e78..d4631ea6 100644 --- a/roles/freeipa_client/molecule/default/verify.yml +++ b/roles/freeipa_client/molecule/default/verify.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_client/tasks/main.yml b/roles/freeipa_client/tasks/main.yml index ed238c12..acc3e4dc 100644 --- a/roles/freeipa_client/tasks/main.yml +++ b/roles/freeipa_client/tasks/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +45,11 @@ ansible.builtin.meta: flush_handlers - name: Install defined FreeIPA client packages - when: ipaclient_packages is defined + when: freeipa_client_packages is defined ansible.builtin.package: name: "{{ __ipa_package }}" state: present - loop: "{{ ipaclient_packages }}" + loop: "{{ freeipa_client_packages }}" loop_control: loop_var: __ipa_package @@ -59,6 +60,6 @@ state: present ipaclient_hostname: "{{ inventory_hostname }}" ipaclient_mkhomedir: true - ipaclient_install_packages: "{{ (ipaclient_packages is undefined) | ternary('true', 'false') }}" + ipaclient_install_packages: "{{ freeipa_client_packages is undefined }}" ipaserver_setup_dns: true ipasssd_enable_dns_updates: true diff --git a/roles/freeipa_client/vars/main.yml b/roles/freeipa_client/vars/main.yml index a5d3cf3b..349f27e6 100644 --- a/roles/freeipa_client/vars/main.yml +++ b/roles/freeipa_client/vars/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License");