Bug 1861912

Summary:	[RFE] Use freeipa-ansible equivalents for ipa_priv/perm, ipa_role, get_keytab
Product:	Red Hat OpenStack	Reporter:	Ade Lee <alee>
Component:	ansible-tripleo-ipa	Assignee:	Dave Wilde <dwilde>
Status:	CLOSED WONTFIX	QA Contact:	Jeremy Agee <jagee>
Severity:	medium	Docs Contact:
Priority:	high
Version:	16.1 (Train)	CC:	dwilde, hrybacki, nlevinki, rcritten, scohen, spower, twoerner
Target Milestone:	Alpha	Keywords:	FutureFeature, Triaged
Target Release:	---	Flags:	ifrangs: needinfo? (dwilde)
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-11-11 19:15:10 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1918025
Bug Blocks:

Description Ade Lee 2020-07-29 21:25:35 UTC

Description of problem:

Most of tripleo-ipa (and one bit of THT template) uses the upstream ansible module to do IPA things.  These modules are not supported by Red Hat - and we should use the equivalents in ansible-freeipa instead.

See [1] for details.

At least some of these equivalents are slated for RHEL 8.3.  This BZ is to track those features.  For 8.3 features, we have [2]

The features in 8.4 are: ipa_priv/perm, ipa_role, get_keytab? ipa service cleanup,  

[1] https://docs.google.com/document/d/1vaT2xdD7z7I4JZxW7sLM1AE6_srh_VOtPkpIS2t9caA/edit

[2] https://bugzilla.redhat.com/show_bug.cgi?id=1861910

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Ade Lee 2020-07-29 21:27:21 UTC

Correction to above -- this is specifically for the features in 8.4