RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1966496 - [RFE] New management module ipaautomember
Summary: [RFE] New management module ipaautomember
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: ansible-freeipa
Version: 8.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: beta
: ---
Assignee: Thomas Woerner
QA Contact: ipa-qe
URL:
Whiteboard:
Depends On:
Blocks: 1973172
TreeView+ depends on / blocked
 
Reported: 2021-06-01 09:42 UTC by Thomas Woerner
Modified: 2021-11-10 01:09 UTC (History)
1 user (show)

Fixed In Version: ansible-freeipa-0.3.6-1.el8
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1973172 (view as bug list)
Environment:
Last Closed: 2021-11-09 18:45:36 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FREEIPA-7293 0 None None None 2021-11-09 18:51:31 UTC
Red Hat Product Errata RHBA-2021:4268 0 None None None 2021-11-09 18:45:49 UTC

Description Thomas Woerner 2021-06-01 09:42:08 UTC
New automember management module

There is a new automember management module placed in the plugins folder:

    plugins/modules/ipaautomember.py

The automember module allows to ensure presence or absence of automember rules
and manage automember rule conditions.

Here is the documentation for the module:

    README-automember.md

New example playbooks have been added:

    playbooks/automember/automember-group-absent.yml
    playbooks/automember/automember-group-present.yml
    playbooks/automember/automember-hostgroup-absent.yml
    playbooks/automember/automember-hostgroup-present.yml
    playbooks/automember/automember-hostgroup-rule-absent.yml
    playbooks/automember/automember-hostgroup-rule-present.yml

New tests for the module:

    tests/automember/test_automember.yml

Comment 2 Thomas Woerner 2021-06-01 09:43:40 UTC
Here is the upstream PR:

https://github.com/freeipa/ansible-freeipa/pull/486

It has been merged already.

Comment 8 Varun Mylaraiah 2021-07-05 03:48:32 UTC
Verified:

ansible-freeipa-0.3.6-3.el8.noarch
ipa-server-4.9.3-1.module+el8.5.0+10565+ae980a94.x86_64

# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.5 Beta (Ootpa)


TESTS STEP START: ansible_freeipa_tests/automember/test_automember.py
2021-07-02T00:50:13+0000 ============================= test session starts ==============================
2021-07-02T00:50:13+0000 platform linux -- Python 3.9.5, pytest-3.10.1, py-1.10.0, pluggy-0.13.1 -- /usr/bin/python3
2021-07-02T00:50:13+0000 cachedir: .pytest_cache
2021-07-02T00:50:13+0000 metadata: {'Python': '3.9.5', 'Platform': 'Linux-3.10.0-1160.25.1.el7.x86_64-x86_64-with-glibc2.33', 'Packages': {'pytest': '3.10.1', 'py': '1.10.0', 'pluggy': '0.13.1'}, 'Plugins': {'sourceorder': '0.5.1', 'html': '1.22.1', 'metadata': '1.11.0', 'multihost': '3.4'}, 'CI': 'true', 'CI_COMMIT_REF_NAME': '85_90_AutomemberModule_TestAutomation', 'CI_COMMIT_REF_SLUG': '85-90-automembermodule-testautomation', 'CI_COMMIT_SHA': 'fe30f1da076fc16901b1a89170c29c77978fefb8', 'CI_JOB_ID': '3951803', 'CI_JOB_NAME': 'automember_module', 'CI_JOB_STAGE': 'test', 'CI_RUNNER_DESCRIPTION': 'labshared gitlab-runner2.cee.prod.upshift.rdu2.redhat.com', 'CI_RUNNER_ID': '1313', 'CI_RUNNER_TAGS': 'cirros, docker, shared', 'CI_PIPELINE_ID': '1168091', 'CI_PROJECT_DIR': '/builds/identity-management/ansible-freeipa-tests', 'CI_PROJECT_ID': '22807', 'CI_PROJECT_NAME': 'ansible-freeipa-tests', 'CI_PROJECT_NAMESPACE': 'identity-management', 'CI_PROJECT_PATH': 'identity-management/ansible-freeipa-tests', 'CI_PROJECT_URL': 'https://gitlab.cee.redhat.com/identity-management/ansible-freeipa-tests', 'CI_REGISTRY_USER': 'gitlab-ci-token', 'CI_SERVER': 'yes', 'CI_SERVER_NAME': 'GitLab', 'CI_SERVER_REVISION': 'f37a805b0b4', 'CI_SERVER_VERSION': '13.12.5', 'GITLAB_CI': 'true', 'GITLAB_USER_ID': '2574', 'GITLAB_USER_EMAIL': 'mvarun'}
2021-07-02T00:50:13+0000 rootdir: /builds/identity-management/ansible-freeipa-tests/1168091/ansible-freeipa-tests, inifile:
2021-07-02T00:50:13+0000 plugins: sourceorder-0.5.1, html-1.22.1, metadata-1.11.0, multihost-3.4
2021-07-02T00:50:13+0000 collecting ... collected 26 items
2021-07-02T00:50:13+0000 
2021-07-02T00:58:09+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutmemberPrerequiste::test_add_prerequisite PASSED [  3%]
2021-07-02T00:58:20+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_add PASSED [  7%]
2021-07-02T00:58:28+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_add PASSED [ 11%]
2021-07-02T00:58:37+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_nonexisting_group_rule_add PASSED [ 15%]
2021-07-02T00:58:46+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_nonexisting_hostgroup_rule_add PASSED [ 19%]
2021-07-02T00:58:49+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_rule_add_with_invalid_type PASSED [ 23%]
2021-07-02T00:58:58+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_update_description PASSED [ 26%]
2021-07-02T00:59:05+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_update_description PASSED [ 30%]
2021-07-02T00:59:13+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_add_with_inclusive_exclusive_regex PASSED [ 34%]
2021-07-02T00:59:21+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_add_with_inclusive_exclusive_regex PASSED [ 38%]
2021-07-02T00:59:29+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_update_inclusive_regex_only PASSED [ 42%]
2021-07-02T00:59:37+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_update_exclusive_regex_only PASSED [ 46%]
2021-07-02T00:59:45+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_update_inclusive_regex_only PASSED [ 50%]
2021-07-02T00:59:52+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_update_exclusive_regex_only PASSED [ 53%]
2021-07-02T00:59:52+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_nonexisting_group_rule_update_exclusive_regex xfail [ 57%]
2021-07-02T00:59:52+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_nonexisting_hostgroup_rule_update_inclusive_regex xfail [ 61%]
2021-07-02T01:00:00+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_update_with_invalid_inclusive_regex_key PASSED [ 65%]
2021-07-02T01:00:09+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_update_with_invalid_exclusive_regex_key PASSED [ 69%]
2021-07-02T01:00:17+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_add_with_invalid_inclusive_regex_key PASSED [ 73%]
2021-07-02T01:00:26+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_add_with_invalid_exclusive_regex_key PASSED [ 76%]
2021-07-02T01:00:26+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_remove_with_invalid_exclusive_regex_key xfail [ 80%]
2021-07-02T01:00:35+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_remove_inclusive_regex_from_automembergroup_rule PASSED [ 84%]
2021-07-02T01:00:44+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_remove_exclusive_regex_from_automemberhostgroup_rule PASSED [ 88%]
2021-07-02T01:00:57+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_remove_regex_from_automembergroup_rule_with_invalid_type PASSED [ 92%]
2021-07-02T01:01:08+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_group_rule_remove PASSED [ 96%]
2021-07-02T01:01:18+0000 ansible_freeipa_tests/automember/test_automember.py::TestAutomember::test_automember_hostgroup_rule_remove PASSED [100%]

Based on the test result, marking the bug VERIFIED.

Comment 10 errata-xmlrpc 2021-11-09 18:45:36 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4268


Note You need to log in before you can comment on or make changes to this bug.