provision: make playbooks work on virtual machines in idm-ci

[jakub-vavra-cz]

Create playbook_vm.yml to include image_base and image_service to work on VM with become.
Modify packages role so it recognizes rhel and applies pieces on appropriate host groups.
Replace freeipa with ipa for RHEL.
Improve ldap and ipa task idempotency.

[pbrezina]

I didn't read it all yet, but here are first comments.

[ikerexxe]

Some minor comments

[ikerexxe]

LGTM. Take into account that Github is asking you to rebase on top of master before being able to merge.

[pbrezina]

I will review this on Monday, can you please rebase it in the mean time?

[pbrezina]

Hi, looks good to me, there are few minor comments.

Now, it would be good, if you can approve #51 before we merge this one and incorporate it into this pull request so passkey testing functionality is always built. It moves the bits into stand alone rpm package so build dependencies are no longer required to be installed.

I'm running the provisioning also locally so I can check that all existing tests pass. I'll get back with results.

[pbrezina]

when is not needed here.

[jakub-vavra-cz]

Removed.

[jakub-vavra-cz]

It is needed after all on rhel 9, returned it back:

fatal: [master.ipa.test]: FAILED! => changed=true 
  cmd:
  - yum
  - module
  - enable
  - idm:DL1
  - -y
  delta: '0:00:02.163913'
  end: '2023-07-25 06:13:18.094871'
  msg: non-zero return code
  rc: 1
  start: '2023-07-25 06:13:15.930958'
  stderr: |-
    Error: Problems in request:
    missing groups or modules: idm:DL1
  stderr_lines: <omitted>
  stdout: |-
    rhel-9.3 buildroot                               57 MB/s | 3.6 MB     00:00
    rhel-9.3 buildroot debuginfo                     56 MB/s | 2.5 MB     00:00
  stdout_lines: <omitted>

[pbrezina]

LGTM, tests pass, AD can be now provisioned again: But it would really be good to solve the "password never expires" step. There's something wrong going on, the retry should not be needed.