a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[PR #9739/b2e2d2d3 backport][stable-9] keycloak_client: compare desired and before dicts directly in checkmode (#9758) 

keycloak_client: compare desired and before dicts directly in checkmode (#9739)

* compare desired and before dicts directly in checkmode

* fix authorizationServicesEnabled being dropped by kc if unset

* only add authorizationsServicesEnabled=false if before_client exists

* add changelog fragment

* Update changelog.

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit b2e2d2d37b)

Co-authored-by: gruenbauer@b1-systems.de <gruenbauer@b1-systems.de>
pull/9769/head
patchback[bot] 2025-02-16 12:38:02 +01:00 committed by GitHub
parent 525ed41a0a
commit 2d5999c579
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/9739-keycloak_client-compare-before-desired-directly.yml Normal file
View File

@ -0,0 +1,2 @@
bugfixes:
- keycloak_client - in check mode, detect whether the lists in before client (for example redirect URI list) contain items that the lists in the desired client do not contain (https://github.com/ansible-collections/community.general/pull/9739).

10
plugins/modules/keycloak_client.py
View File

@ -782,7 +782,7 @@ end_state:
''' '''
from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \
keycloak_argument_spec, get_token, KeycloakError, is_struct_included keycloak_argument_spec, get_token, KeycloakError
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
import copy import copy
@ -833,6 +833,7 @@ def normalise_cr(clientrep, remove_ids=False):
for key, value in clientrep['attributes'].items(): for key, value in clientrep['attributes'].items():
if isinstance(value, bool): if isinstance(value, bool):
clientrep['attributes'][key] = str(value).lower() clientrep['attributes'][key] = str(value).lower()
clientrep['attributes'].pop('client.secret.creation.time', None)
return clientrep return clientrep
@ -1025,6 +1026,11 @@ def main():
else: else:
before_client = kc.get_client_by_id(cid, realm=realm) before_client = kc.get_client_by_id(cid, realm=realm)
# kc drops the variable 'authorizationServicesEnabled' if set to false
# to minimize diff/changes we set it to false if not set by kc
if before_client and 'authorizationServicesEnabled' not in before_client:
before_client['authorizationServicesEnabled'] = False
if before_client is None: if before_client is None:
before_client = {} before_client = {}
@ -1096,7 +1102,7 @@ def main():
if module._diff: if module._diff:
result['diff'] = dict(before=sanitize_cr(before_norm), result['diff'] = dict(before=sanitize_cr(before_norm),
after=sanitize_cr(desired_norm)) after=sanitize_cr(desired_norm))
result['changed'] = not is_struct_included(desired_norm, before_norm, CLIENT_META_DATA) result['changed'] = desired_norm != before_norm
module.exit_json(**result) module.exit_json(**result)