a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ipa_host: Fix enabled and disabled states (#8920) 

* Fix ipa_host

* PR Fixes

* PR Fixes

* PR Doc fixes

* PR Doc fixes 2

* Fix default value
pull/9012/head
alexander 2024-10-07 23:13:51 +03:00 committed by GitHub
parent c7e2875a4d
commit cc8009621f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/8920-ipa-host-fix-state.yml Normal file
View File

@ -0,0 +1,2 @@
bugfixes:
- ipa_host - add ``force_create``, fix ``enabled`` and ``disabled`` states (https://github.com/ansible-collections/community.general/issues/1094, https://github.com/ansible-collections/community.general/pull/8920).

28
plugins/modules/ipa_host.py
View File

@ -74,10 +74,17 @@ options:
type: list type: list
elements: str elements: str
state: state:
description: State to ensure. description:
- State to ensure.
default: present default: present
choices: ["absent", "disabled", "enabled", "present"] choices: ["absent", "disabled", "enabled", "present"]
type: str type: str
force_creation:
description:
- Create host if O(state=disabled) or O(state=enabled) but not present.
default: true
type: bool
version_added: 9.5.0
update_dns: update_dns:
description: description:
- If set V(true) with O(state=absent), then removes DNS records of the host managed by FreeIPA DNS. - If set V(true) with O(state=absent), then removes DNS records of the host managed by FreeIPA DNS.
@ -233,26 +240,31 @@ def get_host_diff(client, ipa_host, module_host):
def ensure(module, client): def ensure(module, client):
name = module.params['fqdn'] name = module.params['fqdn']
state = module.params['state'] state = module.params['state']
force_creation = module.params['force_creation']
ipa_host = client.host_find(name=name) ipa_host = client.host_find(name=name)
module_host = get_host_dict(description=module.params['description'], module_host = get_host_dict(description=module.params['description'],
force=module.params['force'], ip_address=module.params['ip_address'], force=module.params['force'],
ip_address=module.params['ip_address'],
ns_host_location=module.params['ns_host_location'], ns_host_location=module.params['ns_host_location'],
ns_hardware_platform=module.params['ns_hardware_platform'], ns_hardware_platform=module.params['ns_hardware_platform'],
ns_os_version=module.params['ns_os_version'], ns_os_version=module.params['ns_os_version'],
user_certificate=module.params['user_certificate'], user_certificate=module.params['user_certificate'],
mac_address=module.params['mac_address'], mac_address=module.params['mac_address'],
random_password=module.params.get('random_password'), random_password=module.params['random_password'],
) )
changed = False changed = False
if state in ['present', 'enabled', 'disabled']: if state in ['present', 'enabled', 'disabled']:
if not ipa_host: if not ipa_host and (force_creation or state == 'present'):
changed = True changed = True
if not module.check_mode: if not module.check_mode:
# OTP password generated by FreeIPA is visible only for host_add command # OTP password generated by FreeIPA is visible only for host_add command
# so, return directly from here. # so, return directly from here.
return changed, client.host_add(name=name, host=module_host) return changed, client.host_add(name=name, host=module_host)
else: else:
if state in ['disabled', 'enabled']:
module.fail_json(msg="No host with name " + ipa_host + " found")
diff = get_host_diff(client, ipa_host, module_host) diff = get_host_diff(client, ipa_host, module_host)
if len(diff) > 0: if len(diff) > 0:
changed = True changed = True
@ -261,11 +273,10 @@ def ensure(module, client):
for key in diff: for key in diff:
data[key] = module_host.get(key) data[key] = module_host.get(key)
ipa_host_show = client.host_show(name=name) ipa_host_show = client.host_show(name=name)
if ipa_host_show.get('has_keytab', False) and module.params.get('random_password'): if ipa_host_show.get('has_keytab', True) and (state == 'disabled' or module.params.get('random_password')):
client.host_disable(name=name) client.host_disable(name=name)
return changed, client.host_mod(name=name, host=data) return changed, client.host_mod(name=name, host=data)
elif state == 'absent':
else:
if ipa_host: if ipa_host:
changed = True changed = True
update_dns = module.params.get('update_dns', False) update_dns = module.params.get('update_dns', False)
@ -288,7 +299,8 @@ def main():
mac_address=dict(type='list', aliases=['macaddress'], elements='str'), mac_address=dict(type='list', aliases=['macaddress'], elements='str'),
update_dns=dict(type='bool'), update_dns=dict(type='bool'),
state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']),
random_password=dict(type='bool', no_log=False),) random_password=dict(type='bool', no_log=False),
force_creation=dict(type='bool', default=True),)
module = AnsibleModule(argument_spec=argument_spec, module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True) supports_check_mode=True)