a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ipa_host: Maintain the host certificates (#9694) 

* ipa_host: Maintain the host certificates

Fix #9693

* Add changelog fragment

* Fix changelog message

* Fix changelog message again
pull/9722/head
sedrubal 2025-02-10 22:02:52 +01:00 committed by GitHub
parent 4e0de41a85
commit d5add1ed9f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/9694-ipa-host-certificate-revoked.yml Normal file
View File

@ -0,0 +1,2 @@
bugfixes:
- ipa_host - module revoked existing host certificates even if ``user_certificate`` was not given (https://github.com/ansible-collections/community.general/pull/9694).

4
plugins/modules/ipa_host.py
View File

@ -270,6 +270,10 @@ def ensure(module, client):
data = {}
for key in diff:
data[key] = module_host.get(key)
if "usercertificate" not in data:
data["usercertificate"] = [
cert['__base64__'] for cert in ipa_host.get("usercertificate", [])
]
ipa_host_show = client.host_show(name=name)
if ipa_host_show.get('has_keytab', True) and (state == 'disabled' or module.params.get('random_password')):
client.host_disable(name=name)