ipaautomember: Resolve comments from review on #486

freeipa · Jan 19, 2021 · 1414d72 · 1414d72
1 parent f9cb369
commit 1414d72
Show file tree

Hide file tree

Showing 8 changed files with 128 additions and 96 deletions.
diff --git a/playbooks/automember/automember-absent.yml b/playbooks/automember/automember-absent.yml
diff --git a/playbooks/automember/automember-group-absent.yml b/playbooks/automember/automember-group-absent.yml
@@ -0,0 +1,11 @@
+---
+- name: Automember group absent example
+  hosts: ipaserver
+  become: true
+  tasks:
+  - name: Ensure group automember rule admins is absent
+    ipaautomember:
+      ipaadmin_password: SomeADMINpassword
+      name: admins
+      automember_type: group
+      state: absent
diff --git a/playbooks/automember/automember-group-present.yml b/playbooks/automember/automember-group-present.yml
@@ -0,0 +1,11 @@
+---
+- name: Automember group present example
+  hosts: ipaserver
+  become: true
+  tasks:
+  - name: Ensure group automember rule admins is present
+    ipaautomember:
+      ipaadmin_password: SomeADMINpassword
+      name: admins
+      automember_type: group
+      state: present
diff --git a/playbooks/automember/automember-hostgroup-absent.yml b/playbooks/automember/automember-hostgroup-absent.yml
@@ -0,0 +1,11 @@
+---
+- name: Automember hostgroup absent example
+  hosts: ipaserver
+  become: true
+  tasks:
+  - name: Ensure hostgroup automember rule ipaservers is absent
+    ipaautomember:
+      ipaadmin_password: SomeADMINpassword
+      name: ipaservers
+      automember_type: hostgroup
+      state: absent
diff --git a/playbooks/automember/automember-hostgroup-present.yml b/playbooks/automember/automember-hostgroup-present.yml
@@ -0,0 +1,11 @@
+---
+- name: Automember hostgroup present example
+  hosts: ipaserver
+  become: true
+  tasks:
+  - name: Ensure hostgroup automember rule ipaservers is absent
+    ipaautomember:
+      ipaadmin_password: SomeADMINpassword
+      name: ipaservers
+      automember_type: hostgroup
+      state: present
diff --git a/playbooks/automember/automember-present.yml b/playbooks/automember/automember-present.yml
diff --git a/plugins/modules/ipaautomember.py b/plugins/modules/ipaautomember.py
@@ -22,14 +22,10 @@
 
 
 from ansible.module_utils._text import to_text
-from ansible.module_utils.ansible_freeipa_module import (api_command,
-                                                         api_command_no_name,
-                                                         api_connect,
-                                                         compare_args_ipa,
-                                                         gen_add_del_lists,
-                                                         temp_kdestroy,
-                                                         temp_kinit,
-                                                         valid_creds)
+from ansible.module_utils.ansible_freeipa_module import (
+    api_command, api_command_no_name, api_connect, compare_args_ipa,
+    gen_add_del_lists, temp_kdestroy, temp_kinit, valid_creds
+)
 from ansible.module_utils.basic import AnsibleModule
 
 ANSIBLE_METADATA = {
@@ -59,7 +55,7 @@
   description:
     description: A description of this auto member rule
     required: false
-  type:
+  automember_type:
     description:
     - Grouping to which the rule applies
     required: true
@@ -95,7 +91,7 @@
     ipaadmin_password: SomeADMINpassword
     name: admins
     description: "example description"
-    type: group
+    automember_type: group
     state: present
     inclusive:
     - key: "mail"
@@ -195,7 +191,7 @@ def main():
             name=dict(type="list", aliases=["cn"],
                       default=None, required=True),
             description=dict(type="str", default=None),
-            type=dict(type='str', required=True,
+            automember_type=dict(type='str', required=True,
                       choices=['group', 'hostgroup']),
             action=dict(type="str", default="service",
                         choices=["member", "service"]),
@@ -227,7 +223,7 @@ def main():
     state = ansible_module.params.get("state")
 
     # grouping/type
-    grouping = ansible_module.params.get("type")
+    grouping = ansible_module.params.get("automember_type")
 
     # Init
     changed = False
@@ -346,6 +342,10 @@ def main():
                 commands.append([None, 'automember_rebuild',
                                  {"type": to_text(grouping)}])
 
+        # Check mode exit
+        if ansible_module.check_mode:
+            ansible_module.exit_json(changed=len(commands) > 0, **exit_args)
+
         errors = []
         for name, command, args in commands:
             try:

diff --git a/tests/automember/test_automember.yml b/tests/automember/test_automember.yml
@@ -7,56 +7,68 @@
 
   # CLEANUP TEST ITEMS
 
-  - name: Ensure group automember rule admins is absent
+  - name: Ensure group testgroup is absent
+    ipagroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testgroup
+      state: absent
+
+  - name: Ensure hostgroup testhostgroup is absent
+    ipahostgroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testhostgroup
+      state: absent
+
+  - name: Ensure group automember rule testgroup is absent
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
+      name: testgroup
       state: absent
-      type: group
+      automember_type: group
 
-  - name: Ensure hostgroup automember rule ipaservers is absent
+  - name: Ensure hostgroup automember rule testhostgroup is absent
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
+      name: testhostgroup
       state: absent
-      type: hostgroup
+      automember_type: hostgroup
 
   # CREATE TEST ITEMS
 
   # TESTS
 
-  - name: Ensure admins group automember rule is present
+  - name: Ensure testgroup group automember rule is present
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
-      description: Admins automember rule.
-      type: group
+      name: testgroup
+      description: testgroup automember rule.
+      automember_type: group
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure admins group automember rule is present again
+  - name: Ensure testgroup group automember rule is present again
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
-      description: Admins automember rule.
-      type: group
+      name: testgroup
+      description: testgroup automember rule.
+      automember_type: group
     register: result
     failed_when: result.changed or result.failed
 
-  - name: Change admins group automember rule description
+  - name: Change testgroup group automember rule description
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
-      description: Admins automember rule description.
-      type: group
+      name: testgroup
+      description: testgroup automember rule description.
+      automember_type: group
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure admins group automember rule has conditions
+  - name: Ensure testgroup group automember rule has conditions
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
-      type: group
+      name: testgroup
+      automember_type: group
       inclusive:
         - key: 'uid'
           expression: 'uid'
@@ -68,11 +80,11 @@
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure admins group automember rule has conditions again
+  - name: Ensure testgroup group automember rule has conditions again
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: admins
-      type: group
+      name: testgroup
+      automember_type: group
       inclusive:
         - key: 'uid'
           expression: 'uid'
@@ -86,38 +98,38 @@
 
 ######
 
-  - name: Ensure ipaservers hostgroup automember rule is present
+  - name: Ensure testhostgroup hostgroup automember rule is present
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      description: ipaservers automember rule
-      type: hostgroup
+      name: testhostgroup
+      description: testhostgroup automember rule
+      automember_type: hostgroup
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure ipaservers hostgroup automember rule is present again
+  - name: Ensure testhostgroup hostgroup automember rule is present again
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      description: ipaservers automember rule
-      type: hostgroup
+      name: testhostgroup
+      description: testhostgroup automember rule
+      automember_type: hostgroup
     register: result
     failed_when: result.changed or result.failed
 
-  - name: Change ipaservers hostgroup automember rule description
+  - name: Change testhostgroup hostgroup automember rule description
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      description: ipaservers test automember rule
-      type: hostgroup
+      name: testhostgroup
+      description: testhostgroup test automember rule
+      automember_type: hostgroup
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure ipaservers hostgroup automember rule has conditions
+  - name: Ensure testhostgroup hostgroup automember rule has conditions
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      type: hostgroup
+      name: testhostgroup
+      automember_type: hostgroup
       inclusive:
         - key: 'description'
           expression: 'description'
@@ -129,11 +141,11 @@
     register: result
     failed_when: not result.changed or result.failed
 
-  - name: Ensure ipaservers hostgroup automember rule has conditions again
+  - name: Ensure testhostgroup hostgroup automember rule has conditions again
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      name: ipaservers
-      type: hostgroup
+      name: testhostgroup
+      automember_type: hostgroup
       inclusive:
         - key: 'description'
           expression: 'description'
@@ -147,16 +159,28 @@
 
   # CLEANUP TEST ITEMS
 
-  - name: Ensure group automember rule admins is absent
+  - name: Ensure group testgroup is absent
+    ipagroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testgroup
+      state: absent
+
+  - name: Ensure hostgroup testhostgroup is absent
+    ipahostgroup:
+      ipaadmin_password: SomeADMINpassword
+      name: testhostgroup
+      state: absent
+
+  - name: Ensure group automember rule testgroup is absent
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      type: group
-      name: admins
+      automember_type: group
+      name: testgroup
       state: absent
 
-  - name: Ensure hostgroup automember rule ipaservers is absent
+  - name: Ensure hostgroup automember rule testhostgroup is absent
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
-      type: hostgroup
-      name: ipaservers
+      automember_type: hostgroup
+      name: testhostgroup
       state: absent