From 0b0a80796f0f4134b580101fc3588d56045a784a Mon Sep 17 00:00:00 2001
From: Jakob Meng <code@jakobmeng.de>
Date: Wed, 9 Feb 2022 07:03:22 -0700
Subject: [PATCH] Backported changes to identity_role_info from master branch

Added ci integration tests, updated return value documentation and
refactored to simplify code.

Change-Id: If8a1145a31d685d41367383930e6fd08d64c6ae8
(cherry picked from commit 1d22a94a90428d280446a7daf100623dc884b091)
---
 ci/roles/identity_role_info/tasks/main.yml | 62 ++++++++++++++++++++++
 ci/run-collection.yml                      |  1 +
 plugins/modules/identity_role_info.py      | 51 +++++++++---------
 3 files changed, 88 insertions(+), 26 deletions(-)
 create mode 100644 ci/roles/identity_role_info/tasks/main.yml

diff --git a/ci/roles/identity_role_info/tasks/main.yml b/ci/roles/identity_role_info/tasks/main.yml
new file mode 100644
index 00000000..c0d99fb0
--- /dev/null
+++ b/ci/roles/identity_role_info/tasks/main.yml
@@ -0,0 +1,62 @@
+- name: Ensure role does not exist before tests
+  openstack.cloud.identity_role:
+    cloud: "{{ cloud }}"
+    state: absent
+    name: test_role
+
+- name: Get unexistent role
+  openstack.cloud.identity_role_info:
+    cloud: "{{ cloud }}"
+    name: test_role
+  register: roleinfo
+
+- debug:
+    var: roleinfo
+
+- name: Assert that no results were returned
+  assert:
+    that: not roleinfo.openstack_roles
+
+- name: Create keystone role
+  openstack.cloud.identity_role:
+    cloud: "{{ cloud }}"
+    state: present
+    name: test_role
+
+- name: Create second role
+  openstack.cloud.identity_role:
+    cloud: "{{ cloud }}"
+    state: present
+    name: test_role2
+
+- name: Get role by name
+  openstack.cloud.identity_role_info:
+    cloud: "{{ cloud }}"
+    name: test_role
+  register: roleinfo
+
+- debug:
+    var: roleinfo
+
+- name: Assert that only one result was returned
+  assert:
+    that: roleinfo.openstack_roles | length == 1
+
+- name: Assert that roleinfo has fields
+  assert:
+    that: item in roleinfo.openstack_roles[0]
+  loop:
+    - domain_id
+    - id
+    - name
+
+- name: Post-test cleanup
+  block:
+  - name: Clean up roles
+    openstack.cloud.identity_role:
+      cloud: "{{ cloud }}"
+      state: absent
+      name: "{{ item }}"
+    loop:
+      - test_role
+      - test_role2
diff --git a/ci/run-collection.yml b/ci/run-collection.yml
index 44de1651..d5ba8ba0 100644
--- a/ci/run-collection.yml
+++ b/ci/run-collection.yml
@@ -20,6 +20,7 @@
     - { role: identity_user, tags: identity_user }
     - { role: identity_user_info, tags: identity_user_info }
     - { role: identity_role, tags: identity_role }
+    - { role: identity_role_info, tags: identity_role_info }
     - { role: image, tags: image }
     - { role: keypair, tags: keypair }
     - { role: keystone_domain, tags: keystone_domain }
diff --git a/plugins/modules/identity_role_info.py b/plugins/modules/identity_role_info.py
index 361e800d..42de17bd 100644
--- a/plugins/modules/identity_role_info.py
+++ b/plugins/modules/identity_role_info.py
@@ -7,19 +7,19 @@
 DOCUMENTATION = '''
 ---
 module: identity_role_info
-short_description: Retrive information about roles
+short_description: Retrieve information about roles
 author: OpenStack Ansible SIG
 description:
   - Get information about identity roles in Openstack
 options:
   domain_id:
     description:
-      - List roles in specified domain only
+      - Domain ID which owns the role
     type: str
     required: false
   name:
     description:
-      - List role speficied by name
+      - Name or ID of the role
     type: str
     required: false
 
@@ -37,21 +37,19 @@ openstack_roles:
   returned: always
   type: list
   elements: dict
-  sample:
-  - domain_id: None
-    id: 19bf514fdda84f808ccee8463bd85c1a
-    location:
-      cloud: mycloud
-      project:
-        domain_id: None
-        domain_name: None
-        id: None
-        name: None
-      region_name: None
-      zone: None
-    name: member
-    properties:
-
+  contains:
+    id:
+      description: Unique ID for the role
+      returned: success
+      type: str
+    name:
+      description: Unique role name, within the owning domain.
+      returned: success
+      type: str
+    domain_id:
+      description: References the domain ID which owns the role.
+      returned: success
+      type: str
 '''
 
 EXAMPLES = '''
@@ -75,23 +73,24 @@ from ansible_collections.openstack.cloud.plugins.module_utils.openstack import O
 
 
 class IdentityRoleInfoModule(OpenStackModule):
-
     argument_spec = dict(
         domain_id=dict(type='str', required=False),
         name=dict(type='str', required=False),
     )
+
     module_kwargs = dict(
         supports_check_mode=True,
     )
 
     def run(self):
-        roles = self.conn.list_roles(domain_id=self.params['domain_id'])
-        # Dictionaries are supported from Train release
-        roles = [item if isinstance(item, dict) else item.to_dict() for item in roles]
-        # Filtering by name is supported from Wallaby release
-        if self.params['name']:
-            roles = [item for item in roles if self.params['name'] in (item['id'], item['name'])]
-        self.results.update({'openstack_roles': roles})
+        params = {
+            'domain_id': self.params['domain_id'],
+            'name_or_id': self.params['name'],
+        }
+        params = {k: v for k, v in params.items() if v is not None}
+
+        roles = self.conn.search_roles(**params)
+        self.exit_json(changed=False, openstack_roles=roles)
 
 
 def main():