pylint: Modify certificate loader function definition.

This patch modifies the way that the certificate load function is defined, depending on the dependency version, so that the resulting identifier for the function is always set and static analysis tools, like linters don't complain about variables being used before being set. The same idiom is applied to both the ipaclient role and the plugins ansible_module_utils.
2026-03-26 21:33:05 +00:00 · 2022-11-09 23:20:35 -03:00
parent b7e39ce7e9
commit 10b3f4610c
2 changed files with 6 additions and 11 deletions
--- a/plugins/module_utils/ansible_freeipa_module.py
+++ b/plugins/module_utils/ansible_freeipa_module.py
@@ -99,9 +99,10 @@ try:

    try:
        from ipalib.x509 import load_pem_x509_certificate
+        certificate_loader = load_pem_x509_certificate
    except ImportError:
        from ipalib.x509 import load_certificate
-        load_pem_x509_certificate = None
+        certificate_loader = load_certificate

    # Try to import is_ipa_configured or use a fallback implementation.
    try:
@@ -147,7 +148,6 @@ except ImportError as _err:
    uuid = None
    netaddr = None
    is_ipa_configured = None
-    load_certificate = None
    kerberos = None
    ipaserver = None  # pylint: disable=C0103
 else:
@@ -588,10 +588,7 @@ def load_cert_from_str(cert):
    if not cert.endswith("-----END CERTIFICATE-----"):
        cert += "\n-----END CERTIFICATE-----"

-    if load_pem_x509_certificate is not None:
-        cert = load_pem_x509_certificate(cert.encode('utf-8'))
-    else:
-        cert = load_certificate(cert.encode('utf-8'))
+    cert = certificate_loader(cert.encode('utf-8'))
    return cert


--- a/roles/ipaserver/module_utils/ansible_ipa_server.py
+++ b/roles/ipaserver/module_utils/ansible_ipa_server.py
@@ -196,9 +196,10 @@ else:

        try:
            from ipalib.x509 import load_pem_x509_certificate
+            certificate_loader = load_pem_x509_certificate
        except ImportError:
            from ipalib.x509 import load_certificate
-            load_pem_x509_certificate = None
+            certificate_loader = load_certificate

        try:
            from ipaserver.install.server.install import get_min_idstart
@@ -426,10 +427,7 @@ else:
            if not cert.endswith("-----END CERTIFICATE-----"):
                cert += "\n-----END CERTIFICATE-----"

-            if load_pem_x509_certificate is not None:
-                cert = load_pem_x509_certificate(cert.encode('utf-8'))
-            else:
-                cert = load_certificate(cert.encode('utf-8'))
+            cert = certificate_loader(cert.encode('utf-8'))
        else:
            cert = base64.b64decode(cert)
        return cert