ipaidview: Fail to apply unknown (invalid) hosts

The task to apply an unknown (invalid) host to an idview was not failing as expected and only reported no change. A new host verification step has been added to fail before trying to apply invalid hosts. unapplying an invalid host is not failing as the invalid host is indeed not applied.
2026-03-26 21:33:05 +00:00 · 2023-10-16 11:11:20 +02:00
parent ba7bf0f6cd
commit 212719496c
2 changed files with 34 additions and 1 deletions
--- a/plugins/modules/ipaidview.py
+++ b/plugins/modules/ipaidview.py
@@ -127,7 +127,7 @@ RETURN = """

 from ansible.module_utils.ansible_freeipa_module import \
    IPAAnsibleModule, compare_args_ipa, gen_add_del_lists, gen_add_list, \
-    gen_intersection_list
+    gen_intersection_list, ipalib_errors
 from ansible.module_utils import six

 if six.PY3:
@@ -144,6 +144,14 @@ def find_idview(module, name):
    return _result["result"]


+def valid_host(module, name):
+    try:
+        module.ipa_command("host_show", name, {})
+    except ipalib_errors.NotFound:
+        return False
+    return True
+
+
 def gen_args(description, domain_resolution_order):
    _args = {}
    if description is not None:
@@ -327,6 +335,9 @@ def main():

            # Add members
            if host_add:
+                for host in host_add:
+                    if not valid_host(ansible_module, host):
+                        ansible_module.fail_json("Invalid host '%s'" % host)
                commands.append([name, "idview_apply", {"host": host_add}])

            # Remove members
--- a/tests/idview/test_idview.yml
+++ b/tests/idview/test_idview.yml
@@ -25,6 +25,7 @@
    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
+      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"

  # CLEANUP TEST ITEMS

@@ -182,6 +183,27 @@
    register: result
    failed_when: result.changed or result.failed

+  - name: Ensure invalid host "{{ host3_fqdn }}" fails to applied to idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+    register: result
+    failed_when: result.changed or not result.failed or
+                 "Invalid host" not in result.msg or
+                 host3_fqdn not in result.msg
+
+  - name: Ensure invalid host "{{ host3_fqdn }}" does not fail to unapply from idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+      state: absent
+    register: result
+    failed_when: result.changed or result.failed
+
  - name: Ensure host "{{ host2_fqdn }}" is applied to idview test1_idview
    ipaidview:
      name: test1_idview