From 85257b9d03ee65c8541c17e44e147993e5605d69 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 10:57:31 +0100 Subject: [PATCH 1/6] build-galaxy-release: Real cleanup of ipabackup_get_backup_dir.py link plugins/modules/ipabackup_* needs to be cleaned up not plugins/action/ipabackup_* --- utils/build-galaxy-release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/build-galaxy-release.sh b/utils/build-galaxy-release.sh index 87d2136a..3e6bd4f2 100755 --- a/utils/build-galaxy-release.sh +++ b/utils/build-galaxy-release.sh @@ -84,7 +84,7 @@ rm plugins/module_utils/ansible_ipa_* rm plugins/modules/ipaserver_* rm plugins/modules/ipareplica_* rm plugins/modules/ipaclient_* +rm plugins/modules/ipabackup_* rm plugins/action/ipaclient_* -rm plugins/action/ipabackup_* rmdir plugins/action git reset --hard From 541c514aa92fae4fd929068f8516ef61b97eb158 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 12:35:42 +0100 Subject: [PATCH 2/6] Add version for ansible deprecated calls --- plugins/module_utils/ansible_freeipa_module.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/plugins/module_utils/ansible_freeipa_module.py b/plugins/module_utils/ansible_freeipa_module.py index ba2544f2..728af00a 100644 --- a/plugins/module_utils/ansible_freeipa_module.py +++ b/plugins/module_utils/ansible_freeipa_module.py @@ -1132,6 +1132,7 @@ else: self.deprecate( msg="FreeIPABaseModule is deprecated. Use IPAAnsibleModule.", + version="1.5.0" ) # Status of an execution. Will be changed to True @@ -1174,7 +1175,8 @@ else: "FreeIPABaseModule is deprecated. Use IPAAnsibleModule. " "Use 'AnsibleFreeIPAParams.get_ipa_command_args()', " "Instantiate it using the class 'ipa_params_mapping'." - ) + ), + version="1.5.0" ) mapping = IPAParamMapping(self, self.ipa_param_mapping) return mapping.get_ipa_command_args(**kwargs) @@ -1185,6 +1187,7 @@ else: msg=( "FreeIPABaseModule is deprecated. Use IPAAnsibleModule. " ), + version="1.5.0" ) pass # pylint: disable=unnecessary-pass @@ -1217,6 +1220,7 @@ else: msg=( "FreeIPABaseModule is deprecated. Use IPAAnsibleModule. " ), + version="1.5.0" ) self.process_command_result(name, command, args, result) @@ -1234,6 +1238,7 @@ else: "To aid in porting to IPAAnsibleModule, change to " "'FreeIPABaseModule.process_results'." ), + version="1.5.0" ) if "completed" in result: @@ -1255,6 +1260,7 @@ else: "FreeIPABaseModule require_ipa_attrs_change() is " "deprecated. Use ansible_freeipa_module.compare_args()." ), + version="1.5.0" ) equal = compare_args_ipa(self, command_args, ipa_attrs) return not equal @@ -1265,6 +1271,7 @@ else: msg=( "FreeIPABaseModule is deprecated. Use IPAAnsibleModule." ), + version="1.5.0" ) ipaapi_context = self.params_get("ipaapi_context") with self.ipa_connect(context=ipaapi_context): From f47d134335684807122ffd5be310c89c8438f970 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 12:38:28 +0100 Subject: [PATCH 3/6] utils/gen_module_docs.py: Drop duplicate setup_adtrust key --- utils/gen_module_docs.py | 1 - 1 file changed, 1 deletion(-) diff --git a/utils/gen_module_docs.py b/utils/gen_module_docs.py index b3ac9f57..254a2734 100644 --- a/utils/gen_module_docs.py +++ b/utils/gen_module_docs.py @@ -55,7 +55,6 @@ param_docs = { "no_pkinit": "Disable pkinit setup steps", "no_ui_redirect": "Do not automatically redirect to the Web UI", "external_ca": "External ca setting", - "setup_adtrust": "Configure AD trust capability", "external_cert_files": [ "File containing the IPA CA certificate and the external CA certificate", "chain" From 2e178e5a38683ec5c758e2e42688d0244c2b1bdc Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 12:03:37 +0100 Subject: [PATCH 4/6] Ignore file for ansible-test sanity 2.12 These are skips for python 2.6 with import-2.6!skip and compile-2.6!skip, ignores for the exit_raw_json function in ansible_freeipa_module.py for use with ipavault, the ignore of using automatic field numbering for the string format function, the use of string split without maxsplits (not working in Python2), skips of the shebang tests for scripts in tests and utils and the ignore of missing collection_name for deprecate function calls in ansible_freeipa_module.py. --- tests/sanity/ignore-2.12.txt | 55 ++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 tests/sanity/ignore-2.12.txt diff --git a/tests/sanity/ignore-2.12.txt b/tests/sanity/ignore-2.12.txt new file mode 100644 index 00000000..f1c75405 --- /dev/null +++ b/tests/sanity/ignore-2.12.txt @@ -0,0 +1,55 @@ +plugins/module_utils/ansible_freeipa_module.py compile-2.6!skip +plugins/module_utils/ansible_freeipa_module.py import-2.6!skip +plugins/module_utils/ansible_freeipa_module.py pylint:ansible-bad-import-from +plugins/module_utils/ansible_freeipa_module.py pylint:ansible-bad-function +plugins/module_utils/ansible_freeipa_module.py pylint:ansible-format-automatic-specification +plugins/module_utils/ansible_freeipa_module.py pylint:ansible-deprecated-no-collection-name +plugins/modules/ipaclient_get_facts.py compile-2.6!skip +plugins/modules/ipaclient_get_facts.py import-2.6!skip +plugins/modules/ipaclient_api.py pylint:ansible-format-automatic-specification +plugins/modules/ipaclient_join.py pylint:ansible-format-automatic-specification +plugins/modules/ipaclient_test.py pylint:ansible-format-automatic-specification +plugins/modules/ipaconfig.py compile-2.6!skip +plugins/modules/ipaconfig.py import-2.6!skip +plugins/modules/ipadnsrecord.py compile-2.6!skip +plugins/modules/ipadnsrecord.py import-2.6!skip +plugins/modules/ipadnsrecord.py pylint:ansible-format-automatic-specification +plugins/modules/ipadnsrecord.py pylint:use-maxsplit-arg +plugins/modules/ipareplica_enable_ipa.py pylint:ansible-format-automatic-specification +plugins/modules/ipareplica_prepare.py pylint:ansible-format-automatic-specification +plugins/modules/ipareplica_test.py pylint:ansible-format-automatic-specification +plugins/modules/ipaserver_setup_ca.py compile-2.6!skip +plugins/modules/ipaserver_setup_ca.py import-2.6!skip +plugins/modules/ipaserver_test.py pylint:ansible-format-automatic-specification +plugins/modules/ipaservice.py compile-2.6!skip +plugins/modules/ipaservice.py import-2.6!skip +plugins/modules/ipavault.py compile-2.6!skip +plugins/modules/ipavault.py import-2.6!skip +roles/ipaclient/library/ipaclient_api.py pylint:ansible-format-automatic-specification +roles/ipaclient/library/ipaclient_join.py pylint:ansible-format-automatic-specification +roles/ipaclient/library/ipaclient_test.py pylint:ansible-format-automatic-specification +roles/ipareplica/library/ipareplica_enable_ipa.py pylint:ansible-format-automatic-specification +roles/ipareplica/library/ipareplica_prepare.py pylint:ansible-format-automatic-specification +roles/ipareplica/library/ipareplica_test.py pylint:ansible-format-automatic-specification +roles/ipaserver/library/ipaserver_test.py pylint:ansible-format-automatic-specification +roles/ipareplica/module_utils/ansible_ipa_replica.py pylint:ansible-format-automatic-specification +tests/external-signed-ca-with-automatic-copy/external-ca.sh shebang!skip +tests/pytests/conftest.py pylint:ansible-format-automatic-specification +tests/user/users.sh shebang!skip +tests/user/users_absent.sh shebang!skip +tests/utils.py pylint:ansible-format-automatic-specification +tests/utils.py pylint:subprocess-run-check +utils/ansible-doc-test shebang!skip +utils/ansible-ipa-client-install shebang!skip +utils/ansible-ipa-replica-install shebang!skip +utils/ansible-ipa-server-install shebang!skip +utils/build-galaxy-release.sh shebang!skip +utils/build-srpm.sh shebang!skip +utils/changelog shebang!skip +utils/galaxyfy-README.py shebang!skip +utils/galaxyfy-module-EXAMPLES.py shebang!skip +utils/galaxyfy-playbook.py shebang!skip +utils/galaxyfy.py shebang!skip +utils/gen_modules_docs.sh shebang!skip +utils/lint_check.sh shebang!skip +utils/new_module shebang!skip From 82412ef761011d0bc6244de1f639f0390bff3c1f Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 15:35:35 +0100 Subject: [PATCH 5/6] ipabackup_get_backup_dir.py: Add missing ":" in example --- roles/ipabackup/library/ipabackup_get_backup_dir.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/ipabackup/library/ipabackup_get_backup_dir.py b/roles/ipabackup/library/ipabackup_get_backup_dir.py index d9eeb512..53f3e1f8 100644 --- a/roles/ipabackup/library/ipabackup_get_backup_dir.py +++ b/roles/ipabackup/library/ipabackup_get_backup_dir.py @@ -45,7 +45,7 @@ EXAMPLES = ''' # Get IPA_BACKUP_DIR from ipaplatform - name: Get IPA_BACKUP_DIR from ipaplatform ipabackup_get_backup_dir: - register result + register: result ''' RETURN = ''' From 85006d611fe55f554bf39a63a8a4e2a95be9eee1 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 14 Dec 2021 17:17:17 +0100 Subject: [PATCH 6/6] Fix ansible-test reported pep8 errors These are indent issues, one item per line for argument_specs items containing options dicts and missing or overflow spaces for comments and dict delimiters. --- plugins/modules/ipaautomember.py | 14 +++++++++----- plugins/modules/ipaconfig.py | 16 ++++++++-------- plugins/modules/ipadnsconfig.py | 27 +++++++++++++-------------- plugins/modules/ipadnsrecord.py | 11 ++++++----- plugins/modules/ipadnszone.py | 8 ++++---- plugins/modules/ipagroup.py | 14 +++++++------- plugins/modules/iparole.py | 4 ++-- plugins/modules/ipaservice.py | 2 +- plugins/modules/ipauser.py | 7 +++++-- plugins/modules/ipavault.py | 2 +- utils/gen_module_docs.py | 10 +++++----- 11 files changed, 61 insertions(+), 54 deletions(-) diff --git a/plugins/modules/ipaautomember.py b/plugins/modules/ipaautomember.py index b99879af..c3b8e1a9 100644 --- a/plugins/modules/ipaautomember.py +++ b/plugins/modules/ipaautomember.py @@ -194,19 +194,23 @@ def main(): argument_spec=dict( # general inclusive=dict(type="list", - aliases=["automemberinclusiveregex"], default=None, + aliases=["automemberinclusiveregex"], + default=None, options=dict( key=dict(type="str", required=True), expression=dict(type="str", required=True) ), - elements="dict", required=False), - exclusive=dict(type="list", aliases=[ - "automemberexclusiveregex"], default=None, + elements="dict", + required=False), + exclusive=dict(type="list", + aliases=["automemberexclusiveregex"], + default=None, options=dict( key=dict(type="str", required=True), expression=dict(type="str", required=True) ), - elements="dict", required=False), + elements="dict", + required=False), name=dict(type="list", aliases=["cn"], default=None, required=True), description=dict(type="str", default=None), diff --git a/plugins/modules/ipaconfig.py b/plugins/modules/ipaconfig.py index 4b2df6a5..2a155bdf 100644 --- a/plugins/modules/ipaconfig.py +++ b/plugins/modules/ipaconfig.py @@ -299,7 +299,7 @@ def main(): "KDC:Disable Last Success", "KDC:Disable Lockout", "KDC:Disable Default Preauth for SPNs", - ""]), # noqa E128 + ""]), # noqa E128 selinuxusermaporder=dict(type="list", required=False, aliases=['ipaselinuxusermaporder']), selinuxusermapdefault=dict(type="str", required=False, @@ -365,15 +365,15 @@ def main(): if params.get("ipadomainresolutionorder", None): params["ipadomainresolutionorder"] = \ - ":".join(params["ipadomainresolutionorder"]) + ":".join(params["ipadomainresolutionorder"]) if params.get("ipausersearchfields", None): params["ipausersearchfields"] = \ - ",".join(params["ipausersearchfields"]) + ",".join(params["ipausersearchfields"]) if params.get("ipagroupsearchfields", None): params["ipagroupsearchfields"] = \ - ",".join(params["ipagroupsearchfields"]) + ",".join(params["ipagroupsearchfields"]) # verify limits on INT values. args_with_limits = [ @@ -418,12 +418,12 @@ def main(): if ansible_module.argument_spec.get(k): arg_type = ansible_module.argument_spec[k]['type'] if k in ( - 'ipaselinuxusermaporder', 'domain_resolution_order' - ): + 'ipaselinuxusermaporder', 'domain_resolution_order' + ): exit_args[k] = result.get(key)[0].split('$') elif k in ( - 'usersearch', 'groupsearch' - ): + 'usersearch', 'groupsearch' + ): exit_args[k] = result.get(key)[0].split(',') elif isinstance(value, str) and arg_type == "list": exit_args[k] = [value] diff --git a/plugins/modules/ipadnsconfig.py b/plugins/modules/ipadnsconfig.py index f6d4c468..7b82a076 100644 --- a/plugins/modules/ipadnsconfig.py +++ b/plugins/modules/ipadnsconfig.py @@ -165,24 +165,23 @@ def gen_args(module, state, dnsconfig, forwarders, forward_policy, def main(): forwarder_spec = dict( - ip_address=dict(type=str, required=True), - port=dict(type=int, required=False, default=None) + ip_address=dict(type=str, required=True), + port=dict(type=int, required=False, default=None) ) ansible_module = IPAAnsibleModule( - argument_spec=dict( - # dnsconfig - forwarders=dict(type='list', default=None, required=False, - options=dict(**forwarder_spec)), - forward_policy=dict(type='str', required=False, default=None, - choices=['only', 'first', 'none']), - allow_sync_ptr=dict(type='bool', required=False, default=None), + argument_spec=dict( + # dnsconfig + forwarders=dict(type='list', default=None, required=False, + options=dict(**forwarder_spec)), + forward_policy=dict(type='str', required=False, default=None, + choices=['only', 'first', 'none']), + allow_sync_ptr=dict(type='bool', required=False, default=None), - # general - state=dict(type="str", default="present", - choices=["present", "absent"]), - - ) + # general + state=dict(type="str", default="present", + choices=["present", "absent"]), + ) ) ansible_module._ansible_debug = True diff --git a/plugins/modules/ipadnsrecord.py b/plugins/modules/ipadnsrecord.py index dc728031..1f5e787e 100644 --- a/plugins/modules/ipadnsrecord.py +++ b/plugins/modules/ipadnsrecord.py @@ -1108,12 +1108,13 @@ def configure_module(): name=dict(type="list", aliases=["record_name"], default=None, required=False), - records=dict(type="list", default=None, + records=dict(type="list", + default=None, options=dict( - # Here name is a simple string - name=dict(type='str', required=True, - aliases=['record_name']), - **record_spec), + # Here name is a simple string + name=dict(type='str', required=True, + aliases=['record_name']), + **record_spec), ), # general diff --git a/plugins/modules/ipadnszone.py b/plugins/modules/ipadnszone.py index 38fdcefa..ae9b7516 100644 --- a/plugins/modules/ipadnszone.py +++ b/plugins/modules/ipadnszone.py @@ -550,10 +550,10 @@ def main(): ansible_module.check_ipa_params() ansible_module.define_ipa_commands() changed = ansible_module.execute_ipa_commands( - ansible_module.commands, - result_handler=DNSZoneModule.process_results, - exit_args=exit_args - ) + ansible_module.commands, + result_handler=DNSZoneModule.process_results, + exit_args=exit_args + ) ansible_module.exit_json(changed=changed, **exit_args) diff --git a/plugins/modules/ipagroup.py b/plugins/modules/ipagroup.py index 979bf623..55855f44 100644 --- a/plugins/modules/ipagroup.py +++ b/plugins/modules/ipagroup.py @@ -393,13 +393,13 @@ def main(): # If yes: modify # Also if it is a modification from nonposix to posix # or nonposix to external. - if not compare_args_ipa(ansible_module, args, - res_find) or \ - ( - not is_posix_group(res_find) and - not is_external_group(res_find) and - (posix or external) - ): + if not compare_args_ipa( + ansible_module, args, res_find + ) or ( + not is_posix_group(res_find) and + not is_external_group(res_find) and + (posix or external) + ): if posix: args['posix'] = True if external: diff --git a/plugins/modules/iparole.py b/plugins/modules/iparole.py index 912cfc1e..dc5b6922 100644 --- a/plugins/modules/iparole.py +++ b/plugins/modules/iparole.py @@ -199,7 +199,7 @@ def ensure_absent_state(module, name, action, res_find): member_args = {} for key in ['user', 'group', 'host', 'hostgroup']: items = member_intersect( - module, key, 'member_%s' % key, res_find) + module, key, 'member_%s' % key, res_find) if items: member_args[key] = items @@ -298,7 +298,7 @@ def ensure_members_are_present(module, name, res_find): member_args = {} for key in ['user', 'group', 'host', 'hostgroup']: items = member_difference( - module, key, 'member_%s' % key, res_find) + module, key, 'member_%s' % key, res_find) if items: member_args[key] = items diff --git a/plugins/modules/ipaservice.py b/plugins/modules/ipaservice.py index 9eb87548..706f6436 100644 --- a/plugins/modules/ipaservice.py +++ b/plugins/modules/ipaservice.py @@ -577,7 +577,7 @@ def main(): args.get("krbprincipalauthind", [""]) == res_find.get("krbprincipalauthind", [""]) ) - ): + ): del args["krbprincipalauthind"] if not compare_args_ipa(ansible_module, args, diff --git a/plugins/modules/ipauser.py b/plugins/modules/ipauser.py index b737f749..a1146fb6 100644 --- a/plugins/modules/ipauser.py +++ b/plugins/modules/ipauser.py @@ -824,14 +824,17 @@ def main(): # general name=dict(type="list", aliases=["login"], default=None, required=False), - users=dict(type="list", aliases=["login"], default=None, + users=dict(type="list", + aliases=["login"], + default=None, options=dict( # Here name is a simple string name=dict(type="str", required=True), # Add user specific parameters **user_spec ), - elements='dict', required=False), + elements='dict', + required=False), # deleted preserve=dict(required=False, type='bool', default=None), diff --git a/plugins/modules/ipavault.py b/plugins/modules/ipavault.py index 76d3ae2d..01574c7b 100644 --- a/plugins/modules/ipavault.py +++ b/plugins/modules/ipavault.py @@ -634,7 +634,7 @@ def main(): vault_password_file=dict(type="str", required=False, default=None, no_log=False, aliases=[ - 'password_file', "old_password_file" + 'password_file', "old_password_file" ]), new_password=dict(type="str", required=False, default=None, no_log=True), diff --git a/utils/gen_module_docs.py b/utils/gen_module_docs.py index 254a2734..e046f986 100644 --- a/utils/gen_module_docs.py +++ b/utils/gen_module_docs.py @@ -26,7 +26,7 @@ param_docs = { "sssd": "The installer sssd setting", "dnsok": "The installer dnsok setting", - "dm_password": "Directory Manager password", + "dm_password": "Directory Manager password", "password": "Admin user kerberos password", "ip_addresses": "List of Master Server IP Addresses", "domain": "Primary DNS domain of the IPA deployment", @@ -56,8 +56,8 @@ param_docs = { "no_ui_redirect": "Do not automatically redirect to the Web UI", "external_ca": "External ca setting", "external_cert_files": [ - "File containing the IPA CA certificate and the external CA certificate", - "chain" + "File containing the IPA CA certificate and the external CA " + "certificate chain" ], "reverse_zones": "The reverse DNS zones to use", "no_reverse": "Do not create new reverse DNS zone", @@ -131,8 +131,8 @@ param_docs = { "debug": "Turn on extra debugging", "basedn": "The basedn of the IPA server (of the form dc=example,dc=com)", "allow_repair": [ - "Allow repair of already joined hosts. Contrary to ipaclient_force_join", - "the host entry will not be changed on the server" + "Allow repair of already joined hosts. Contrary to " + "ipaclient_force_join the host entry will not be changed on the server" ], "backup": "File to backup", "fqdn": [