config: Use IPAAnsibleModule class

ipaadmin_variables are handled by IPAAnsibleModule,
ansible_module.params_get is used to get the parameters and
ansible_module.ipa_connect is used to simplify the module.

plugins/modules/ipaconfig.py

@@ -34,13 +34,9 @@ author: chris procter
 short_description: Modify IPA global config options
 description:
 - Modify IPA global config options
+extends_documentation_fragment:
+  - ipamodule_base_docs
 options:
-    ipaadmin_principal:
-        description: The admin principal
-        default: admin
-    ipaadmin_password:
-        description: The admin password
-        required: false
     maxusername:
         description: Set the maximum username length between 1-255
         required: false
@@ -159,7 +155,7 @@ EXAMPLES = '''
   tasks:
     - name: return current values of the global configuration options
       ipaconfig:
-        ipaadmin_password: password
+        ipaadmin_password: SomeADMINpassword
       register: result
     - name: display default login shell
       debug:
@@ -167,7 +163,7 @@ EXAMPLES = '''
 
     - name: set defaultshell and maxusername
       ipaconfig:
-        ipaadmin_password: password
+        ipaadmin_password: SomeADMINpassword
         defaultshell: /bin/bash
         maxusername: 64
 '''
@@ -251,14 +247,12 @@ config:
 '''
 
 
-from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils.ansible_freeipa_module import temp_kinit, \
-    temp_kdestroy, valid_creds, api_connect, api_command_no_name, \
-    compare_args_ipa, module_params_get, ipalib_errors
+from ansible.module_utils.ansible_freeipa_module import \
+    IPAAnsibleModule, compare_args_ipa, ipalib_errors
 
 
 def config_show(module):
-    _result = api_command_no_name(module, "config_show", {})
+    _result = module.ipa_command_no_name("config_show", {})
 
     return _result["result"]
 
@@ -270,11 +264,9 @@ def gen_args(params):
 
 
 def main():
-    ansible_module = AnsibleModule(
+    ansible_module = IPAAnsibleModule(
         argument_spec=dict(
             # general
-            ipaadmin_principal=dict(type="str", default="admin"),
-            ipaadmin_password=dict(type="str", required=False, no_log=True),
             maxusername=dict(type="int", required=False,
                              aliases=['ipamaxusernamelength']),
             maxhostname=dict(type="int", required=False,
@@ -334,11 +326,6 @@ def main():
     # Get parameters
 
     # general
-    ipaadmin_principal = module_params_get(ansible_module,
-                                           "ipaadmin_principal")
-    ipaadmin_password = module_params_get(ansible_module,
-                                          "ipaadmin_password")
-
     field_map = {
         "maxusername": "ipamaxusernamelength",
         "maxhostname": "ipamaxhostnamelength",
@@ -366,7 +353,7 @@ def main():
 
     params = {}
     for x in field_map:
-        val = module_params_get(ansible_module, x)
+        val = ansible_module.params_get(x)
 
         if val is not None:
             params[field_map.get(x, x)] = val
@@ -407,14 +394,11 @@ def main():
 
     changed = False
     exit_args = {}
-    ccache_dir = None
-    ccache_name = None
     res_show = None
-    try:
-        if not valid_creds(ansible_module, ipaadmin_principal):
-            ccache_dir, ccache_name = temp_kinit(ipaadmin_principal,
-                                                 ipaadmin_password)
-        api_connect()
+
+    # Connect to IPA API
+    with ansible_module.ipa_connect():
+
         if params:
             res_show = config_show(ansible_module)
             params = {
@@ -425,10 +409,13 @@ def main():
                and not compare_args_ipa(ansible_module, params, res_show):
                 changed = True
                 if not ansible_module.check_mode:
-                    api_command_no_name(ansible_module, "config_mod", params)
-
+                    try:
+                        ansible_module.ipa_command_no_name("config_mod",
+                                                           params)
+                    except ipalib_errors.EmptyModlist:
+                        changed = False
         else:
-            rawresult = api_command_no_name(ansible_module, "config_show", {})
+            rawresult = ansible_module.ipa_command_no_name("config_show", {})
             result = rawresult['result']
             del result['dn']
             for key, value in result.items():
@@ -460,13 +447,6 @@ def main():
                         exit_args[k] = (value[0] == "TRUE")
                     else:
                         exit_args[k] = value
-    except ipalib_errors.EmptyModlist:
-        changed = False
-    except Exception as e:
-        ansible_module.fail_json(msg="%s %s" % (params, str(e)))
-
-    finally:
-        temp_kdestroy(ccache_dir, ccache_name)
 
     # Done
     ansible_module.exit_json(changed=changed, config=exit_args)