Reformat documentation with 'andebox yaml-doc' (#828)

* Reformat documentation with 'andebox yaml-doc'. * Fix/improve. * Remaining fixes. * One more.
2026-05-07 13:53:06 +00:00 · 2024-12-28 17:00:28 +01:00
parent 2ed7f69b83
commit 942be86635
54 changed files with 5605 additions and 5968 deletions
--- a/plugins/modules/openssl_csr.py
+++ b/plugins/modules/openssl_csr.py
@@ -10,71 +10,70 @@ from __future__ import absolute_import, division, print_function
 __metaclass__ = type


-DOCUMENTATION = r'''
---
+DOCUMENTATION = r"""
 module: openssl_csr
 short_description: Generate OpenSSL Certificate Signing Request (CSR)
 description:
-    - "Please note that the module regenerates an existing CSR if it does not match the module's
-      options, or if it seems to be corrupt. If you are concerned that this could overwrite
-      your existing CSR, consider using the O(backup) option."
+  - Please note that the module regenerates an existing CSR if it does not match the module's options, or if it seems to be
+    corrupt. If you are concerned that this could overwrite your existing CSR, consider using the O(backup) option.
 author:
-    - Yanis Guenane (@Spredzy)
-    - Felix Fontein (@felixfontein)
+  - Yanis Guenane (@Spredzy)
+  - Felix Fontein (@felixfontein)
 extends_documentation_fragment:
-    - ansible.builtin.files
-    - community.crypto.attributes
-    - community.crypto.attributes.files
-    - community.crypto.module_csr
+  - ansible.builtin.files
+  - community.crypto.attributes
+  - community.crypto.attributes.files
+  - community.crypto.module_csr
 attributes:
-    check_mode:
-        support: full
-    diff_mode:
-        support: full
-    safe_file_operations:
-        support: full
+  check_mode:
+    support: full
+  diff_mode:
+    support: full
+  safe_file_operations:
+    support: full
 options:
-    state:
-        description:
-            - Whether the certificate signing request should exist or not, taking action if the state is different from what is stated.
-        type: str
-        default: present
-        choices: [ absent, present ]
-    force:
-        description:
-            - Should the certificate signing request be forced regenerated by this ansible module.
-        type: bool
-        default: false
-    path:
-        description:
-            - The name of the file into which the generated OpenSSL certificate signing request will be written.
-        type: path
-        required: true
-    backup:
-        description:
-            - Create a backup file including a timestamp so you can get the original
-              CSR back if you overwrote it with a new one by accident.
-        type: bool
-        default: false
-    return_content:
-        description:
-            - If set to V(true), will return the (current or generated) CSR's content as RV(csr).
-        type: bool
-        default: false
-        version_added: "1.0.0"
-    privatekey_content:
-        version_added: "1.0.0"
-    name_constraints_permitted:
-        version_added: 1.1.0
-    name_constraints_excluded:
-        version_added: 1.1.0
-    name_constraints_critical:
-        version_added: 1.1.0
+  state:
+    description:
+      - Whether the certificate signing request should exist or not, taking action if the state is different from what is
+        stated.
+    type: str
+    default: present
+    choices: [absent, present]
+  force:
+    description:
+      - Should the certificate signing request be forced regenerated by this ansible module.
+    type: bool
+    default: false
+  path:
+    description:
+      - The name of the file into which the generated OpenSSL certificate signing request will be written.
+    type: path
+    required: true
+  backup:
+    description:
+      - Create a backup file including a timestamp so you can get the original CSR back if you overwrote it with a new one
+        by accident.
+    type: bool
+    default: false
+  return_content:
+    description:
+      - If set to V(true), will return the (current or generated) CSR's content as RV(csr).
+    type: bool
+    default: false
+    version_added: "1.0.0"
+  privatekey_content:
+    version_added: "1.0.0"
+  name_constraints_permitted:
+    version_added: 1.1.0
+  name_constraints_excluded:
+    version_added: 1.1.0
+  name_constraints_critical:
+    version_added: 1.1.0
 seealso:
-    - module: community.crypto.openssl_csr_pipe
-'''
+  - module: community.crypto.openssl_csr_pipe
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 - name: Generate an OpenSSL Certificate Signing Request
  community.crypto.openssl_csr:
    path: /etc/ssl/csr/www.ansible.com.csr
@@ -116,8 +115,8 @@ EXAMPLES = r'''
    subject_alt_name: "{{ item.value | map('regex_replace', '^', 'DNS:') | list }}"
  with_dict:
    dns_server:
-    - www.ansible.com
-    - m.ansible.com
+      - www.ansible.com
+      - m.ansible.com

 - name: Force regenerate an OpenSSL Certificate Signing Request
  community.crypto.openssl_csr:
@@ -150,7 +149,7 @@ EXAMPLES = r'''
    privatekey_path: /etc/ssl/private/winrm.auth.pem
    common_name: username
    extended_key_usage:
-    - clientAuth
+      - clientAuth
    subject_alt_name: otherName:1.3.6.1.4.1.311.20.2.3;UTF8:username@localhost

 - name: Generate an OpenSSL Certificate Signing Request with a CRL distribution point
@@ -167,82 +166,81 @@ EXAMPLES = r'''
          - key_compromise
          - ca_compromise
          - cessation_of_operation
-'''
+"""

-RETURN = r'''
+RETURN = r"""
 privatekey:
-    description:
-    - Path to the TLS/SSL private key the CSR was generated for
+  description:
+    - Path to the TLS/SSL private key the CSR was generated for.
    - Will be V(none) if the private key has been provided in O(privatekey_content).
-    returned: changed or success
-    type: str
-    sample: /etc/ssl/private/ansible.com.pem
+  returned: changed or success
+  type: str
+  sample: /etc/ssl/private/ansible.com.pem
 filename:
-    description: Path to the generated Certificate Signing Request
-    returned: changed or success
-    type: str
-    sample: /etc/ssl/csr/www.ansible.com.csr
+  description: Path to the generated Certificate Signing Request.
+  returned: changed or success
+  type: str
+  sample: /etc/ssl/csr/www.ansible.com.csr
 subject:
-    description: A list of the subject tuples attached to the CSR
-    returned: changed or success
-    type: list
-    elements: list
-    sample: [['CN', 'www.ansible.com'], ['O', 'Ansible']]
+  description: A list of the subject tuples attached to the CSR.
+  returned: changed or success
+  type: list
+  elements: list
+  sample: [['CN', 'www.ansible.com'], ['O', 'Ansible']]
 subjectAltName:
-    description: The alternative names this CSR is valid for
-    returned: changed or success
-    type: list
-    elements: str
-    sample: [ 'DNS:www.ansible.com', 'DNS:m.ansible.com' ]
+  description: The alternative names this CSR is valid for.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['DNS:www.ansible.com', 'DNS:m.ansible.com']
 keyUsage:
-    description: Purpose for which the public key may be used
-    returned: changed or success
-    type: list
-    elements: str
-    sample: [ 'digitalSignature', 'keyAgreement' ]
+  description: Purpose for which the public key may be used.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['digitalSignature', 'keyAgreement']
 extendedKeyUsage:
-    description: Additional restriction on the public key purposes
-    returned: changed or success
-    type: list
-    elements: str
-    sample: [ 'clientAuth' ]
+  description: Additional restriction on the public key purposes.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['clientAuth']
 basicConstraints:
-    description: Indicates if the certificate belongs to a CA
-    returned: changed or success
-    type: list
-    elements: str
-    sample: ['CA:TRUE', 'pathLenConstraint:0']
+  description: Indicates if the certificate belongs to a CA.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['CA:TRUE', 'pathLenConstraint:0']
 ocsp_must_staple:
-    description: Indicates whether the certificate has the OCSP
-                 Must Staple feature enabled
-    returned: changed or success
-    type: bool
-    sample: false
+  description: Indicates whether the certificate has the OCSP Must Staple feature enabled.
+  returned: changed or success
+  type: bool
+  sample: false
 name_constraints_permitted:
-    description: List of permitted subtrees to sign certificates for.
-    returned: changed or success
-    type: list
-    elements: str
-    sample: ['email:.somedomain.com']
-    version_added: 1.1.0
+  description: List of permitted subtrees to sign certificates for.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['email:.somedomain.com']
+  version_added: 1.1.0
 name_constraints_excluded:
-    description: List of excluded subtrees the CA cannot sign certificates for.
-    returned: changed or success
-    type: list
-    elements: str
-    sample: ['email:.com']
-    version_added: 1.1.0
+  description: List of excluded subtrees the CA cannot sign certificates for.
+  returned: changed or success
+  type: list
+  elements: str
+  sample: ['email:.com']
+  version_added: 1.1.0
 backup_file:
-    description: Name of backup file created.
-    returned: changed and if O(backup) is V(true)
-    type: str
-    sample: /path/to/www.ansible.com.csr.2019-03-09@11:22~
+  description: Name of backup file created.
+  returned: changed and if O(backup) is V(true)
+  type: str
+  sample: /path/to/www.ansible.com.csr.2019-03-09@11:22~
 csr:
-    description: The (current or generated) CSR's content.
-    returned: if O(state) is V(present) and O(return_content) is V(true)
-    type: str
-    version_added: "1.0.0"
-'''
+  description: The (current or generated) CSR's content.
+  returned: if O(state) is V(present) and O(return_content) is V(true)
+  type: str
+  version_added: "1.0.0"
+"""

 import os