internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-06 21:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

openssh_* modules: check return code on ssh(-keygen) invocations; fail if comment cannot be updated (#646)

Browse Source 
* Check return code on ssh(-keygen) invocations.

* openssh_cert: only check for errors if certificate should be present and module is not in check mode.

* Handle rc check for _get_private_key().

* Add changelog fragment.

* Only pass -o for comment updating when necessary.

* Now fails if comment cannot be updated.

This was silently ignored in the past.

* Avoid failing operation.
This commit is contained in:
Felix Fontein
2023-08-12 17:14:00 +02:00
committed by GitHub
parent 62c842548d
commit addbd067c8
6 changed files with 57 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/modules/openssh_cert.py
View File

@@ -497,7 +497,10 @@ class Certificate(OpensshModule):
if self.state != 'present':
return {}
certificate_info = self.ssh_keygen.get_certificate_info(self.path)[1]
certificate_info = self.ssh_keygen.get_certificate_info(
self.path,
check_rc=self.state == 'present' and not self.module.check_mode,
)[1]
return {
'type': self.type,