From 10b3f4610c7ef813cd8cebd8657ae7c4d866ee75 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Wed, 9 Nov 2022 23:20:35 -0300
Subject: [PATCH] pylint: Modify certificate loader function definition.

This patch modifies the way that the certificate load function is
defined, depending on the dependency version, so that the resulting
identifier for the function is always set and static analysis tools,
like linters don't complain about variables being used before being
set.

The same idiom is applied to both the ipaclient role and the plugins
ansible_module_utils.
---
 plugins/module_utils/ansible_freeipa_module.py     | 9 +++------
 roles/ipaserver/module_utils/ansible_ipa_server.py | 8 +++-----
 2 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/plugins/module_utils/ansible_freeipa_module.py b/plugins/module_utils/ansible_freeipa_module.py
index d92dbc9a..247f6e74 100644
--- a/plugins/module_utils/ansible_freeipa_module.py
+++ b/plugins/module_utils/ansible_freeipa_module.py
@@ -99,9 +99,10 @@ try:
 
     try:
         from ipalib.x509 import load_pem_x509_certificate
+        certificate_loader = load_pem_x509_certificate
     except ImportError:
         from ipalib.x509 import load_certificate
-        load_pem_x509_certificate = None
+        certificate_loader = load_certificate
 
     # Try to import is_ipa_configured or use a fallback implementation.
     try:
@@ -147,7 +148,6 @@ except ImportError as _err:
     uuid = None
     netaddr = None
     is_ipa_configured = None
-    load_certificate = None
     kerberos = None
     ipaserver = None  # pylint: disable=C0103
 else:
@@ -588,10 +588,7 @@ def load_cert_from_str(cert):
     if not cert.endswith("-----END CERTIFICATE-----"):
         cert += "\n-----END CERTIFICATE-----"
 
-    if load_pem_x509_certificate is not None:
-        cert = load_pem_x509_certificate(cert.encode('utf-8'))
-    else:
-        cert = load_certificate(cert.encode('utf-8'))
+    cert = certificate_loader(cert.encode('utf-8'))
     return cert
 
 
diff --git a/roles/ipaserver/module_utils/ansible_ipa_server.py b/roles/ipaserver/module_utils/ansible_ipa_server.py
index 8e7be0b0..f1f4972b 100644
--- a/roles/ipaserver/module_utils/ansible_ipa_server.py
+++ b/roles/ipaserver/module_utils/ansible_ipa_server.py
@@ -196,9 +196,10 @@ else:
 
         try:
             from ipalib.x509 import load_pem_x509_certificate
+            certificate_loader = load_pem_x509_certificate
         except ImportError:
             from ipalib.x509 import load_certificate
-            load_pem_x509_certificate = None
+            certificate_loader = load_certificate
 
         try:
             from ipaserver.install.server.install import get_min_idstart
@@ -426,10 +427,7 @@ else:
             if not cert.endswith("-----END CERTIFICATE-----"):
                 cert += "\n-----END CERTIFICATE-----"
 
-            if load_pem_x509_certificate is not None:
-                cert = load_pem_x509_certificate(cert.encode('utf-8'))
-            else:
-                cert = load_certificate(cert.encode('utf-8'))
+            cert = certificate_loader(cert.encode('utf-8'))
         else:
             cert = base64.b64decode(cert)
         return cert
-- 
GitLab