From 341078ed5d10b2b5a3ea28c45b2b7d2e0208a388 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Tue, 2 Jun 2020 15:13:16 -0300
Subject: [PATCH] Add support for FreeIPA API service_del `continue` option.

---
 README-service.md              |  1 +
 plugins/modules/ipaservice.py  | 21 ++++++++++++++++++---
 tests/service/test_service.yml | 26 ++++++++++++++++++++++++++
 3 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/README-service.md b/README-service.md
index da0c692c..28e834d2 100644
--- a/README-service.md
+++ b/README-service.md
@@ -310,6 +310,7 @@ Variable | Description | Required
 `allow_retrieve_keytab_group` \| `ipaallowedtoperform_read_keys_group` | Groups allowed to retrieve a keytab of this host. | no
 `allow_retrieve_keytab_host` \| `ipaallowedtoperform_read_keys_host` | Hosts allowed to retrieve a keytab from of host. | no
 `allow_retrieve_keytab_hostgroup` \| `ipaallowedtoperform_read_keys_hostgroup` | Host groups allowed to retrieve a keytab of this host. | no
+`continue` | Continuous mode: don't stop on errors. Valid only if `state` is `absent`. Default: `no` (bool) | no
 `action` | Work on service or member level. It can be on of `member` or `service` and defaults to `service`. | no
 `state` | The state to ensure. It can be one of `present`, `absent`, or `disabled`, default: `present`. | no
 
diff --git a/plugins/modules/ipaservice.py b/plugins/modules/ipaservice.py
index 5b668abe..941b9033 100644
--- a/plugins/modules/ipaservice.py
+++ b/plugins/modules/ipaservice.py
@@ -135,6 +135,12 @@ options:
     required: false
     type: list
     aliases: ["ipaallowedtoperform_read_keys_hostgroup"]
+  continue:
+    description:
+      Continuous mode. Don't stop on errors. Valid only if `state` is `absent`.
+    required: false
+    default: True
+    type: bool
   action:
     description: Work on service or member level
     default: service
@@ -284,7 +290,9 @@ def check_parameters(module, state, action, names, parameters):
             module.fail_json(msg="Only one service can be added at a time.")
 
         if action == 'service':
-            invalid = []
+            invalid = ['delete_continue']
+        else:
+            invalid.append('delete_continue')
 
     elif state == 'absent':
         if len(names) < 1:
@@ -292,9 +300,12 @@ def check_parameters(module, state, action, names, parameters):
 
         if action == "service":
             invalid.extend(invalid_not_member)
+        else:
+            invalid.extend('delete_continue')
 
     elif state == 'disabled':
         invalid.extend(invalid_not_member)
+        invalid.append('delete_continue')
         if action != "service":
             module.fail_json(
                 msg="Invalid action '%s' for state '%s'" % (action, state))
@@ -303,7 +314,7 @@ def check_parameters(module, state, action, names, parameters):
         module.fail_json(msg="Invalid state '%s'" % (state))
 
     for _invalid in invalid:
-        if parameters[_invalid] is not None:
+        if _invalid in parameters and parameters[_invalid] is not None:
             module.fail_json(
                 msg="Argument '%s' can not be used with state '%s', "
                 "action '%s'" % (_invalid, state, action))
@@ -360,6 +371,8 @@ def init_ansible_module():
             allow_retrieve_keytab_hostgroup=dict(
                 type="list", required=False,
                 aliases=['ipaallowedtoperform_read_keys_hostgroup']),
+            delete_continue=dict(type="bool", required=False,
+                                 aliases=['continue']),
             # action
             action=dict(type="str", default="service",
                         choices=["member", "service"]),
@@ -417,6 +430,7 @@ def main():
         ansible_module, "allow_create_keytab_host")
     allow_retrieve_keytab_hostgroup = module_params_get(
         ansible_module, "allow_retrieve_keytab_hostgroup")
+    delete_continue = module_params_get(ansible_module, "delete_continue")
 
     # action
     action = module_params_get(ansible_module, "action")
@@ -699,7 +713,8 @@ def main():
             elif state == "absent":
                 if action == "service":
                     if res_find is not None:
-                        commands.append([name, 'service_del', {}])
+                        args = {'continue': True if delete_continue else False}
+                        commands.append([name, 'service_del', args])
 
                 elif action == "member":
                     if res_find is None:
diff --git a/tests/service/test_service.yml b/tests/service/test_service.yml
index a1216aa8..780499e7 100644
--- a/tests/service/test_service.yml
+++ b/tests/service/test_service.yml
@@ -515,6 +515,32 @@
     register: result
     failed_when: result.changed
 
+  - name: Ensure services are absent.
+    ipaservice:
+      ipaadmin_password: SomeADMINpassword
+      name:
+      - "HTTP/{{ svc_fqdn }}"
+      - HTTP/www.ansible.com
+      - HTTP/svc.ihavenodns.info
+      - HTTP/no.idontexist.local
+      continue: yes
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure services are absent.
+    ipaservice:
+      ipaadmin_password: SomeADMINpassword
+      name:
+      - "HTTP/{{ svc_fqdn }}"
+      - HTTP/www.ansible.com
+      - HTTP/svc.ihavenodns.info
+      - HTTP/no.idontexist.local
+      continue: yes
+      state: absent
+    register: result
+    failed_when: result.changed
+
   # cleanup
 
   - name: Ensure services are absent.
-- 
GitLab