From da2631d923c93f973814aa38afec8033c268907d Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 1 Jul 2019 14:48:42 +0200
Subject: [PATCH] ipatopology modules: Use ipaadmin_ prefix for principal and
password
The use of password will conflict with the user password setting and is
not really descriptive. ipaadmin_principal and ipaadmin_password are also
used in the roles.
---
README-topology.md | 18 +++++++++---------
playbooks/topology/add-topologysegment.yml | 2 +-
playbooks/topology/add-topologysegments.yml | 2 +-
playbooks/topology/check-topologysegments.yml | 2 +-
playbooks/topology/delete-topologysegment.yml | 2 +-
playbooks/topology/delete-topologysegments.yml | 2 +-
.../topology/reinitialize-topologysegment.yml | 2 +-
playbooks/topology/verify-topologysuffix.yml | 2 +-
plugins/modules/ipatopologysegment.py | 17 +++++++++--------
plugins/modules/ipatopologysuffix.py | 14 +++++++-------
10 files changed, 32 insertions(+), 31 deletions(-)
diff --git a/README-topology.md b/README-topology.md
index 4cf208c7..07d9a7d5 100644
--- a/README-topology.md
+++ b/README-topology.md
@@ -50,7 +50,7 @@ Example playbook to add a topology segment wiht default name (cn):
tasks:
- name: Add topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
@@ -70,7 +70,7 @@ Example playbook to delete a topology segment:
tasks:
- name: Delete topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
@@ -90,7 +90,7 @@ Example playbook to reinitialize a topology segment:
tasks:
- name: Reinitialize topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
@@ -111,7 +111,7 @@ Example playbook to verify a topology suffix:
tasks:
- name: Verify topology suffix
ipatopologysuffix:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
state: verified
```
@@ -136,7 +136,7 @@ Example playbook to add a list of topology segments:
tasks:
- name: Add topology segment
ipatopologysegment:
- password: "{{ ipaadmin_password }}"
+ ipaadmin_password: "{{ ipaadmin_password }}"
suffix: "{{ item.suffix }}"
name: "{{ item.name | default(omit) }}"
left: "{{ item.left }}"
@@ -157,8 +157,8 @@ ipatopologysegment
Variable | Description | Required
-------- | ----------- | --------
-`principal` | The admin principal is a string and defaults to `admin` | no
-`password` | The admin password is a string and is required if there is no admin ticket available on the node | no
+`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
+`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
`suffix` | The topology suffix to be used, this can either be `domain`, `ca` or `domain+ca` | yes
`name` \| `cn` | The topology segment name (cn) is the unique identifier for a segment. | no
`left` \| `leftnode` | The left replication node string - an IPA server | no
@@ -174,8 +174,8 @@ Verify FreeIPA topology suffix
Variable | Description | Required
-------- | ----------- | --------
-`principal` | The admin principal is a string and defaults to `admin` | no
-`password` | The admin password is a string and is required if there is no admin ticket available on the node | no
+`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
+`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
`suffix` | The topology suffix to be used, this can either be `domain` or `ca` | yes
`state` | The state to ensure. It can only be `verified` | yes
diff --git a/playbooks/topology/add-topologysegment.yml b/playbooks/topology/add-topologysegment.yml
index a6c8477d..ebf55445 100644
--- a/playbooks/topology/add-topologysegment.yml
+++ b/playbooks/topology/add-topologysegment.yml
@@ -6,7 +6,7 @@
tasks:
- name: Add topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
diff --git a/playbooks/topology/add-topologysegments.yml b/playbooks/topology/add-topologysegments.yml
index b3348ab8..c285a9f6 100644
--- a/playbooks/topology/add-topologysegments.yml
+++ b/playbooks/topology/add-topologysegments.yml
@@ -14,7 +14,7 @@
tasks:
- name: Add topology segment
ipatopologysegment:
- password: "{{ ipaadmin_password }}"
+ ipaadmin_password: "{{ ipaadmin_password }}"
suffix: "{{ item.suffix }}"
name: "{{ item.name | default(omit) }}"
left: "{{ item.left }}"
diff --git a/playbooks/topology/check-topologysegments.yml b/playbooks/topology/check-topologysegments.yml
index 49550573..5770c178 100644
--- a/playbooks/topology/check-topologysegments.yml
+++ b/playbooks/topology/check-topologysegments.yml
@@ -14,7 +14,7 @@
tasks:
- name: Add topology segment
ipatopologysegment:
- password: "{{ ipaadmin_password }}"
+ ipaadmin_password: "{{ ipaadmin_password }}"
suffix: "{{ item.suffix }}"
name: "{{ item.name | default(omit) }}"
left: "{{ item.left }}"
diff --git a/playbooks/topology/delete-topologysegment.yml b/playbooks/topology/delete-topologysegment.yml
index af640137..a3f2c680 100644
--- a/playbooks/topology/delete-topologysegment.yml
+++ b/playbooks/topology/delete-topologysegment.yml
@@ -6,7 +6,7 @@
tasks:
- name: Delete topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
diff --git a/playbooks/topology/delete-topologysegments.yml b/playbooks/topology/delete-topologysegments.yml
index fd6ea16d..68b95b87 100644
--- a/playbooks/topology/delete-topologysegments.yml
+++ b/playbooks/topology/delete-topologysegments.yml
@@ -14,7 +14,7 @@
tasks:
- name: Add topology segment
ipatopologysegment:
- password: "{{ ipaadmin_password }}"
+ ipaadmin_password: "{{ ipaadmin_password }}"
suffix: "{{ item.suffix }}"
name: "{{ item.name | default(omit) }}"
left: "{{ item.left }}"
diff --git a/playbooks/topology/reinitialize-topologysegment.yml b/playbooks/topology/reinitialize-topologysegment.yml
index 7afdd65a..1f21cd23 100644
--- a/playbooks/topology/reinitialize-topologysegment.yml
+++ b/playbooks/topology/reinitialize-topologysegment.yml
@@ -6,7 +6,7 @@
tasks:
- name: Reinitialize topology segment
ipatopologysegment:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
left: ipareplica1.test.local
right: ipareplica2.test.local
diff --git a/playbooks/topology/verify-topologysuffix.yml b/playbooks/topology/verify-topologysuffix.yml
index 518fc7c2..b27ca3d6 100644
--- a/playbooks/topology/verify-topologysuffix.yml
+++ b/playbooks/topology/verify-topologysuffix.yml
@@ -6,6 +6,6 @@
tasks:
- name: Verify topology suffix
ipatopologysuffix:
- password: MyPassword123
+ ipaadmin_password: MyPassword123
suffix: domain
state: verified
diff --git a/plugins/modules/ipatopologysegment.py b/plugins/modules/ipatopologysegment.py
index de71dc11..1c8722d2 100644
--- a/plugins/modules/ipatopologysegment.py
+++ b/plugins/modules/ipatopologysegment.py
@@ -32,10 +32,10 @@ module: ipatopologysegment
short description: Manage FreeIPA topology segments
description: Manage FreeIPA topology segments
options:
- principal:
+ ipaadmin_principal:
description: The admin principal
default: admin
- password:
+ ipaadmin_password:
description: The admin password
required: false
suffix:
@@ -173,8 +173,8 @@ def find_left_right_cn(module, suffix, left, right, name):
def main():
ansible_module = AnsibleModule(
argument_spec=dict(
- principal=dict(type="str", default="admin"),
- password=dict(type="str", required=False, no_log=True),
+ ipaadmin_principal=dict(type="str", default="admin"),
+ ipaadmin_password=dict(type="str", required=False, no_log=True),
suffix=dict(choices=["domain", "ca", "domain+ca"], required=True),
name=dict(type="str", aliases=["cn"], default=None),
left=dict(type="str", aliases=["leftnode"], default=None),
@@ -192,8 +192,8 @@ def main():
# Get parameters
- principal = ansible_module.params.get("principal")
- password = ansible_module.params.get("password")
+ ipaadmin_principal = ansible_module.params.get("ipaadmin_principal")
+ ipaadmin_password = ansible_module.params.get("ipaadmin_password")
suffixes = ansible_module.params.get("suffix")
name = ansible_module.params.get("name")
left = ansible_module.params.get("left")
@@ -214,8 +214,9 @@ def main():
ccache_dir = None
ccache_name = None
try:
- if not valid_creds(principal):
- ccache_dir, ccache_name = temp_kinit(principal, password)
+ if not valid_creds(ipaadmin_principal):
+ ccache_dir, ccache_name = temp_kinit(ipaadmin_principal,
+ ipaadmin_password)
api_connect()
commands = []
diff --git a/plugins/modules/ipatopologysuffix.py b/plugins/modules/ipatopologysuffix.py
index a71adc2c..03f0ab67 100644
--- a/plugins/modules/ipatopologysuffix.py
+++ b/plugins/modules/ipatopologysuffix.py
@@ -32,10 +32,10 @@ module: ipatopologysuffix
short description: Verify FreeIPA topology suffix
description: Verify FreeIPA topology suffix
options:
- principal:
+ ipaadmin_principal:
description: The admin principal
default: admin
- password:
+ ipaadmin_password:
description: The admin password
required: false
suffix:
@@ -66,8 +66,8 @@ from ansible.module_utils.ansible_freeipa_module import execute_api_command
def main():
ansible_module = AnsibleModule(
argument_spec=dict(
- principal=dict(type="str", default="admin"),
- password=dict(type="str", required=False, no_log=True),
+ ipaadmin_principal=dict(type="str", default="admin"),
+ ipaadmin_password=dict(type="str", required=False, no_log=True),
suffix=dict(choices=["domain", "ca"], required=True),
state=dict(type="str", default="verified",
choices=["verified"]),
@@ -79,8 +79,8 @@ def main():
# Get parameters
- principal = ansible_module.params.get("principal")
- password = ansible_module.params.get("password")
+ ipaadmin_principal = ansible_module.params.get("ipaadmin_principal")
+ ipaadmin_password = ansible_module.params.get("ipaadmin_password")
suffix = ansible_module.params.get("suffix")
state = ansible_module.params.get("state")
@@ -98,7 +98,7 @@ def main():
# Execute command
- execute_api_command(ansible_module, principal, password,
+ execute_api_command(ansible_module, ipaadmin_principal, ipaadmin_password,
command, to_text(suffix), args)
# Done
--
GitLab