ipatopology modules: Use ipaadmin_ prefix for principal and password

The use of password will conflict with the user password setting and is not really descriptive. ipaadmin_principal and ipaadmin_password are also used in the roles.

ipatopology modules: Use ipaadmin_ prefix for principal and password
da2631d9 · Thomas Woerner · c708ef78 · da2631d9 · da2631d9 · da2631d9
Commit da2631d9 authored 5 years ago by Thomas Woerner
--- a/README-topology.md
+++ b/README-topology.md
@@ -50,7 +50,7 @@ Example playbook to add a topology segment wiht default name (cn):
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local
@@ -70,7 +70,7 @@ Example playbook to delete a topology segment:
  tasks:
  - name: Delete topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local
@@ -90,7 +90,7 @@ Example playbook to reinitialize a topology segment:
  tasks:
  - name: Reinitialize topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local
@@ -111,7 +111,7 @@ Example playbook to verify a topology suffix:
  tasks:
  - name: Verify topology suffix
    ipatopologysuffix:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      state: verified
 ```
@@ -136,7 +136,7 @@ Example playbook to add a list of topology segments:
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: "{{ ipaadmin_password }}"
+      ipaadmin_password: "{{ ipaadmin_password }}"
      suffix: "{{ item.suffix }}"
      name: "{{ item.name | default(omit) }}"
      left: "{{ item.left }}"
@@ -157,8 +157,8 @@ ipatopologysegment

 Variable | Description | Required
 -------- | ----------- | --------
-`principal` | The admin principal is a string and defaults to `admin` | no
-`password` | The admin password is a string and is required if there is no admin ticket available on the node | no
+`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
+`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
 `suffix` | The topology suffix to be used, this can either be `domain`, `ca` or `domain+ca` | yes
 `name` \| `cn` | The topology segment name (cn) is the unique identifier for a segment. | no
 `left` \| `leftnode` | The left replication node string - an IPA server | no
@@ -174,8 +174,8 @@ Verify FreeIPA topology suffix

 Variable | Description | Required
 -------- | ----------- | --------
-`principal` | The admin principal is a string and defaults to `admin` | no
-`password` | The admin password is a string and is required if there is no admin ticket available on the node | no
+`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
+`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
 `suffix` | The topology suffix to be used, this can either be `domain` or `ca` | yes
 `state` | The state to ensure. It can only be `verified` | yes


--- a/playbooks/topology/add-topologysegment.yml
+++ b/playbooks/topology/add-topologysegment.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local

--- a/playbooks/topology/add-topologysegments.yml
+++ b/playbooks/topology/add-topologysegments.yml
@@ -14,7 +14,7 @@
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: "{{ ipaadmin_password }}"
+      ipaadmin_password: "{{ ipaadmin_password }}"
      suffix: "{{ item.suffix }}"
      name: "{{ item.name | default(omit) }}"
      left: "{{ item.left }}"

--- a/playbooks/topology/check-topologysegments.yml
+++ b/playbooks/topology/check-topologysegments.yml
@@ -14,7 +14,7 @@
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: "{{ ipaadmin_password }}"
+      ipaadmin_password: "{{ ipaadmin_password }}"
      suffix: "{{ item.suffix }}"
      name: "{{ item.name | default(omit) }}"
      left: "{{ item.left }}"

--- a/playbooks/topology/delete-topologysegment.yml
+++ b/playbooks/topology/delete-topologysegment.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Delete topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local

--- a/playbooks/topology/delete-topologysegments.yml
+++ b/playbooks/topology/delete-topologysegments.yml
@@ -14,7 +14,7 @@
  tasks:
  - name: Add topology segment
    ipatopologysegment:
-      password: "{{ ipaadmin_password }}"
+      ipaadmin_password: "{{ ipaadmin_password }}"
      suffix: "{{ item.suffix }}"
      name: "{{ item.name | default(omit) }}"
      left: "{{ item.left }}"

--- a/playbooks/topology/reinitialize-topologysegment.yml
+++ b/playbooks/topology/reinitialize-topologysegment.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Reinitialize topology segment
    ipatopologysegment:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      left: ipareplica1.test.local
      right: ipareplica2.test.local

--- a/playbooks/topology/verify-topologysuffix.yml
+++ b/playbooks/topology/verify-topologysuffix.yml
@@ -6,6 +6,6 @@
  tasks:
  - name: Verify topology suffix
    ipatopologysuffix:
-      password: MyPassword123
+      ipaadmin_password: MyPassword123
      suffix: domain
      state: verified
--- a/plugins/modules/ipatopologysegment.py
+++ b/plugins/modules/ipatopologysegment.py
@@ -32,10 +32,10 @@ module: ipatopologysegment
 short description: Manage FreeIPA topology segments
 description: Manage FreeIPA topology segments
 options:
-  principal:
+  ipaadmin_principal:
    description: The admin principal
    default: admin
-  password:
+  ipaadmin_password:
    description: The admin password
    required: false
  suffix:
@@ -173,8 +173,8 @@ def find_left_right_cn(module, suffix, left, right, name):
 def main():
    ansible_module = AnsibleModule(
        argument_spec=dict(
-            principal=dict(type="str", default="admin"),
-            password=dict(type="str", required=False, no_log=True),
+            ipaadmin_principal=dict(type="str", default="admin"),
+            ipaadmin_password=dict(type="str", required=False, no_log=True),
            suffix=dict(choices=["domain", "ca", "domain+ca"], required=True),
            name=dict(type="str", aliases=["cn"], default=None),
            left=dict(type="str", aliases=["leftnode"], default=None),
@@ -192,8 +192,8 @@ def main():

    # Get parameters

-    principal = ansible_module.params.get("principal")
-    password = ansible_module.params.get("password")
+    ipaadmin_principal = ansible_module.params.get("ipaadmin_principal")
+    ipaadmin_password = ansible_module.params.get("ipaadmin_password")
    suffixes = ansible_module.params.get("suffix")
    name = ansible_module.params.get("name")
    left = ansible_module.params.get("left")
@@ -214,8 +214,9 @@ def main():
    ccache_dir = None
    ccache_name = None
    try:
-        if not valid_creds(principal):
-            ccache_dir, ccache_name = temp_kinit(principal, password)
+        if not valid_creds(ipaadmin_principal):
+            ccache_dir, ccache_name = temp_kinit(ipaadmin_principal,
+                                                 ipaadmin_password)
        api_connect()

        commands = []

--- a/plugins/modules/ipatopologysuffix.py
+++ b/plugins/modules/ipatopologysuffix.py
@@ -32,10 +32,10 @@ module: ipatopologysuffix
 short description: Verify FreeIPA topology suffix
 description: Verify FreeIPA topology suffix
 options:
-  principal:
+  ipaadmin_principal:
    description: The admin principal
    default: admin
-  password:
+  ipaadmin_password:
    description: The admin password
    required: false
  suffix:
@@ -66,8 +66,8 @@ from ansible.module_utils.ansible_freeipa_module import execute_api_command
 def main():
    ansible_module = AnsibleModule(
        argument_spec=dict(
-            principal=dict(type="str", default="admin"),
-            password=dict(type="str", required=False, no_log=True),
+            ipaadmin_principal=dict(type="str", default="admin"),
+            ipaadmin_password=dict(type="str", required=False, no_log=True),
            suffix=dict(choices=["domain", "ca"], required=True),
            state=dict(type="str", default="verified",
                       choices=["verified"]),
@@ -79,8 +79,8 @@ def main():

    # Get parameters

-    principal = ansible_module.params.get("principal")
-    password = ansible_module.params.get("password")
+    ipaadmin_principal = ansible_module.params.get("ipaadmin_principal")
+    ipaadmin_password = ansible_module.params.get("ipaadmin_password")
    suffix = ansible_module.params.get("suffix")
    state = ansible_module.params.get("state")

@@ -98,7 +98,7 @@ def main():

    # Execute command

-    execute_api_command(ansible_module, principal, password,
+    execute_api_command(ansible_module, ipaadmin_principal, ipaadmin_password,
                        command, to_text(suffix), args)

    # Done