Blame SOURCES/ansible-freeipa-0.1.12-Modified-return-value-for-ipavault-module_rhbz#1867909.patch

c235c4
From e96ef4e98e523f20c25777308c093ebbff272b2d Mon Sep 17 00:00:00 2001
c235c4
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
c235c4
Date: Wed, 5 Aug 2020 15:24:15 -0300
c235c4
Subject: [PATCH] Updated documentation for ipavault module in the source code.
c235c4
c235c4
This change fixes a wrong parameter name in the documentation of
c235c4
RESULT_VALUES, and also provide a correct YAML snippet to ensure
c235c4
presence of an asymmetric vault with a formatted private key.
c235c4
---
c235c4
 plugins/modules/ipavault.py | 4 ++--
c235c4
 1 file changed, 2 insertions(+), 2 deletions(-)
c235c4
c235c4
diff --git a/plugins/modules/ipavault.py b/plugins/modules/ipavault.py
c235c4
index 46c6fcd..84645c7 100644
c235c4
--- a/plugins/modules/ipavault.py
c235c4
+++ b/plugins/modules/ipavault.py
c235c4
@@ -267,7 +267,7 @@ EXAMPLES = """
c235c4
     username: user01
c235c4
     description: An asymmetric vault
c235c4
     vault_type: asymmetric
c235c4
-    public_key:
c235c4
+    public_key: |
c235c4
       LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTR
c235c4
       HTkFEQ0JpUUtCZ1FDdGFudjRkK3ptSTZ0T3ova1RXdGowY3AxRAowUENoYy8vR0pJMTUzTi
c235c4
       9CN3UrN0h3SXlRVlZoNUlXZG1UcCtkWXYzd09yeVpPbzYvbHN5eFJaZ2pZRDRwQ3VGCjlxM
c235c4
@@ -303,7 +303,7 @@ EXAMPLES = """
c235c4
 """
c235c4
 
c235c4
 RETURN = """
c235c4
-user:
c235c4
+data:
c235c4
   description: The vault data.
c235c4
   returned: If state is retrieved.
c235c4
   type: string
c235c4
-- 
c235c4
2.26.2
c235c4
c235c4
From 7dd0b547c47b4fd617960490b8553a5036e3b30c Mon Sep 17 00:00:00 2001
c235c4
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
c235c4
Date: Mon, 10 Aug 2020 16:02:09 -0300
c235c4
Subject: [PATCH] Modified return value for ipavault module.
c235c4
c235c4
The ipavault module was returning a single string value when retrieving
c235c4
data. To keep consistency with other modules, it should return a dict
c235c4
with the `data` variable in it.
c235c4
c235c4
This change modifies the result of ipavault to be a dict and also fixes
c235c4
relevant tests, examples and documentation.
c235c4
---
c235c4
 README-vault.md                               |  5 +++++
c235c4
 .../vault/retrive-data-asymmetric-vault.yml   |  2 +-
c235c4
 .../vault/retrive-data-symmetric-vault.yml    |  2 +-
c235c4
 plugins/modules/ipavault.py                   | 19 +++++++++++++------
c235c4
 tests/vault/test_vault_asymmetric.yml         | 12 ++++++------
c235c4
 tests/vault/test_vault_standard.yml           |  8 ++++----
c235c4
 tests/vault/test_vault_symmetric.yml          | 14 +++++++-------
c235c4
 7 files changed, 37 insertions(+), 25 deletions(-)
c235c4
c235c4
diff --git a/README-vault.md b/README-vault.md
c235c4
index fa1d3e1..91d311d 100644
c235c4
--- a/README-vault.md
c235c4
+++ b/README-vault.md
c235c4
@@ -248,6 +248,11 @@ Variable | Description | Returned When
c235c4
 -------- | ----------- | -------------
c235c4
 `data` | The data stored in the vault. | If `state` is `retrieved`.
c235c4
 
c235c4
+Variable | Description | Returned When
c235c4
+-------- | ----------- | -------------
c235c4
+`vault` | Vault dict with archived data. (dict) 
Options: | If `state` is `retrieved`.
c235c4
+  | `data` - The vault data. | Always
c235c4
+
c235c4
 
c235c4
 Notes
c235c4
 =====
c235c4
diff --git a/playbooks/vault/retrive-data-asymmetric-vault.yml b/playbooks/vault/retrive-data-asymmetric-vault.yml
c235c4
index 5f67c59..f71f826 100644
c235c4
--- a/playbooks/vault/retrive-data-asymmetric-vault.yml
c235c4
+++ b/playbooks/vault/retrive-data-asymmetric-vault.yml
c235c4
@@ -14,4 +14,4 @@
c235c4
         state: retrieved
c235c4
       register: result
c235c4
     - debug:
c235c4
-       msg: "Data: {{ result.data }}"
c235c4
+       msg: "Data: {{ result.vault.data }}"
c235c4
diff --git a/playbooks/vault/retrive-data-symmetric-vault.yml b/playbooks/vault/retrive-data-symmetric-vault.yml
c235c4
index 163f8b9..24692a8 100644
c235c4
--- a/playbooks/vault/retrive-data-symmetric-vault.yml
c235c4
+++ b/playbooks/vault/retrive-data-symmetric-vault.yml
c235c4
@@ -14,4 +14,4 @@
c235c4
         state: retrieved
c235c4
       register: result
c235c4
     - debug:
c235c4
-        msg: "{{ result.data | b64decode }}"
c235c4
+        msg: "{{ result.vault.data }}"
c235c4
diff --git a/plugins/modules/ipavault.py b/plugins/modules/ipavault.py
c235c4
index 84645c7..6a3c73e 100644
c235c4
--- a/plugins/modules/ipavault.py
c235c4
+++ b/plugins/modules/ipavault.py
c235c4
@@ -303,10 +303,15 @@ EXAMPLES = """
c235c4
 """
c235c4
 
c235c4
 RETURN = """
c235c4
-data:
c235c4
-  description: The vault data.
c235c4
-  returned: If state is retrieved.
c235c4
-  type: string
c235c4
+vault:
c235c4
+  description: Vault dict with archived data.
c235c4
+  returned: If state is `retrieved`.
c235c4
+  type: dict
c235c4
+  options:
c235c4
+    data:
c235c4
+      description: The vault data.
c235c4
+      returned: always
c235c4
+      type: string
c235c4
 """
c235c4
 
c235c4
 import os
c235c4
@@ -910,9 +915,11 @@ def main():
c235c4
                     if 'result' not in result:
c235c4
                         raise Exception("No result obtained.")
c235c4
                     if 'data' in result['result']:
c235c4
-                        exit_args['data'] = result['result']['data']
c235c4
+                        data_return = exit_args.setdefault('vault', {})
c235c4
+                        data_return['data'] = result['result']['data']
c235c4
                     elif 'vault_data' in result['result']:
c235c4
-                        exit_args['data'] = result['result']['vault_data']
c235c4
+                        data_return = exit_args.setdefault('vault', {})
c235c4
+                        data_return['data'] = result['result']['vault_data']
c235c4
                     else:
c235c4
                         raise Exception("No data retrieved.")
c235c4
                     changed = False
c235c4
diff --git a/tests/vault/test_vault_asymmetric.yml b/tests/vault/test_vault_asymmetric.yml
c235c4
index 1a1d3dc..268922c 100644
c235c4
--- a/tests/vault/test_vault_asymmetric.yml
c235c4
+++ b/tests/vault/test_vault_asymmetric.yml
c235c4
@@ -42,7 +42,7 @@
c235c4
       private_key: "{{ lookup('file', 'private.pem') | b64encode }}"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Retrieve data from asymmetric vault into file {{ ansible_env.HOME }}/data.txt.
c235c4
     ipavault:
c235c4
@@ -75,7 +75,7 @@
c235c4
       private_key: "{{ lookup('file', 'private.pem') | b64encode }}"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'The world of π is half rounded.' or result.changed
c235c4
+    failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed
c235c4
 
c235c4
   - name: Archive data in asymmetric vault, from file.
c235c4
     ipavault:
c235c4
@@ -93,7 +93,7 @@
c235c4
       private_key: "{{ lookup('file', 'private.pem') | b64encode }}"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Another World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Another World.' or result.changed
c235c4
 
c235c4
   - name: Archive data with single character to asymmetric vault
c235c4
     ipavault:
c235c4
@@ -110,7 +110,7 @@
c235c4
       private_key: "{{ lookup('file', 'private.pem') | b64encode }}"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'c' or result.changed
c235c4
+    failed_when: result.vault.data != 'c' or result.changed
c235c4
 
c235c4
   - name: Ensure asymmetric vault is absent
c235c4
     ipavault:
c235c4
@@ -161,7 +161,7 @@
c235c4
       private_key: "{{ lookup('file', 'private.pem') | b64encode }}"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Retrieve data from asymmetric vault, with password file.
c235c4
     ipavault:
c235c4
@@ -170,7 +170,7 @@
c235c4
       private_key_file: "{{ ansible_env.HOME }}/private.pem"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Ensure asymmetric vault is absent
c235c4
     ipavault:
c235c4
diff --git a/tests/vault/test_vault_standard.yml b/tests/vault/test_vault_standard.yml
c235c4
index 5e0da98..6ccb0d5 100644
c235c4
--- a/tests/vault/test_vault_standard.yml
c235c4
+++ b/tests/vault/test_vault_standard.yml
c235c4
@@ -39,7 +39,7 @@
c235c4
       name: stdvault
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Retrieve data from standard vault into file {{ ansible_env.HOME }}/data.txt.
c235c4
     ipavault:
c235c4
@@ -70,7 +70,7 @@
c235c4
       name: stdvault
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'The world of π is half rounded.' or result.changed
c235c4
+    failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed
c235c4
 
c235c4
   - name: Archive data in standard vault, from file.
c235c4
     ipavault:
c235c4
@@ -87,7 +87,7 @@
c235c4
       name: stdvault
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Another World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Another World.' or result.changed
c235c4
 
c235c4
   - name: Archive data with single character to standard vault
c235c4
     ipavault:
c235c4
@@ -103,7 +103,7 @@
c235c4
       name: stdvault
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'c' or result.changed
c235c4
+    failed_when: result.vault.data != 'c' or result.changed
c235c4
 
c235c4
   - name: Ensure standard vault is absent
c235c4
     ipavault:
c235c4
diff --git a/tests/vault/test_vault_symmetric.yml b/tests/vault/test_vault_symmetric.yml
c235c4
index a6072d8..bedc221 100644
c235c4
--- a/tests/vault/test_vault_symmetric.yml
c235c4
+++ b/tests/vault/test_vault_symmetric.yml
c235c4
@@ -43,7 +43,7 @@
c235c4
       password: SomeVAULTpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Retrieve data from symmetric vault into file {{ ansible_env.HOME }}/data.txt.
c235c4
     ipavault:
c235c4
@@ -77,7 +77,7 @@
c235c4
       password: SomeVAULTpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'The world of π is half rounded.' or result.changed
c235c4
+    failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed
c235c4
 
c235c4
   - name: Archive data in symmetric vault, from file.
c235c4
     ipavault:
c235c4
@@ -95,7 +95,7 @@
c235c4
       password: SomeVAULTpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Another World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Another World.' or result.changed
c235c4
 
c235c4
   - name: Archive data with single character to symmetric vault
c235c4
     ipavault:
c235c4
@@ -113,7 +113,7 @@
c235c4
       password: SomeVAULTpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'c' or result.changed
c235c4
+    failed_when: result.vault.data != 'c' or result.changed
c235c4
 
c235c4
   - name: Ensure symmetric vault is absent
c235c4
     ipavault:
c235c4
@@ -167,7 +167,7 @@
c235c4
       password: SomeVAULTpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Retrieve data from symmetric vault, with password file.
c235c4
     ipavault:
c235c4
@@ -176,7 +176,7 @@
c235c4
       password_file: "{{ ansible_env.HOME }}/password.txt"
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Change vault password.
c235c4
     ipavault:
c235c4
@@ -212,7 +212,7 @@
c235c4
       password: SomeNEWpassword
c235c4
       state: retrieved
c235c4
     register: result
c235c4
-    failed_when: result.data != 'Hello World.' or result.changed
c235c4
+    failed_when: result.vault.data != 'Hello World.' or result.changed
c235c4
 
c235c4
   - name: Try to add vault with multiple passwords.
c235c4
     ipavault:
c235c4
-- 
c235c4
2.26.2
c235c4