From e96ef4e98e523f20c25777308c093ebbff272b2d Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Wed, 5 Aug 2020 15:24:15 -0300 Subject: [PATCH] Updated documentation for ipavault module in the source code. This change fixes a wrong parameter name in the documentation of RESULT_VALUES, and also provide a correct YAML snippet to ensure presence of an asymmetric vault with a formatted private key. --- plugins/modules/ipavault.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/ipavault.py b/plugins/modules/ipavault.py index 46c6fcd..84645c7 100644 --- a/plugins/modules/ipavault.py +++ b/plugins/modules/ipavault.py @@ -267,7 +267,7 @@ EXAMPLES = """ username: user01 description: An asymmetric vault vault_type: asymmetric - public_key: + public_key: | LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTR HTkFEQ0JpUUtCZ1FDdGFudjRkK3ptSTZ0T3ova1RXdGowY3AxRAowUENoYy8vR0pJMTUzTi 9CN3UrN0h3SXlRVlZoNUlXZG1UcCtkWXYzd09yeVpPbzYvbHN5eFJaZ2pZRDRwQ3VGCjlxM @@ -303,7 +303,7 @@ EXAMPLES = """ """ RETURN = """ -user: +data: description: The vault data. returned: If state is retrieved. type: string -- 2.26.2 From 7dd0b547c47b4fd617960490b8553a5036e3b30c Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Mon, 10 Aug 2020 16:02:09 -0300 Subject: [PATCH] Modified return value for ipavault module. The ipavault module was returning a single string value when retrieving data. To keep consistency with other modules, it should return a dict with the `data` variable in it. This change modifies the result of ipavault to be a dict and also fixes relevant tests, examples and documentation. --- README-vault.md | 5 +++++ .../vault/retrive-data-asymmetric-vault.yml | 2 +- .../vault/retrive-data-symmetric-vault.yml | 2 +- plugins/modules/ipavault.py | 19 +++++++++++++------ tests/vault/test_vault_asymmetric.yml | 12 ++++++------ tests/vault/test_vault_standard.yml | 8 ++++---- tests/vault/test_vault_symmetric.yml | 14 +++++++------- 7 files changed, 37 insertions(+), 25 deletions(-) diff --git a/README-vault.md b/README-vault.md index fa1d3e1..91d311d 100644 --- a/README-vault.md +++ b/README-vault.md @@ -248,6 +248,11 @@ Variable | Description | Returned When -------- | ----------- | ------------- `data` | The data stored in the vault. | If `state` is `retrieved`. +Variable | Description | Returned When +-------- | ----------- | ------------- +`vault` | Vault dict with archived data. (dict)
Options: | If `state` is `retrieved`. +  | `data` - The vault data. | Always + Notes ===== diff --git a/playbooks/vault/retrive-data-asymmetric-vault.yml b/playbooks/vault/retrive-data-asymmetric-vault.yml index 5f67c59..f71f826 100644 --- a/playbooks/vault/retrive-data-asymmetric-vault.yml +++ b/playbooks/vault/retrive-data-asymmetric-vault.yml @@ -14,4 +14,4 @@ state: retrieved register: result - debug: - msg: "Data: {{ result.data }}" + msg: "Data: {{ result.vault.data }}" diff --git a/playbooks/vault/retrive-data-symmetric-vault.yml b/playbooks/vault/retrive-data-symmetric-vault.yml index 163f8b9..24692a8 100644 --- a/playbooks/vault/retrive-data-symmetric-vault.yml +++ b/playbooks/vault/retrive-data-symmetric-vault.yml @@ -14,4 +14,4 @@ state: retrieved register: result - debug: - msg: "{{ result.data | b64decode }}" + msg: "{{ result.vault.data }}" diff --git a/plugins/modules/ipavault.py b/plugins/modules/ipavault.py index 84645c7..6a3c73e 100644 --- a/plugins/modules/ipavault.py +++ b/plugins/modules/ipavault.py @@ -303,10 +303,15 @@ EXAMPLES = """ """ RETURN = """ -data: - description: The vault data. - returned: If state is retrieved. - type: string +vault: + description: Vault dict with archived data. + returned: If state is `retrieved`. + type: dict + options: + data: + description: The vault data. + returned: always + type: string """ import os @@ -910,9 +915,11 @@ def main(): if 'result' not in result: raise Exception("No result obtained.") if 'data' in result['result']: - exit_args['data'] = result['result']['data'] + data_return = exit_args.setdefault('vault', {}) + data_return['data'] = result['result']['data'] elif 'vault_data' in result['result']: - exit_args['data'] = result['result']['vault_data'] + data_return = exit_args.setdefault('vault', {}) + data_return['data'] = result['result']['vault_data'] else: raise Exception("No data retrieved.") changed = False diff --git a/tests/vault/test_vault_asymmetric.yml b/tests/vault/test_vault_asymmetric.yml index 1a1d3dc..268922c 100644 --- a/tests/vault/test_vault_asymmetric.yml +++ b/tests/vault/test_vault_asymmetric.yml @@ -42,7 +42,7 @@ private_key: "{{ lookup('file', 'private.pem') | b64encode }}" state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Retrieve data from asymmetric vault into file {{ ansible_env.HOME }}/data.txt. ipavault: @@ -75,7 +75,7 @@ private_key: "{{ lookup('file', 'private.pem') | b64encode }}" state: retrieved register: result - failed_when: result.data != 'The world of π is half rounded.' or result.changed + failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed - name: Archive data in asymmetric vault, from file. ipavault: @@ -93,7 +93,7 @@ private_key: "{{ lookup('file', 'private.pem') | b64encode }}" state: retrieved register: result - failed_when: result.data != 'Another World.' or result.changed + failed_when: result.vault.data != 'Another World.' or result.changed - name: Archive data with single character to asymmetric vault ipavault: @@ -110,7 +110,7 @@ private_key: "{{ lookup('file', 'private.pem') | b64encode }}" state: retrieved register: result - failed_when: result.data != 'c' or result.changed + failed_when: result.vault.data != 'c' or result.changed - name: Ensure asymmetric vault is absent ipavault: @@ -161,7 +161,7 @@ private_key: "{{ lookup('file', 'private.pem') | b64encode }}" state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Retrieve data from asymmetric vault, with password file. ipavault: @@ -170,7 +170,7 @@ private_key_file: "{{ ansible_env.HOME }}/private.pem" state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Ensure asymmetric vault is absent ipavault: diff --git a/tests/vault/test_vault_standard.yml b/tests/vault/test_vault_standard.yml index 5e0da98..6ccb0d5 100644 --- a/tests/vault/test_vault_standard.yml +++ b/tests/vault/test_vault_standard.yml @@ -39,7 +39,7 @@ name: stdvault state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Retrieve data from standard vault into file {{ ansible_env.HOME }}/data.txt. ipavault: @@ -70,7 +70,7 @@ name: stdvault state: retrieved register: result - failed_when: result.data != 'The world of π is half rounded.' or result.changed + failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed - name: Archive data in standard vault, from file. ipavault: @@ -87,7 +87,7 @@ name: stdvault state: retrieved register: result - failed_when: result.data != 'Another World.' or result.changed + failed_when: result.vault.data != 'Another World.' or result.changed - name: Archive data with single character to standard vault ipavault: @@ -103,7 +103,7 @@ name: stdvault state: retrieved register: result - failed_when: result.data != 'c' or result.changed + failed_when: result.vault.data != 'c' or result.changed - name: Ensure standard vault is absent ipavault: diff --git a/tests/vault/test_vault_symmetric.yml b/tests/vault/test_vault_symmetric.yml index a6072d8..bedc221 100644 --- a/tests/vault/test_vault_symmetric.yml +++ b/tests/vault/test_vault_symmetric.yml @@ -43,7 +43,7 @@ password: SomeVAULTpassword state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Retrieve data from symmetric vault into file {{ ansible_env.HOME }}/data.txt. ipavault: @@ -77,7 +77,7 @@ password: SomeVAULTpassword state: retrieved register: result - failed_when: result.data != 'The world of π is half rounded.' or result.changed + failed_when: result.vault.data != 'The world of π is half rounded.' or result.changed - name: Archive data in symmetric vault, from file. ipavault: @@ -95,7 +95,7 @@ password: SomeVAULTpassword state: retrieved register: result - failed_when: result.data != 'Another World.' or result.changed + failed_when: result.vault.data != 'Another World.' or result.changed - name: Archive data with single character to symmetric vault ipavault: @@ -113,7 +113,7 @@ password: SomeVAULTpassword state: retrieved register: result - failed_when: result.data != 'c' or result.changed + failed_when: result.vault.data != 'c' or result.changed - name: Ensure symmetric vault is absent ipavault: @@ -167,7 +167,7 @@ password: SomeVAULTpassword state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Retrieve data from symmetric vault, with password file. ipavault: @@ -176,7 +176,7 @@ password_file: "{{ ansible_env.HOME }}/password.txt" state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Change vault password. ipavault: @@ -212,7 +212,7 @@ password: SomeNEWpassword state: retrieved register: result - failed_when: result.data != 'Hello World.' or result.changed + failed_when: result.vault.data != 'Hello World.' or result.changed - name: Try to add vault with multiple passwords. ipavault: -- 2.26.2