-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ipa_getkeytab: Create module #8938
base: main
Are you sure you want to change the base?
ipa_getkeytab: Create module #8938
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
plugins/modules/ipa_getkeytab.py
Outdated
def _exec(self, run_in_check_mode=False, check_rc=True): | ||
if not self.module.check_mode or (self.module.check_mode and run_in_check_mode): | ||
params = dict(self.module.params) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure these parameters make sense. They are never really used and module's code is not reused. Code is simpler without them.
Additionally, you might want to take a look at StateModuleHelper, see https://docs.ansible.com/ansible/latest/collections/community/general/docsite/guide_modulehelper.html for details on how to use it. There is a number of modules in this collection using that you can look up to for examples of actual usage.
description: | ||
- The list of encryption types to use to generate keys. | ||
- It will use local client defaults if not provided. | ||
- Valid values depend on the Kerberos library version and configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a minimum level for the Kerberos library? In any case, the library (with or without min version) should be cited in the requirements, for completeness.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well it comes with freeipa-client package, I used this sentence from man pages :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe add a link to those man pages (in one of those sites that publish them)? Or some other relevant reference.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems that there are not much trusted resources with man page of ipa-getkeytab
, there are source file for that (https://github.com/freeipa/freeipa/blob/master/client/man/ipa-getkeytab.1) but other than that I found Ubuntu docs https://manpages.ubuntu.com/manpages/jammy/man1/ipa-getkeytab.1.html
What do you think? Should I add that link in the full description of a module?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, one of those (whichever you prefer). https://linux.die.net/man/1/ipa-getkeytab also appears out of google, just as an example.
Anyways, if you prefer not to add that to the description, maybe add it to the notes section.
Come to think of it, I will review all my modules (that call commands) to add links to the respective man pages. :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed :) I used ubuntu doc as linux.die.net don't have all options documented
I'll do the same thing for a kutils module then
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Thanks for the review! @felixfontein |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
SUMMARY
ipa_getkeytab
as a fancy wrapper aroundipa-getkeytab
commandISSUE TYPE
COMPONENT NAME
ipa_getkeytab
ADDITIONAL INFORMATION
Pretty much a simple wrapper around a
ipa-getkeytab
usingcmd_runner
I tested this module by my hands and it seems to work as intended
I don't know how to write unit tests because for integration test I would need FreeIPA server and client installed so i wrote something up using
test_npm
as a source