ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Add attributes to ipa and keycloak modules (#5950)

Browse source 
Add attributes to ipa and keycloak modules.
This commit is contained in:
Felix Fontein 2023-02-24 09:25:31 +01:00 committed by GitHub
parent 3ec2fde2c6
commit 18a6bdd6aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
30 changed files with 228 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
plugins/modules/ipa_config.py
View file

@ -13,7 +13,12 @@ module: ipa_config
author: Fran Fitzpatrick (@fxfitz)
short_description: Manage Global FreeIPA Configuration Settings
description:
- Modify global configuration settings of a FreeIPA Server.
- Modify global configuration settings of a FreeIPA Server.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
ipaconfigstring:
description: Extra hashes to generate in password plug-in.
@ -93,7 +98,8 @@ options:
elements: str
version_added: '2.5.0'
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_dnsrecord.py
View file

@ -14,7 +14,12 @@ module: ipa_dnsrecord
author: Abhijeet Kasurde (@Akasurde)
short_description: Manage FreeIPA DNS records
description:
- Add, modify and delete an IPA DNS Record using IPA API.
- Add, modify and delete an IPA DNS Record using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
zone_name:
description:
@ -78,7 +83,8 @@ options:
choices: ["absent", "present"]
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_dnszone.py
View file

@ -14,7 +14,12 @@ module: ipa_dnszone
author: Fran Fitzpatrick (@fxfitz)
short_description: Manage FreeIPA DNS Zones
description:
- Add and delete an IPA DNS Zones using IPA API
- Add and delete an IPA DNS Zones using IPA API
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
zone_name:
description:
@ -37,7 +42,8 @@ options:
type: bool
version_added: 4.3.0
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_group.py
View file

@ -13,7 +13,12 @@ module: ipa_group
author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA group
description:
- Add, modify and delete group within IPA server
- Add, modify and delete group within IPA server
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
append:
description:
@ -82,7 +87,8 @@ options:
choices: ["absent", "present"]
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_hbacrule.py
View file

@ -13,7 +13,12 @@ module: ipa_hbacrule
author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA HBAC rule
description:
- Add, modify or delete an IPA HBAC rule using IPA API.
- Add, modify or delete an IPA HBAC rule using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -104,7 +109,8 @@ options:
type: list
elements: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_host.py
View file

@ -13,7 +13,12 @@ module: ipa_host
author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA host
description:
- Add, modify and delete an IPA host using IPA API.
- Add, modify and delete an IPA host using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
fqdn:
description:
@ -82,7 +87,8 @@ options:
description: Generate a random password to be used in bulk enrollment.
type: bool
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_hostgroup.py
View file

@ -13,7 +13,12 @@ module: ipa_hostgroup
author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA host-group
description:
- Add, modify and delete an IPA host-group using IPA API.
- Add, modify and delete an IPA host-group using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -49,7 +54,8 @@ options:
choices: ["absent", "disabled", "enabled", "present"]
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_otpconfig.py
View file

@ -15,7 +15,12 @@ author: justchris1 (@justchris1)
short_description: Manage FreeIPA OTP Configuration Settings
version_added: 2.5.0
description:
- Modify global configuration settings of a FreeIPA Server with respect to OTP (One Time Passwords).
- Modify global configuration settings of a FreeIPA Server with respect to OTP (One Time Passwords).
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
ipatokentotpauthwindow:
description: TOTP authentication window in seconds.
@ -34,7 +39,8 @@ options:
aliases: ["hotpsyncwindow"]
type: int
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

10
plugins/modules/ipa_otptoken.py
View file

@ -14,7 +14,12 @@ author: justchris1 (@justchris1)
short_description: Manage FreeIPA OTPs
version_added: 2.5.0
description:
- Add, modify, and delete One Time Passwords in IPA.
- Add, modify, and delete One Time Passwords in IPA.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
uniqueid:
description: Unique ID of the token in IPA.
@ -100,7 +105,8 @@ options:
- "B(Note:) Cannot be modified after OTP is created."
type: int
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''
EXAMPLES = r'''

10
plugins/modules/ipa_pwpolicy.py
View file

@ -15,6 +15,11 @@ short_description: Manage FreeIPA password policies
description:
- Add, modify, or delete a password policy using the IPA API.
version_added: 2.0.0
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
group:
description:
@ -60,9 +65,8 @@ options:
description: Period (in seconds) for which users are locked out.
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
notes:
- Supports C(check_mode).
- community.general.ipa.documentation
- community.general.attributes
'''
EXAMPLES = r'''

8
plugins/modules/ipa_role.py
View file

@ -14,6 +14,11 @@ author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA role
description:
- Add, modify and delete a role within FreeIPA server using FreeIPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -79,7 +84,8 @@ options:
type: list
elements: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_service.py
View file

@ -14,6 +14,11 @@ author: Cédric Parent (@cprh)
short_description: Manage FreeIPA service
description:
- Add and delete an IPA service using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
krbcanonicalname:
description:
@ -48,7 +53,8 @@ options:
choices: ["absent", "present"]
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_subca.py
View file

@ -14,6 +14,11 @@ author: Abhijeet Kasurde (@Akasurde)
short_description: Manage FreeIPA Lightweight Sub Certificate Authorities
description:
- Add, modify, enable, disable and delete an IPA Lightweight Sub Certificate Authorities using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
subca_name:
description:
@ -39,7 +44,8 @@ options:
choices: ["absent", "disabled", "enabled", "present"]
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_sudocmd.py
View file

@ -14,6 +14,11 @@ author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA sudo command
description:
- Add, modify or delete sudo command within FreeIPA server using FreeIPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
sudocmd:
description:
@ -31,7 +36,8 @@ options:
choices: ['absent', 'disabled', 'enabled', 'present']
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_sudocmdgroup.py
View file

@ -14,6 +14,11 @@ author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA sudo command group
description:
- Add, modify or delete sudo command group within IPA server using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -38,7 +43,8 @@ options:
type: list
elements: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_sudorule.py
View file

@ -14,6 +14,11 @@ author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA sudo rule
description:
- Add, modify or delete sudo rule within IPA server using IPA API.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -115,7 +120,8 @@ options:
choices: ['absent', 'disabled', 'enabled', 'present']
type: str
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

8
plugins/modules/ipa_user.py
View file

@ -14,6 +14,11 @@ author: Thomas Krahn (@Nosmoht)
short_description: Manage FreeIPA users
description:
- Add, modify and delete user within IPA server.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
displayname:
description: Display name.
@ -99,7 +104,8 @@ options:
elements: str
version_added: '1.2.0'
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
requirements:
- base64

8
plugins/modules/ipa_vault.py
View file

@ -15,6 +15,11 @@ short_description: Manage FreeIPA vaults
description:
- Add, modify and delete vaults and secret vaults.
- KRA service should be enabled to use this module.
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
cn:
description:
@ -74,7 +79,8 @@ options:
type: bool
default: true
extends_documentation_fragment:
- community.general.ipa.documentation
- community.general.ipa.documentation
- community.general.attributes
'''

9
plugins/modules/keycloak_authentication.py
View file

@ -19,6 +19,12 @@ description:
version_added: "3.3.0"
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
realm:
description:
@ -86,7 +92,8 @@ options:
- If C(true), allows to remove the authentication flow and recreate it.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Philippe Gauthier (@elfelip)

9
plugins/modules/keycloak_client.py
View file

@ -30,6 +30,12 @@ description:
SAML-specific settings on an OpenID Connect client for instance and vice versa. Be careful.
If you do not specify a setting, usually a sensible default is chosen.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
description:
@ -539,7 +545,8 @@ options:
client and signed by its key, base64-encoded.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Eike Frost (@eikef)

9
plugins/modules/keycloak_client_rolemapping.py
View file

@ -33,6 +33,11 @@ description:
- When updating a client_rolemapping, where possible provide the role ID to the module. This removes a lookup
to the API to translate the name into the role ID.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -97,8 +102,8 @@ options:
providing it will reduce the number of API calls required.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Gaëtan Daubresse (@Gaetan2907)

9
plugins/modules/keycloak_clientscope.py
View file

@ -33,6 +33,11 @@ description:
- When updating a client_scope, where possible provide the client_scope ID to the module. This removes a lookup
to the API to translate the name into the client_scope ID.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -151,8 +156,8 @@ options:
- Values may be single values (for example a string) or a list of strings.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Gaëtan Daubresse (@Gaetan2907)

7
plugins/modules/keycloak_clientsecret_regenerate.py
View file

@ -32,6 +32,12 @@ description:
- "Note that this module returns the client secret. To avoid this showing up in the logs,
please add C(no_log: true) to the task."
attributes:
check_mode:
support: full
diff_mode:
support: none
options:
realm:
type: str
@ -57,6 +63,7 @@ options:
extends_documentation_fragment:
- community.general.keycloak
- community.general.attributes
author:
- Fynn Chen (@fynncfchen)

20
plugins/modules/keycloak_clienttemplate.py
View file

@ -14,7 +14,6 @@ module: keycloak_clienttemplate
short_description: Allows administration of Keycloak client templates via Keycloak API
description:
- This module allows the administration of Keycloak client templates via the Keycloak REST API. It
requires access to the REST API via OpenID Connect; the user connecting and the client being
@ -29,6 +28,12 @@ description:
SAML-specific settings on an OpenID Connect client for instance and vice versa. Be careful.
If you do not specify a setting, usually a sensible default is chosen.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
description:
@ -155,14 +160,15 @@ options:
type: dict
notes:
- The Keycloak REST API defines further fields (namely I(bearerOnly), I(consentRequired), I(standardFlowEnabled),
I(implicitFlowEnabled), I(directAccessGrantsEnabled), I(serviceAccountsEnabled), I(publicClient), and
I(frontchannelLogout)) which, while available with keycloak_client, do not have any effect on
Keycloak client-templates and are discarded if supplied with an API request changing client-templates. As such,
they are not available through this module.
- The Keycloak REST API defines further fields (namely I(bearerOnly), I(consentRequired), I(standardFlowEnabled),
I(implicitFlowEnabled), I(directAccessGrantsEnabled), I(serviceAccountsEnabled), I(publicClient), and
I(frontchannelLogout)) which, while available with keycloak_client, do not have any effect on
Keycloak client-templates and are discarded if supplied with an API request changing client-templates. As such,
they are not available through this module.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Eike Frost (@eikef)

9
plugins/modules/keycloak_group.py
View file

@ -31,6 +31,11 @@ description:
- When updating a group, where possible provide the group ID to the module. This removes a lookup
to the API to translate the name into the group ID.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -74,8 +79,8 @@ notes:
are read-only for groups. This limitation will be removed in a later version of this module.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Adam Goossens (@adamgoossens)

8
plugins/modules/keycloak_identity_provider.py
View file

@ -26,6 +26,11 @@ description:
- The names of module options are snake_cased versions of the camelCase ones found in the
Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/15.0/rest-api/index.html).
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -270,7 +275,8 @@ options:
type: dict
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Laurent Paumier (@laurpaum)

11
plugins/modules/keycloak_realm.py
View file

@ -17,7 +17,6 @@ short_description: Allows administration of Keycloak realm via Keycloak API
version_added: 3.0.0
description:
- This module allows the administration of Keycloak realm via the Keycloak REST API. It
requires access to the REST API via OpenID Connect; the user connecting and the realm being
@ -33,6 +32,12 @@ description:
SAML-specific settings on an OpenID Connect client for instance and vice versa. Be careful.
If you do not specify a setting, usually a sensible default is chosen.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
description:
@ -503,8 +508,8 @@ options:
type: int
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Christophe Gilles (@kris2kris)

9
plugins/modules/keycloak_role.py
View file

@ -30,6 +30,11 @@ description:
be returned that way by this module. You may pass single values for attributes when calling the module,
and this will be translated into a list suitable for the API.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -74,8 +79,8 @@ options:
- Values may be single values (e.g. a string) or a list of strings.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Laurent Paumier (@laurpaum)

8
plugins/modules/keycloak_user_federation.py
View file

@ -26,6 +26,11 @@ description:
- The names of module options are snake_cased versions of the camelCase ones found in the
Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/20.0.2/rest-api/index.html).
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -461,7 +466,8 @@ options:
type: dict
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Laurent Paumier (@laurpaum)

9
plugins/modules/keycloak_user_rolemapping.py
View file

@ -32,6 +32,11 @@ description:
- When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup
to the API to translate the name into the role ID.
attributes:
check_mode:
support: full
diff_mode:
support: full
options:
state:
@ -104,8 +109,8 @@ options:
providing it will reduce the number of API calls required.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak
- community.general.attributes
author:
- Dušan Marković (@bratwurzt)