mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
[aws] Fix check mode bug in ec2_key (#45320)
Fix incorrect ec2_key check-mode behavior when a key already exists and key_material has been provided
This commit is contained in:
parent
7ba09adee1
commit
c58c0b8547
1 changed files with 8 additions and 5 deletions
|
@ -186,13 +186,16 @@ def create_key_pair(module, ec2_client, name, key_material, force):
|
||||||
key = find_key_pair(module, ec2_client, name)
|
key = find_key_pair(module, ec2_client, name)
|
||||||
if key:
|
if key:
|
||||||
if key_material and force:
|
if key_material and force:
|
||||||
|
if not module.check_mode:
|
||||||
new_fingerprint = get_key_fingerprint(module, ec2_client, key_material)
|
new_fingerprint = get_key_fingerprint(module, ec2_client, key_material)
|
||||||
if key['KeyFingerprint'] != new_fingerprint:
|
if key['KeyFingerprint'] != new_fingerprint:
|
||||||
if not module.check_mode:
|
|
||||||
delete_key_pair(module, ec2_client, name, finish_task=False)
|
delete_key_pair(module, ec2_client, name, finish_task=False)
|
||||||
key = import_key_pair(module, ec2_client, name, key_material)
|
key = import_key_pair(module, ec2_client, name, key_material)
|
||||||
key_data = extract_key_data(key)
|
key_data = extract_key_data(key)
|
||||||
module.exit_json(changed=True, key=key_data, msg="key pair updated")
|
module.exit_json(changed=True, key=key_data, msg="key pair updated")
|
||||||
|
else:
|
||||||
|
# Assume a change will be made in check mode since a comparison can't be done
|
||||||
|
module.exit_json(changed=True, key=extract_key_data(key), msg="key pair updated")
|
||||||
key_data = extract_key_data(key)
|
key_data = extract_key_data(key)
|
||||||
module.exit_json(changed=False, key=key_data, msg="key pair already exists")
|
module.exit_json(changed=False, key=key_data, msg="key pair already exists")
|
||||||
else:
|
else:
|
||||||
|
|
Loading…
Reference in a new issue