Feature/gitlab deploykey updkey (#1661)

* feat(gitlab-deploy-key): automatically update ...

... the public key

* add integrity test

* fix sanity issues

* added changelog fragment

Co-authored-by: Mirko Wilhelmi <Mirko.Wilhelmi@sma.de>

changelogs/fragments/1661-gitlab-deploy-key-update-pubkey.yml

@@ -0,0 +1,5 @@
+---
+minor_changes:
+  - gitlab_deploy_key - when the given key title already exists but has a different public key, the public key will now be updated to given value (https://github.com/ansible-collections/community.general/pull/1661).
+breaking_changes:
+  - gitlab_deploy_key - if for an already existing key title a different public key was given as parameter nothing happened, now this changed so that the public key is updated to the new value (https://github.com/ansible-collections/community.general/pull/1661).

plugins/modules/source_control/gitlab/gitlab_deploy_key.py

@@ -145,6 +145,13 @@ class GitLabDeployKey(object):
     def createOrUpdateDeployKey(self, project, key_title, key_key, options):
         changed = False
 
+        # note: unfortunately public key cannot be updated directly by
+        #   GitLab REST API, so for that case we need to delete and
+        #   than recreate the key
+        if self.deployKeyObject and self.deployKeyObject.key != key_key:
+            self.deployKeyObject.delete()
+            self.deployKeyObject = None
+
         # Because we have already call existsDeployKey in main()
         if self.deployKeyObject is None:
             deployKey = self.createDeployKey(project, {

tests/integration/targets/gitlab_deploy_key/defaults/main.yml

@@ -1,2 +1,3 @@
 gitlab_project_name: ansible_test_project
 gitlab_deploy_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnTYY7CYk1F/wBklpdRxudxN6KeXgfhutkiCigSfPhe ansible_test"
+gitlab_deploy_key_new: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDL1TDkIY2uu6NYRD0G5qGeHTd/AoqQpCw1XENXDnTLDN5DNZVCO1+7xfA5DR5V2tcR691Q005BKxoCo+uUBd1aAM7JWyuXl050rZCXBj4oaUF7urjDANQ7FzYuvqp9h8NGkvzfBYz5YBfu4vh43ajnF0daSyZy4RlxeG9G44vnHElXTQ0igaOCSta/23FdERIYzKxuX4Ul42AwtSmCRwbkN4fC86o0UwW2q0zkgFOUoojtS/Avh0aX8UQyeagaPJFXCc/ldG1mMK020GQAEa8aQcUpysnEzZdq6no5Zyn/WQSobpnJ9CraHhdb1QQytg/+c+CgjSN0cERhTvLn0WsQ043jo5g1kSHNu+OiYXmVwTxe95nXCsoYmCNF/DmezjYVxe9BGlKRAEuHsNi87Il84nBnzKVHGlkq8eJNTR8ASjNkjI7pGS0zxCDB55c3LHh4Aa1xU+nwINRurn/TEDpDZc43/XOnt+aqbxkeWbMtOD/r2gfMj8lNZJ/IyamWy7HcFgGpTZJln4WxVLF+Cz56qa8Hf9WzJL+8Lq7eE3sJKOagn/zPgqeybXbTIPSr3fshq3yE8FYHpFKS4aLvQC/XSLCywrhr25DKBn9UHIZmgC9hxMnVJCKux+ltwGJOKIaoj+5n3+DvM+E3fK3fkADo5+Frzay6/rLTwKWUrzfjQQ== ansible_test_new"

tests/integration/targets/gitlab_deploy_key/tasks/main.yml

@@ -39,3 +39,35 @@
 - assert:
     that:
       - deploy_key_status is changed
+      - deploy_key_status.deploy_key.key == gitlab_deploy_key
+
+
+- name: Update public key {{ gitlab_project_name }}  (change expected)
+  gitlab_deploy_key:
+    login_token: "{{ gitlab_login_token }}"
+    project: "root/{{ gitlab_project_name }}"
+    server_url: "{{ gitlab_host }}"
+    title: "{{ gitlab_project_name }}"
+    key: "{{ gitlab_deploy_key_new }}"
+    state: present
+  register: deploy_key_status
+
+- assert:
+    that:
+      - deploy_key_status is changed
+      - deploy_key_status.deploy_key.key == gitlab_deploy_key_new
+
+- name: Update public key {{ gitlab_project_name }}  (no change expected)
+  gitlab_deploy_key:
+    login_token: "{{ gitlab_login_token }}"
+    project: "root/{{ gitlab_project_name }}"
+    server_url: "{{ gitlab_host }}"
+    title: "{{ gitlab_project_name }}"
+    key: "{{ gitlab_deploy_key_new }}"
+    state: present
+  register: deploy_key_status
+
+- assert:
+    that:
+      - not deploy_key_status.changed
+      - deploy_key_status.deploy_key.key == gitlab_deploy_key_new