diff --git a/lib/ansible/modules/identity/ipa/ipa_group.py b/lib/ansible/modules/identity/ipa/ipa_group.py index ba53c7886a..bdeee2cbeb 100644 --- a/lib/ansible/modules/identity/ipa/ipa_group.py +++ b/lib/ansible/modules/identity/ipa/ipa_group.py @@ -30,9 +30,11 @@ options: external: description: - Allow adding external non-IPA members from trusted domains. + type: bool gidnumber: description: - GID (use this option to set it manually). + aliases: ['gid'] group: description: - List of group names assigned to this group. @@ -42,6 +44,7 @@ options: nonposix: description: - Create as a non-POSIX group. + type: bool user: description: - List of user names assigned to this group. diff --git a/lib/ansible/modules/identity/ipa/ipa_host.py b/lib/ansible/modules/identity/ipa/ipa_host.py index 4c626f85d7..be14c202ba 100644 --- a/lib/ansible/modules/identity/ipa/ipa_host.py +++ b/lib/ansible/modules/identity/ipa/ipa_host.py @@ -32,6 +32,7 @@ options: description: - Force host name even if not in DNS. required: false + type: bool ip_address: description: - Add the host to DNS with this IP address. @@ -64,12 +65,13 @@ options: state: description: State to ensure default: present - choices: ["present", "absent", "disabled"] + choices: ["present", "absent", "enabled", "disabled"] update_dns: description: - If set C("True") with state as C("absent"), then removes DNS records of the host managed by FreeIPA DNS. - This option has no effect for states other than "absent". default: false + type: bool version_added: "2.5" random_password: description: Generate a random password to be used in bulk enrollment diff --git a/lib/ansible/modules/identity/ipa/ipa_hostgroup.py b/lib/ansible/modules/identity/ipa/ipa_hostgroup.py index b60bbc9285..1291265b98 100644 --- a/lib/ansible/modules/identity/ipa/ipa_hostgroup.py +++ b/lib/ansible/modules/identity/ipa/ipa_hostgroup.py @@ -44,7 +44,7 @@ options: description: - State to ensure. default: "present" - choices: ["present", "absent"] + choices: ["present", "absent", "enabled", "disabled"] extends_documentation_fragment: ipa.documentation version_added: "2.3" ''' diff --git a/lib/ansible/modules/identity/ipa/ipa_service.py b/lib/ansible/modules/identity/ipa/ipa_service.py index 9991bd0ea4..b0b65f5c43 100644 --- a/lib/ansible/modules/identity/ipa/ipa_service.py +++ b/lib/ansible/modules/identity/ipa/ipa_service.py @@ -33,6 +33,7 @@ options: description: - Force principal name even if host is not in DNS. required: false + type: bool state: description: State to ensure required: false diff --git a/lib/ansible/modules/identity/ipa/ipa_subca.py b/lib/ansible/modules/identity/ipa/ipa_subca.py index 97dec3d8de..d61810b388 100644 --- a/lib/ansible/modules/identity/ipa/ipa_subca.py +++ b/lib/ansible/modules/identity/ipa/ipa_subca.py @@ -24,6 +24,7 @@ options: description: - The Sub Certificate Authority name which needs to be managed. required: true + aliases: ["name"] subca_subject: description: - The Sub Certificate Authority's Subject. e.g., 'CN=SampleSubCA1,O=testrelm.test' @@ -38,7 +39,7 @@ options: - State 'disable' and 'enable' is available for FreeIPA 4.4.2 version and onwards required: false default: present - choices: ["present", "absent", "enable", "disable"] + choices: ["present", "absent", "enabled", "disabled"] extends_documentation_fragment: ipa.documentation ''' diff --git a/lib/ansible/modules/identity/ipa/ipa_sudocmd.py b/lib/ansible/modules/identity/ipa/ipa_sudocmd.py index 859d323a2f..4e7a691e10 100644 --- a/lib/ansible/modules/identity/ipa/ipa_sudocmd.py +++ b/lib/ansible/modules/identity/ipa/ipa_sudocmd.py @@ -30,7 +30,7 @@ options: state: description: State to ensure default: present - choices: ['present', 'absent'] + choices: ['present', 'absent', 'enabled', 'disabled'] extends_documentation_fragment: ipa.documentation version_added: "2.3" ''' diff --git a/lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py b/lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py index f7bc0b9a0e..5310116c64 100644 --- a/lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py +++ b/lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py @@ -30,7 +30,7 @@ options: state: description: State to ensure default: present - choices: ['present', 'absent'] + choices: ['present', 'absent', 'enabled', 'disabled'] sudocmd: description: - List of sudo commands to assign to the group. diff --git a/lib/ansible/modules/identity/ipa/ipa_sudorule.py b/lib/ansible/modules/identity/ipa/ipa_sudorule.py index eb5746b35c..20bd48ecf1 100644 --- a/lib/ansible/modules/identity/ipa/ipa_sudorule.py +++ b/lib/ansible/modules/identity/ipa/ipa_sudorule.py @@ -34,6 +34,9 @@ options: - List of commands assigned to the rule. - If an empty list is passed all commands will be removed from the rule. - If option is omitted commands will not be checked or changed. + description: + description: + - Description of the sudo rule. host: description: - List of hosts assigned to the rule. @@ -62,6 +65,9 @@ options: - RunAs Group category the rule applies to. choices: ['all'] version_added: "2.5" + sudoopt: + description: + - List of options to add to the sudo rule. user: description: - List of users assigned to the rule. diff --git a/lib/ansible/utils/module_docs_fragments/ipa.py b/lib/ansible/utils/module_docs_fragments/ipa.py index 73bc5bde65..b2e35d9de0 100644 --- a/lib/ansible/utils/module_docs_fragments/ipa.py +++ b/lib/ansible/utils/module_docs_fragments/ipa.py @@ -49,5 +49,6 @@ options: - If set to C(no), the SSL certificates will not be validated. - This should only set to C(no) used on personally controlled sites using self-signed certificates. default: true + type: bool ''' diff --git a/test/sanity/validate-modules/ignore.txt b/test/sanity/validate-modules/ignore.txt index c7c4ff4eb2..f2fd0677ab 100644 --- a/test/sanity/validate-modules/ignore.txt +++ b/test/sanity/validate-modules/ignore.txt @@ -617,27 +617,6 @@ lib/ansible/modules/files/synchronize.py E325 lib/ansible/modules/files/synchronize.py E327 lib/ansible/modules/files/unarchive.py E323 lib/ansible/modules/identity/cyberark/cyberark_user.py E324 -lib/ansible/modules/identity/ipa/ipa_dnsrecord.py E325 -lib/ansible/modules/identity/ipa/ipa_dnszone.py E325 -lib/ansible/modules/identity/ipa/ipa_group.py E322 -lib/ansible/modules/identity/ipa/ipa_group.py E325 -lib/ansible/modules/identity/ipa/ipa_hbacrule.py E325 -lib/ansible/modules/identity/ipa/ipa_host.py E325 -lib/ansible/modules/identity/ipa/ipa_host.py E326 -lib/ansible/modules/identity/ipa/ipa_hostgroup.py E325 -lib/ansible/modules/identity/ipa/ipa_hostgroup.py E326 -lib/ansible/modules/identity/ipa/ipa_role.py E325 -lib/ansible/modules/identity/ipa/ipa_service.py E325 -lib/ansible/modules/identity/ipa/ipa_subca.py E322 -lib/ansible/modules/identity/ipa/ipa_subca.py E325 -lib/ansible/modules/identity/ipa/ipa_subca.py E326 -lib/ansible/modules/identity/ipa/ipa_sudocmd.py E325 -lib/ansible/modules/identity/ipa/ipa_sudocmd.py E326 -lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py E325 -lib/ansible/modules/identity/ipa/ipa_sudocmdgroup.py E326 -lib/ansible/modules/identity/ipa/ipa_sudorule.py E322 -lib/ansible/modules/identity/ipa/ipa_sudorule.py E325 -lib/ansible/modules/identity/ipa/ipa_user.py E325 lib/ansible/modules/identity/keycloak/keycloak_client.py E322 lib/ansible/modules/identity/keycloak/keycloak_client.py E324 lib/ansible/modules/identity/keycloak/keycloak_client.py E325