java_cert: Remove redundant return (#52879)

* Remove redundant return statements for module.exit_json
* Doc changes
* Typo fixes
* Refactor for check_mode

Based upon work of pilou-

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde 2019-03-13 18:46:19 +05:30 committed by ansibot
parent 2e47e9fffa
commit 3bdbe24861

View file

@ -15,7 +15,7 @@ DOCUMENTATION = r'''
---
module: java_cert
version_added: '2.3'
short_description: Uses keytool to import/remove key from java keystore(cacerts)
short_description: Uses keytool to import/remove key from java keystore (cacerts)
description:
- This is a wrapper module around keytool, which can be used to import/remove
certificates from a given java keystore.
@ -23,7 +23,7 @@ options:
cert_url:
description:
- Basic URL to fetch SSL certificate from.
- One of iC(cert_url) or C(cert_path) is required to load certificate.
- One of C(cert_url) or C(cert_path) is required to load certificate.
type: str
cert_port:
description:
@ -34,7 +34,7 @@ options:
cert_path:
description:
- Local path to load certificate from.
- One of cert_url or cert_path is required to load certificate.
- One of C(cert_url) or C(cert_path) is required to load certificate.
type: path
cert_alias:
description:
@ -158,6 +158,7 @@ cmd:
'''
import os
import re
# import module snippets
from ansible.module_utils.basic import AnsibleModule
@ -166,7 +167,7 @@ from ansible.module_utils.basic import AnsibleModule
def get_keystore_type(keystore_type):
''' Check that custom keystore is presented in parameters '''
if keystore_type:
return (" -storetype '%s'") % (keystore_type)
return " -storetype '%s'" % keystore_type
return ''
@ -184,7 +185,6 @@ def check_cert_present(module, executable, keystore_path, keystore_pass, alias,
def import_cert_url(module, executable, url, port, keystore_path, keystore_pass, alias, keystore_type):
''' Import certificate from URL into keystore located at keystore_path '''
import re
https_proxy = os.getenv("https_proxy")
no_proxy = os.getenv("no_proxy")
@ -192,7 +192,7 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
proxy_opts = ''
if https_proxy is not None:
(proxy_host, proxy_port) = https_proxy.split(':')
proxy_opts = ("-J-Dhttps.proxyHost=%s -J-Dhttps.proxyPort=%s") % (proxy_host, proxy_port)
proxy_opts = "-J-Dhttps.proxyHost=%s -J-Dhttps.proxyPort=%s" % (proxy_host, proxy_port)
if no_proxy is not None:
# For Java's nonProxyHosts property, items are separated by '|',
@ -202,17 +202,14 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
# The property name is http.nonProxyHosts, there is no
# separate setting for HTTPS.
proxy_opts += (" -J-Dhttp.nonProxyHosts='%s'") % (non_proxy_hosts)
proxy_opts += " -J-Dhttp.nonProxyHosts='%s'" % non_proxy_hosts
fetch_cmd = ("%s -printcert -rfc -sslserver %s %s:%d") % (executable, proxy_opts, url, port)
fetch_cmd = "%s -printcert -rfc -sslserver %s %s:%d" % (executable, proxy_opts, url, port)
import_cmd = ("%s -importcert -noprompt -keystore '%s' "
"-storepass '%s' -alias '%s' %s") % (executable, keystore_path,
keystore_pass, alias,
get_keystore_type(keystore_type))
if module.check_mode:
module.exit_json(changed=True)
# Fetch SSL certificate from remote host.
(_, fetch_out, _) = module.run_command(fetch_cmd, check_rc=True)
@ -222,12 +219,12 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
check_rc=False)
diff = {'before': '\n', 'after': '%s\n' % alias}
if import_rc == 0:
return module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
diff=diff)
module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
diff=diff)
else:
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd,
error=import_err)
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd,
error=import_err)
def import_cert_path(module, executable, path, keystore_path, keystore_pass, alias, keystore_type):
@ -238,20 +235,17 @@ def import_cert_path(module, executable, path, keystore_path, keystore_pass, ali
keystore_pass, path, alias,
get_keystore_type(keystore_type))
if module.check_mode:
module.exit_json(changed=True)
# Use local certificate from local path and import it to a java keystore
(import_rc, import_out, import_err) = module.run_command(import_cmd,
check_rc=False)
diff = {'before': '\n', 'after': '%s\n' % alias}
if import_rc == 0:
return module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
error=import_err, diff=diff)
module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
error=import_err, diff=diff)
else:
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
def import_pkcs12_path(module, executable, path, keystore_path, keystore_pass, pkcs12_pass, pkcs12_alias, alias, keystore_type):
@ -263,20 +257,17 @@ def import_pkcs12_path(module, executable, path, keystore_path, keystore_pass, p
keystore_pass, path, pkcs12_pass, pkcs12_alias,
alias, get_keystore_type(keystore_type))
if module.check_mode:
module.exit_json(changed=True)
# Use local certificate from local path and import it to a java keystore
(import_rc, import_out, import_err) = module.run_command(import_cmd,
check_rc=False)
diff = {'before': '\n', 'after': '%s\n' % alias}
if import_rc == 0:
return module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
error=import_err, diff=diff)
module.exit_json(changed=True, msg=import_out,
rc=import_rc, cmd=import_cmd, stdout=import_out,
error=import_err, diff=diff)
else:
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
def delete_cert(module, executable, keystore_path, keystore_pass, alias, keystore_type):
@ -284,24 +275,19 @@ def delete_cert(module, executable, keystore_path, keystore_pass, alias, keystor
del_cmd = ("%s -delete -keystore '%s' -storepass '%s' "
"-alias '%s' %s") % (executable, keystore_path, keystore_pass, alias, get_keystore_type(keystore_type))
if module.check_mode:
module.exit_json(changed=True)
# Delete SSL certificate from keystore
(del_rc, del_out, del_err) = module.run_command(del_cmd, check_rc=True)
diff = {'before': '%s\n' % alias, 'after': None}
return module.exit_json(changed=True, msg=del_out,
rc=del_rc, cmd=del_cmd, stdout=del_out,
error=del_err, diff=diff)
module.exit_json(changed=True, msg=del_out,
rc=del_rc, cmd=del_cmd, stdout=del_out,
error=del_err, diff=diff)
def test_keytool(module, executable):
''' Test if keytool is actuall executable or not '''
test_cmd = "%s" % (executable)
module.run_command(test_cmd, check_rc=True)
''' Test if keytool is actually executable or not '''
module.run_command("%s" % executable, check_rc=True)
def test_keystore(module, keystore_path):
@ -311,9 +297,7 @@ def test_keystore(module, keystore_path):
if not os.path.exists(keystore_path) and not os.path.isfile(keystore_path):
# Keystore doesn't exist we want to create it
return module.fail_json(changed=False,
msg="Module require existing keystore at keystore_path '%s'"
% (keystore_path))
module.fail_json(changed=False, msg="Module require existing keystore at keystore_path '%s'" % keystore_path)
def main():
@ -363,7 +347,7 @@ def main():
if path and not cert_alias:
module.fail_json(changed=False,
msg="Using local path import from %s requires alias argument."
% (keystore_path))
% keystore_path)
test_keytool(module, executable)
@ -373,23 +357,27 @@ def main():
cert_present = check_cert_present(module, executable, keystore_path,
keystore_pass, cert_alias, keystore_type)
if state == 'absent':
if cert_present:
delete_cert(module, executable, keystore_path, keystore_pass, cert_alias, keystore_type)
if state == 'absent' and cert_present:
if module.check_mode:
module.exit_json(changed=True)
elif state == 'present':
if not cert_present:
if pkcs12_path:
import_pkcs12_path(module, executable, pkcs12_path, keystore_path,
keystore_pass, pkcs12_pass, pkcs12_alias, cert_alias, keystore_type)
delete_cert(module, executable, keystore_path, keystore_pass, cert_alias, keystore_type)
if path:
import_cert_path(module, executable, path, keystore_path,
keystore_pass, cert_alias, keystore_type)
elif state == 'present' and not cert_present:
if module.check_mode:
module.exit_json(changed=True)
if url:
import_cert_url(module, executable, url, port, keystore_path,
keystore_pass, cert_alias, keystore_type)
if pkcs12_path:
import_pkcs12_path(module, executable, pkcs12_path, keystore_path,
keystore_pass, pkcs12_pass, pkcs12_alias, cert_alias, keystore_type)
if path:
import_cert_path(module, executable, path, keystore_path,
keystore_pass, cert_alias, keystore_type)
if url:
import_cert_url(module, executable, url, port, keystore_path,
keystore_pass, cert_alias, keystore_type)
module.exit_json(changed=False)