java_cert: Remove redundant return (#52879)
* Remove redundant return statements for module.exit_json * Doc changes * Typo fixes * Refactor for check_mode Based upon work of pilou- Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
parent
2e47e9fffa
commit
3bdbe24861
1 changed files with 46 additions and 58 deletions
|
@ -15,7 +15,7 @@ DOCUMENTATION = r'''
|
|||
---
|
||||
module: java_cert
|
||||
version_added: '2.3'
|
||||
short_description: Uses keytool to import/remove key from java keystore(cacerts)
|
||||
short_description: Uses keytool to import/remove key from java keystore (cacerts)
|
||||
description:
|
||||
- This is a wrapper module around keytool, which can be used to import/remove
|
||||
certificates from a given java keystore.
|
||||
|
@ -23,7 +23,7 @@ options:
|
|||
cert_url:
|
||||
description:
|
||||
- Basic URL to fetch SSL certificate from.
|
||||
- One of iC(cert_url) or C(cert_path) is required to load certificate.
|
||||
- One of C(cert_url) or C(cert_path) is required to load certificate.
|
||||
type: str
|
||||
cert_port:
|
||||
description:
|
||||
|
@ -34,7 +34,7 @@ options:
|
|||
cert_path:
|
||||
description:
|
||||
- Local path to load certificate from.
|
||||
- One of cert_url or cert_path is required to load certificate.
|
||||
- One of C(cert_url) or C(cert_path) is required to load certificate.
|
||||
type: path
|
||||
cert_alias:
|
||||
description:
|
||||
|
@ -158,6 +158,7 @@ cmd:
|
|||
'''
|
||||
|
||||
import os
|
||||
import re
|
||||
|
||||
# import module snippets
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
@ -166,7 +167,7 @@ from ansible.module_utils.basic import AnsibleModule
|
|||
def get_keystore_type(keystore_type):
|
||||
''' Check that custom keystore is presented in parameters '''
|
||||
if keystore_type:
|
||||
return (" -storetype '%s'") % (keystore_type)
|
||||
return " -storetype '%s'" % keystore_type
|
||||
return ''
|
||||
|
||||
|
||||
|
@ -184,7 +185,6 @@ def check_cert_present(module, executable, keystore_path, keystore_pass, alias,
|
|||
|
||||
def import_cert_url(module, executable, url, port, keystore_path, keystore_pass, alias, keystore_type):
|
||||
''' Import certificate from URL into keystore located at keystore_path '''
|
||||
import re
|
||||
|
||||
https_proxy = os.getenv("https_proxy")
|
||||
no_proxy = os.getenv("no_proxy")
|
||||
|
@ -192,7 +192,7 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
|
|||
proxy_opts = ''
|
||||
if https_proxy is not None:
|
||||
(proxy_host, proxy_port) = https_proxy.split(':')
|
||||
proxy_opts = ("-J-Dhttps.proxyHost=%s -J-Dhttps.proxyPort=%s") % (proxy_host, proxy_port)
|
||||
proxy_opts = "-J-Dhttps.proxyHost=%s -J-Dhttps.proxyPort=%s" % (proxy_host, proxy_port)
|
||||
|
||||
if no_proxy is not None:
|
||||
# For Java's nonProxyHosts property, items are separated by '|',
|
||||
|
@ -202,17 +202,14 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
|
|||
|
||||
# The property name is http.nonProxyHosts, there is no
|
||||
# separate setting for HTTPS.
|
||||
proxy_opts += (" -J-Dhttp.nonProxyHosts='%s'") % (non_proxy_hosts)
|
||||
proxy_opts += " -J-Dhttp.nonProxyHosts='%s'" % non_proxy_hosts
|
||||
|
||||
fetch_cmd = ("%s -printcert -rfc -sslserver %s %s:%d") % (executable, proxy_opts, url, port)
|
||||
fetch_cmd = "%s -printcert -rfc -sslserver %s %s:%d" % (executable, proxy_opts, url, port)
|
||||
import_cmd = ("%s -importcert -noprompt -keystore '%s' "
|
||||
"-storepass '%s' -alias '%s' %s") % (executable, keystore_path,
|
||||
keystore_pass, alias,
|
||||
get_keystore_type(keystore_type))
|
||||
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
# Fetch SSL certificate from remote host.
|
||||
(_, fetch_out, _) = module.run_command(fetch_cmd, check_rc=True)
|
||||
|
||||
|
@ -222,12 +219,12 @@ def import_cert_url(module, executable, url, port, keystore_path, keystore_pass,
|
|||
check_rc=False)
|
||||
diff = {'before': '\n', 'after': '%s\n' % alias}
|
||||
if import_rc == 0:
|
||||
return module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
diff=diff)
|
||||
module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
diff=diff)
|
||||
else:
|
||||
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd,
|
||||
error=import_err)
|
||||
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd,
|
||||
error=import_err)
|
||||
|
||||
|
||||
def import_cert_path(module, executable, path, keystore_path, keystore_pass, alias, keystore_type):
|
||||
|
@ -238,20 +235,17 @@ def import_cert_path(module, executable, path, keystore_path, keystore_pass, ali
|
|||
keystore_pass, path, alias,
|
||||
get_keystore_type(keystore_type))
|
||||
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
# Use local certificate from local path and import it to a java keystore
|
||||
(import_rc, import_out, import_err) = module.run_command(import_cmd,
|
||||
check_rc=False)
|
||||
|
||||
diff = {'before': '\n', 'after': '%s\n' % alias}
|
||||
if import_rc == 0:
|
||||
return module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
error=import_err, diff=diff)
|
||||
module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
error=import_err, diff=diff)
|
||||
else:
|
||||
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
|
||||
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
|
||||
|
||||
|
||||
def import_pkcs12_path(module, executable, path, keystore_path, keystore_pass, pkcs12_pass, pkcs12_alias, alias, keystore_type):
|
||||
|
@ -263,20 +257,17 @@ def import_pkcs12_path(module, executable, path, keystore_path, keystore_pass, p
|
|||
keystore_pass, path, pkcs12_pass, pkcs12_alias,
|
||||
alias, get_keystore_type(keystore_type))
|
||||
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
# Use local certificate from local path and import it to a java keystore
|
||||
(import_rc, import_out, import_err) = module.run_command(import_cmd,
|
||||
check_rc=False)
|
||||
|
||||
diff = {'before': '\n', 'after': '%s\n' % alias}
|
||||
if import_rc == 0:
|
||||
return module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
error=import_err, diff=diff)
|
||||
module.exit_json(changed=True, msg=import_out,
|
||||
rc=import_rc, cmd=import_cmd, stdout=import_out,
|
||||
error=import_err, diff=diff)
|
||||
else:
|
||||
return module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
|
||||
module.fail_json(msg=import_out, rc=import_rc, cmd=import_cmd)
|
||||
|
||||
|
||||
def delete_cert(module, executable, keystore_path, keystore_pass, alias, keystore_type):
|
||||
|
@ -284,24 +275,19 @@ def delete_cert(module, executable, keystore_path, keystore_pass, alias, keystor
|
|||
del_cmd = ("%s -delete -keystore '%s' -storepass '%s' "
|
||||
"-alias '%s' %s") % (executable, keystore_path, keystore_pass, alias, get_keystore_type(keystore_type))
|
||||
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
# Delete SSL certificate from keystore
|
||||
(del_rc, del_out, del_err) = module.run_command(del_cmd, check_rc=True)
|
||||
|
||||
diff = {'before': '%s\n' % alias, 'after': None}
|
||||
|
||||
return module.exit_json(changed=True, msg=del_out,
|
||||
rc=del_rc, cmd=del_cmd, stdout=del_out,
|
||||
error=del_err, diff=diff)
|
||||
module.exit_json(changed=True, msg=del_out,
|
||||
rc=del_rc, cmd=del_cmd, stdout=del_out,
|
||||
error=del_err, diff=diff)
|
||||
|
||||
|
||||
def test_keytool(module, executable):
|
||||
''' Test if keytool is actuall executable or not '''
|
||||
test_cmd = "%s" % (executable)
|
||||
|
||||
module.run_command(test_cmd, check_rc=True)
|
||||
''' Test if keytool is actually executable or not '''
|
||||
module.run_command("%s" % executable, check_rc=True)
|
||||
|
||||
|
||||
def test_keystore(module, keystore_path):
|
||||
|
@ -311,9 +297,7 @@ def test_keystore(module, keystore_path):
|
|||
|
||||
if not os.path.exists(keystore_path) and not os.path.isfile(keystore_path):
|
||||
# Keystore doesn't exist we want to create it
|
||||
return module.fail_json(changed=False,
|
||||
msg="Module require existing keystore at keystore_path '%s'"
|
||||
% (keystore_path))
|
||||
module.fail_json(changed=False, msg="Module require existing keystore at keystore_path '%s'" % keystore_path)
|
||||
|
||||
|
||||
def main():
|
||||
|
@ -363,7 +347,7 @@ def main():
|
|||
if path and not cert_alias:
|
||||
module.fail_json(changed=False,
|
||||
msg="Using local path import from %s requires alias argument."
|
||||
% (keystore_path))
|
||||
% keystore_path)
|
||||
|
||||
test_keytool(module, executable)
|
||||
|
||||
|
@ -373,23 +357,27 @@ def main():
|
|||
cert_present = check_cert_present(module, executable, keystore_path,
|
||||
keystore_pass, cert_alias, keystore_type)
|
||||
|
||||
if state == 'absent':
|
||||
if cert_present:
|
||||
delete_cert(module, executable, keystore_path, keystore_pass, cert_alias, keystore_type)
|
||||
if state == 'absent' and cert_present:
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
elif state == 'present':
|
||||
if not cert_present:
|
||||
if pkcs12_path:
|
||||
import_pkcs12_path(module, executable, pkcs12_path, keystore_path,
|
||||
keystore_pass, pkcs12_pass, pkcs12_alias, cert_alias, keystore_type)
|
||||
delete_cert(module, executable, keystore_path, keystore_pass, cert_alias, keystore_type)
|
||||
|
||||
if path:
|
||||
import_cert_path(module, executable, path, keystore_path,
|
||||
keystore_pass, cert_alias, keystore_type)
|
||||
elif state == 'present' and not cert_present:
|
||||
if module.check_mode:
|
||||
module.exit_json(changed=True)
|
||||
|
||||
if url:
|
||||
import_cert_url(module, executable, url, port, keystore_path,
|
||||
keystore_pass, cert_alias, keystore_type)
|
||||
if pkcs12_path:
|
||||
import_pkcs12_path(module, executable, pkcs12_path, keystore_path,
|
||||
keystore_pass, pkcs12_pass, pkcs12_alias, cert_alias, keystore_type)
|
||||
|
||||
if path:
|
||||
import_cert_path(module, executable, path, keystore_path,
|
||||
keystore_pass, cert_alias, keystore_type)
|
||||
|
||||
if url:
|
||||
import_cert_url(module, executable, url, port, keystore_path,
|
||||
keystore_pass, cert_alias, keystore_type)
|
||||
|
||||
module.exit_json(changed=False)
|
||||
|
||||
|
|
Loading…
Reference in a new issue