From 14f13daa9906c79fc24c1a33ab13f4bcb39c62fa Mon Sep 17 00:00:00 2001 From: Alexei Znamensky <103110+russoz@users.noreply.github.com> Date: Fri, 18 Jul 2025 11:22:59 +1200 Subject: [PATCH] doc style adjustments: modules [jk]* (#10420) * doc style adjustments: modules j* * doc style adjustments: modules k* * Apply suggestions from code review Co-authored-by: Felix Fontein * Update plugins/modules/keycloak_realm_key.py --------- Co-authored-by: Felix Fontein --- plugins/modules/java_cert.py | 6 +-- plugins/modules/java_keystore.py | 8 +-- plugins/modules/jenkins_build_info.py | 2 +- plugins/modules/jenkins_credential.py | 10 ++-- plugins/modules/jenkins_job.py | 4 +- plugins/modules/jenkins_job_info.py | 2 +- plugins/modules/jenkins_node.py | 4 +- plugins/modules/jenkins_plugin.py | 6 +-- plugins/modules/jenkins_script.py | 4 +- plugins/modules/jira.py | 17 +++--- plugins/modules/kdeconfig.py | 4 +- ...eycloak_authentication_required_actions.py | 4 +- .../keycloak_authz_authorization_scope.py | 4 +- .../modules/keycloak_authz_custom_policy.py | 4 +- plugins/modules/keycloak_authz_permission.py | 4 +- plugins/modules/keycloak_client.py | 38 ++++++++----- .../modules/keycloak_client_rolemapping.py | 42 +++++++++------ plugins/modules/keycloak_client_rolescope.py | 10 ++-- plugins/modules/keycloak_clientscope.py | 32 +++++++---- plugins/modules/keycloak_clientscope_type.py | 29 ++++++++-- plugins/modules/keycloak_clientsecret_info.py | 4 +- .../keycloak_clientsecret_regenerate.py | 4 +- plugins/modules/keycloak_clienttemplate.py | 9 ++-- plugins/modules/keycloak_component.py | 4 +- plugins/modules/keycloak_group.py | 18 +++---- plugins/modules/keycloak_identity_provider.py | 13 +++-- plugins/modules/keycloak_realm.py | 22 ++++++-- plugins/modules/keycloak_realm_info.py | 6 +-- plugins/modules/keycloak_realm_key.py | 32 +++++++---- plugins/modules/keycloak_realm_rolemapping.py | 37 ++++++++----- plugins/modules/keycloak_role.py | 15 +++--- plugins/modules/keycloak_user.py | 6 +-- plugins/modules/keycloak_user_federation.py | 54 +++++++++---------- plugins/modules/keycloak_user_rolemapping.py | 44 +++++++++------ plugins/modules/keycloak_userprofile.py | 8 ++- plugins/modules/kibana_plugin.py | 4 +- plugins/modules/krb_ticket.py | 14 ++--- 37 files changed, 311 insertions(+), 217 deletions(-) diff --git a/plugins/modules/java_cert.py b/plugins/modules/java_cert.py index b75021fc57..c832a47f05 100644 --- a/plugins/modules/java_cert.py +++ b/plugins/modules/java_cert.py @@ -32,7 +32,7 @@ options: cert_port: description: - Port to connect to URL. - - This will be used to create server URL:PORT. + - This is used to create server URL:PORT. type: int default: 443 cert_path: @@ -98,8 +98,8 @@ options: state: description: - Defines action which can be either certificate import or removal. - - When state is present, the certificate will always idempotently be inserted into the keystore, even if there already - exists a cert alias that is different. + - When O(state=present), the certificate is always inserted into the keystore, even if there already exists a cert alias + that is different. type: str choices: [absent, present] default: present diff --git a/plugins/modules/java_keystore.py b/plugins/modules/java_keystore.py index df7e71abbe..b655bbc49a 100644 --- a/plugins/modules/java_keystore.py +++ b/plugins/modules/java_keystore.py @@ -24,8 +24,8 @@ options: name: description: - Name of the certificate in the keystore. - - If the provided name does not exist in the keystore, the module will re-create the keystore. This behavior changed - in community.general 3.0.0, before that the module would fail when the name did not match. + - If the provided name does not exist in the keystore, the module re-creates the keystore. This behavior changed in + community.general 3.0.0, before that the module would fail when the name did not match. type: str required: true certificate: @@ -62,7 +62,7 @@ options: password: description: - Password that should be used to secure the keystore. - - If the provided password fails to unlock the keystore, the module will re-create the keystore with the new passphrase. + - If the provided password fails to unlock the keystore, the module re-creates the keystore with the new passphrase. This behavior changed in community.general 3.0.0, before that the module would fail when the password did not match. type: str required: true @@ -130,7 +130,7 @@ notes: or with the P(ansible.builtin.file#lookup) lookup), while O(certificate_path) and O(private_key_path) require that the files are available on the target host. - By design, any change of a value of options O(keystore_type), O(name) or O(password), as well as changes of key or certificate - materials will cause the existing O(dest) to be overwritten. + materials causes the existing O(dest) to be overwritten. """ EXAMPLES = r""" diff --git a/plugins/modules/jenkins_build_info.py b/plugins/modules/jenkins_build_info.py index 7d08ec91ce..85cb22ad2c 100644 --- a/plugins/modules/jenkins_build_info.py +++ b/plugins/modules/jenkins_build_info.py @@ -30,7 +30,7 @@ options: build_number: description: - An integer which specifies a build of a job. - - If not specified the last build information will be returned. + - If not specified the last build information is returned. type: int password: description: diff --git a/plugins/modules/jenkins_credential.py b/plugins/modules/jenkins_credential.py index 3aff19c96d..1f97dafed2 100644 --- a/plugins/modules/jenkins_credential.py +++ b/plugins/modules/jenkins_credential.py @@ -10,13 +10,13 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type DOCUMENTATION = r""" ---- module: jenkins_credential -short_description: Manage Jenkins credentials and domains via API +short_description: Manage Jenkins credentials and domains through API version_added: 11.1.0 description: - - This module allows managing Jenkins credentials and domain scopes via the Jenkins HTTP API. - - Create, update, and delete different credential types such as C(username/password), C(secret text), C(SSH key), C(certificates), C(GitHub App), and domains. + - This module allows managing Jenkins credentials and domain scopes through the Jenkins HTTP API. + - Create, update, and delete different credential types such as C(username/password), C(secret text), C(SSH key), C(certificates), + C(GitHub App), and domains. - For scoped domains (O(type=scope)), it supports restrictions based on V(hostname), V(hostname:port), V(path), and V(scheme). requirements: - urllib3 >= 1.26.0 @@ -170,7 +170,7 @@ options: inc_path: description: - List of URL paths to include when matching credentials to domains. - - "B(Matching is hierarchical): subpaths of excluded paths are also excluded, even if explicitly included." + - 'B(Matching is hierarchical): subpaths of excluded paths are also excluded, even if explicitly included.' type: list elements: str exc_path: diff --git a/plugins/modules/jenkins_job.py b/plugins/modules/jenkins_job.py index 93d922ed22..a33b512fee 100644 --- a/plugins/modules/jenkins_job.py +++ b/plugins/modules/jenkins_job.py @@ -76,8 +76,8 @@ options: type: bool default: true description: - - If set to V(false), the SSL certificates will not be validated. This should only set to V(false) used on personally - controlled sites using self-signed certificates as it avoids verifying the source site. + - If set to V(false), the SSL certificates are not validated. This should only set to V(false) used on personally controlled + sites using self-signed certificates as it avoids verifying the source site. - The C(python-jenkins) library only handles this by using the environment variable E(PYTHONHTTPSVERIFY). version_added: 2.3.0 """ diff --git a/plugins/modules/jenkins_job_info.py b/plugins/modules/jenkins_job_info.py index 638158fb44..37d9af3f56 100644 --- a/plugins/modules/jenkins_job_info.py +++ b/plugins/modules/jenkins_job_info.py @@ -53,7 +53,7 @@ options: - User to authenticate with the Jenkins server. validate_certs: description: - - If set to V(false), the SSL certificates will not be validated. + - If set to V(false), the SSL certificates are not validated. - This should only set to V(false) used on personally controlled sites using self-signed certificates. default: true type: bool diff --git a/plugins/modules/jenkins_node.py b/plugins/modules/jenkins_node.py index affd462659..aa75100168 100644 --- a/plugins/modules/jenkins_node.py +++ b/plugins/modules/jenkins_node.py @@ -65,9 +65,9 @@ options: offline_message: description: - Specifies the offline reason message to be set when configuring the Jenkins node state. - - If O(offline_message) is given and requested O(state) is not V(disabled), an error will be raised. + - If O(offline_message) is given and requested O(state) is not V(disabled), an error is raised. - Internally O(offline_message) is set using the V(toggleOffline) API, so updating the message when the node is already - offline (current state V(disabled)) is not possible. In this case, a warning will be issued. + offline (current state V(disabled)) is not possible. In this case, a warning is issued. type: str version_added: 10.0.0 """ diff --git a/plugins/modules/jenkins_plugin.py b/plugins/modules/jenkins_plugin.py index 73ff40c725..f47dcfe92f 100644 --- a/plugins/modules/jenkins_plugin.py +++ b/plugins/modules/jenkins_plugin.py @@ -51,7 +51,7 @@ options: type: str description: - Desired plugin state. - - If set to V(latest), the check for new version will be performed every time. This is suitable to keep the plugin up-to-date. + - If set to V(latest), the check for new version is performed every time. This is suitable to keep the plugin up-to-date. choices: [absent, present, pinned, unpinned, enabled, disabled, latest] default: present timeout: @@ -64,8 +64,8 @@ options: description: - Number of seconds after which a new copy of the C(update-center.json) file is downloaded. This is used to avoid the need to download the plugin to calculate its checksum when O(state=latest) is specified. - - Set it to V(0) if no cache file should be used. In that case, the plugin file will always be downloaded to calculate - its checksum when O(state=latest) is specified. + - Set it to V(0) if no cache file should be used. In that case, the plugin file is always downloaded to calculate its + checksum when O(state=latest) is specified. default: 86400 updates_url: type: list diff --git a/plugins/modules/jenkins_script.py b/plugins/modules/jenkins_script.py index bd30f9daa7..bf01f97761 100644 --- a/plugins/modules/jenkins_script.py +++ b/plugins/modules/jenkins_script.py @@ -39,8 +39,8 @@ options: default: http://localhost:8080 validate_certs: description: - - If set to V(false), the SSL certificates will not be validated. This should only set to V(false) used on personally - controlled sites using self-signed certificates as it avoids verifying the source site. + - If set to V(false), the SSL certificates are not validated. This should only set to V(false) used on personally controlled + sites using self-signed certificates as it avoids verifying the source site. type: bool default: true user: diff --git a/plugins/modules/jira.py b/plugins/modules/jira.py index 580177d64d..f99c252675 100644 --- a/plugins/modules/jira.py +++ b/plugins/modules/jira.py @@ -117,14 +117,13 @@ options: suboptions: type: description: - - Use type to specify which of the JIRA visibility restriction types will be used. + - Use O(comment_visibility.type) to specify which of the JIRA visibility restriction types is used. type: str required: true choices: [group, role] value: description: - - Use value to specify value corresponding to the type of visibility restriction. For example name of the group - or role. + - Specify value corresponding to the type of visibility restriction. For example name of the group or role. type: str required: true version_added: '3.2.0' @@ -165,12 +164,12 @@ options: type: str required: false description: - - Set issue from which link will be created. + - Set issue from which link is created. outwardissue: type: str required: false description: - - Set issue to which link will be created. + - Set issue to which link is created. fields: type: dict required: false @@ -192,7 +191,7 @@ options: maxresults: required: false description: - - Limit the result of O(operation=search). If no value is specified, the default jira limit will be used. + - Limit the result of O(operation=search). If no value is specified, the default JIRA limit is used. - Used when O(operation=search) only, ignored otherwise. type: int version_added: '0.2.0' @@ -226,12 +225,12 @@ options: content: type: str description: - - The Base64 encoded contents of the file to attach. If not specified, the contents of O(attachment.filename) will - be used instead. + - The Base64 encoded contents of the file to attach. If not specified, the contents of O(attachment.filename) is + used instead. mimetype: type: str description: - - The MIME type to supply for the upload. If not specified, best-effort detection will be done. + - The MIME type to supply for the upload. If not specified, best-effort detection is performed. notes: - Currently this only works with basic-auth, or tokens. - To use with JIRA Cloud, pass the login e-mail as the O(username) and the API token as O(password). diff --git a/plugins/modules/kdeconfig.py b/plugins/modules/kdeconfig.py index 4cc0fcf166..ac542d04e8 100644 --- a/plugins/modules/kdeconfig.py +++ b/plugins/modules/kdeconfig.py @@ -17,12 +17,12 @@ description: options: path: description: - - Path to the config file. If the file does not exist it will be created. + - Path to the config file. If the file does not exist it is created. type: path required: true kwriteconfig_path: description: - - Path to the kwriteconfig executable. If not specified, Ansible will try to discover it. + - Path to the kwriteconfig executable. If not specified, Ansible tries to discover it. type: path values: description: diff --git a/plugins/modules/keycloak_authentication_required_actions.py b/plugins/modules/keycloak_authentication_required_actions.py index 246963202f..69183ce605 100644 --- a/plugins/modules/keycloak_authentication_required_actions.py +++ b/plugins/modules/keycloak_authentication_required_actions.py @@ -49,7 +49,7 @@ options: type: dict defaultAction: description: - - Indicates, if any new user will have the required action assigned to it. + - Indicates whether new users have the required action assigned to them. type: bool enabled: description: @@ -149,7 +149,7 @@ end_state: type: dict defaultAction: description: - - Indicates, if any new user will have the required action assigned to it. + - Indicates whether new users have the required action assigned to them. sample: false type: bool enabled: diff --git a/plugins/modules/keycloak_authz_authorization_scope.py b/plugins/modules/keycloak_authz_authorization_scope.py index ef094830f5..1ce2db5212 100644 --- a/plugins/modules/keycloak_authz_authorization_scope.py +++ b/plugins/modules/keycloak_authz_authorization_scope.py @@ -37,8 +37,8 @@ options: state: description: - State of the authorization scope. - - On V(present), the authorization scope will be created (or updated if it exists already). - - On V(absent), the authorization scope will be removed if it exists. + - On V(present), the authorization scope is created (or updated if it exists already). + - On V(absent), the authorization scope is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str diff --git a/plugins/modules/keycloak_authz_custom_policy.py b/plugins/modules/keycloak_authz_custom_policy.py index 132119f53f..9607c0172c 100644 --- a/plugins/modules/keycloak_authz_custom_policy.py +++ b/plugins/modules/keycloak_authz_custom_policy.py @@ -38,8 +38,8 @@ options: state: description: - State of the custom policy. - - On V(present), the custom policy will be created (or updated if it exists already). - - On V(absent), the custom policy will be removed if it exists. + - On V(present), the custom policy is created (or updated if it exists already). + - On V(absent), the custom policy is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str diff --git a/plugins/modules/keycloak_authz_permission.py b/plugins/modules/keycloak_authz_permission.py index e931fd72f9..781afa87d1 100644 --- a/plugins/modules/keycloak_authz_permission.py +++ b/plugins/modules/keycloak_authz_permission.py @@ -43,8 +43,8 @@ options: state: description: - State of the authorization permission. - - On V(present), the authorization permission will be created (or updated if it exists already). - - On V(absent), the authorization permission will be removed if it exists. + - On V(present), the authorization permission is created (or updated if it exists already). + - On V(absent), the authorization permission is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str diff --git a/plugins/modules/keycloak_client.py b/plugins/modules/keycloak_client.py index 0a7f3fe73f..6c8a7b1383 100644 --- a/plugins/modules/keycloak_client.py +++ b/plugins/modules/keycloak_client.py @@ -37,8 +37,8 @@ options: state: description: - State of the client. - - On V(present), the client will be created (or updated if it exists already). - - On V(absent), the client will be removed if it exists. + - On V(present), the client are created (or updated if it exists already). + - On V(absent), the client are removed if it exists. choices: ['present', 'absent'] default: 'present' type: str @@ -116,8 +116,8 @@ options: secret: description: - When using O(client_authenticator_type=client-secret) (the default), you can specify a secret here (otherwise one - will be generated if it does not exit). If changing this secret, the module will not register a change currently (but - the changed secret will be saved). + is generated if it does not exit). If changing this secret, the module does not register a change currently (but the + changed secret is saved). type: str registration_access_token: @@ -130,8 +130,8 @@ options: default_roles: description: - - List of default roles for this client. If the client roles referenced do not exist yet, they will be created. This - is C(defaultRoles) in the Keycloak REST API. + - List of default roles for this client. If the client roles referenced do not exist yet, they are created. This is + C(defaultRoles) in the Keycloak REST API. aliases: - defaultRoles type: list @@ -232,7 +232,7 @@ options: protocol: description: - Type of client. - - At creation only, default value will be V(openid-connect) if O(protocol) is omitted. + - At creation only, default value is V(openid-connect) if O(protocol) is omitted. - The V(docker-v2) value was added in community.general 8.6.0. type: str choices: ['openid-connect', 'saml', 'docker-v2'] @@ -261,7 +261,7 @@ options: client_template: description: - - Client template to use for this client. If it does not exist this field will silently be dropped. This is C(clientTemplate) + - Client template to use for this client. If it does not exist this field is silently dropped. This is C(clientTemplate) in the Keycloak REST API. type: str aliases: @@ -454,7 +454,7 @@ options: - A dict of further attributes for this client. This can contain various configuration settings; an example is given in the examples section. While an exhaustive list of permissible options is not available; possible options as of Keycloak 3.4 are listed below. The Keycloak API does not validate whether a given option is appropriate for the protocol - used; if specified anyway, Keycloak will simply not use it. + used; if specified anyway, Keycloak does not use it. type: dict suboptions: saml.authnstatement: @@ -532,7 +532,7 @@ options: - For OpenID-Connect clients, client certificate for validating JWT issued by client and signed by its key, base64-encoded. x509.subjectdn: description: - - For OpenID-Connect clients, subject which will be used to authenticate the client. + - For OpenID-Connect clients, subject which is used to authenticate the client. type: str version_added: 9.5.0 @@ -704,19 +704,31 @@ proposed: description: Representation of proposed client. returned: always type: dict - sample: {clientId: "test"} + sample: {"clientId": "test"} existing: description: Representation of existing client (sample is truncated). returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: Representation of client after module execution (sample is truncated). returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ diff --git a/plugins/modules/keycloak_client_rolemapping.py b/plugins/modules/keycloak_client_rolemapping.py index ff41486873..1700c99cc1 100644 --- a/plugins/modules/keycloak_client_rolemapping.py +++ b/plugins/modules/keycloak_client_rolemapping.py @@ -22,9 +22,9 @@ description: the scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. - When updating a client_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to translate the name into the role ID. attributes: @@ -39,9 +39,9 @@ options: state: description: - State of the client_rolemapping. - - On V(present), the client_rolemapping will be created if it does not yet exist, or updated with the parameters you - provide. - - On V(absent), the client_rolemapping will be removed if it exists. + - On V(present), the client_rolemapping is created if it does not yet exist, or updated with the parameters + you provide. + - On V(absent), the client_rolemapping is removed if it exists. default: 'present' type: str choices: @@ -87,8 +87,8 @@ options: type: str description: - ID of the group to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. client_id: type: str description: @@ -98,8 +98,8 @@ options: type: str description: - ID of the client to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. roles: description: - Roles to be mapped to the group. @@ -115,8 +115,8 @@ options: type: str description: - The unique identifier for this role_representation. - - This parameter is not required for updating or deleting a role_representation but providing it will reduce the - number of API calls required. + - This parameter is not required for updating or deleting a role_representation but providing it reduces the number + of API calls required. extends_documentation_fragment: - community.general.keycloak - community.general.keycloak.actiongroup_keycloak @@ -209,7 +209,7 @@ proposed: description: Representation of proposed client role mapping. returned: always type: dict - sample: {clientId: "test"} + sample: {"clientId": "test"} existing: description: @@ -217,7 +217,13 @@ existing: - The sample is truncated. returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: @@ -225,7 +231,13 @@ end_state: - The sample is truncated. returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import ( diff --git a/plugins/modules/keycloak_client_rolescope.py b/plugins/modules/keycloak_client_rolescope.py index db11f37098..fcf57c2e4a 100644 --- a/plugins/modules/keycloak_client_rolescope.py +++ b/plugins/modules/keycloak_client_rolescope.py @@ -22,9 +22,9 @@ description: In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles. - Client O(client_id) must have O(community.general.keycloak_client#module:full_scope_allowed) set to V(false). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. attributes: check_mode: support: full @@ -37,8 +37,8 @@ options: state: description: - State of the role mapping. - - On V(present), all roles in O(role_names) will be mapped if not exists yet. - - On V(absent), all roles mapping in O(role_names) will be removed if it exists. + - On V(present), all roles in O(role_names) are mapped if not exist yet. + - On V(absent), all roles mapping in O(role_names) are removed if it exists. default: 'present' type: str choices: diff --git a/plugins/modules/keycloak_clientscope.py b/plugins/modules/keycloak_clientscope.py index ed9fe97043..ddb4e1b04b 100644 --- a/plugins/modules/keycloak_clientscope.py +++ b/plugins/modules/keycloak_clientscope.py @@ -22,9 +22,9 @@ description: the scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. - When updating a client_scope, where possible provide the client_scope ID to the module. This removes a lookup to the API to translate the name into the client_scope ID. attributes: @@ -39,8 +39,8 @@ options: state: description: - State of the client_scope. - - On V(present), the client_scope will be created if it does not yet exist, or updated with the parameters you provide. - - On V(absent), the client_scope will be removed if it exists. + - On V(present), the client_scope is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the client_scope is removed if it exists. default: 'present' type: str choices: @@ -62,8 +62,8 @@ options: type: str description: - The unique identifier for this client_scope. - - This parameter is not required for updating or deleting a client_scope but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting a client_scope but providing it reduces the number of API + calls required. description: type: str description: @@ -263,19 +263,31 @@ proposed: description: Representation of proposed client scope. returned: always type: dict - sample: {clientId: "test"} + sample: {"clientId": "test"} existing: description: Representation of existing client scope (sample is truncated). returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: Representation of client scope after module execution (sample is truncated). returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ diff --git a/plugins/modules/keycloak_clientscope_type.py b/plugins/modules/keycloak_clientscope_type.py index 493363f391..85308f1a22 100644 --- a/plugins/modules/keycloak_clientscope_type.py +++ b/plugins/modules/keycloak_clientscope_type.py @@ -99,20 +99,43 @@ proposed: description: Representation of proposed client-scope types mapping. returned: always type: dict - sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []} + sample: + { + "default_clientscopes": [ + "profile", + "role" + ], + "optional_clientscopes": [] + } existing: description: - Representation of client scopes before module execution. returned: always type: dict - sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: ["phone"]} + sample: + { + "default_clientscopes": [ + "profile", + "role" + ], + "optional_clientscopes": [ + "phone" + ] + } end_state: description: - Representation of client scopes after module execution. - The sample is truncated. returned: on success type: dict - sample: {default_clientscopes: ["profile", "role"], optional_clientscopes: []} + sample: + { + "default_clientscopes": [ + "profile", + "role" + ], + "optional_clientscopes": [] + } """ from ansible.module_utils.basic import AnsibleModule diff --git a/plugins/modules/keycloak_clientsecret_info.py b/plugins/modules/keycloak_clientsecret_info.py index da07d03248..0ea48f6a33 100644 --- a/plugins/modules/keycloak_clientsecret_info.py +++ b/plugins/modules/keycloak_clientsecret_info.py @@ -39,8 +39,8 @@ options: id: description: - The unique identifier for this client. - - This parameter is not required for getting or generating a client secret but providing it will reduce the number of - API calls required. + - This parameter is not required for getting or generating a client secret but providing it reduces the number of API + calls required. type: str client_id: diff --git a/plugins/modules/keycloak_clientsecret_regenerate.py b/plugins/modules/keycloak_clientsecret_regenerate.py index bb449abc10..2bcaeb3705 100644 --- a/plugins/modules/keycloak_clientsecret_regenerate.py +++ b/plugins/modules/keycloak_clientsecret_regenerate.py @@ -43,8 +43,8 @@ options: id: description: - The unique identifier for this client. - - This parameter is not required for getting or generating a client secret but providing it will reduce the number of - API calls required. + - This parameter is not required for getting or generating a client secret but providing it reduces the number of API + calls required. type: str client_id: diff --git a/plugins/modules/keycloak_clienttemplate.py b/plugins/modules/keycloak_clienttemplate.py index 53b1266c7c..ee357605f1 100644 --- a/plugins/modules/keycloak_clienttemplate.py +++ b/plugins/modules/keycloak_clienttemplate.py @@ -35,8 +35,8 @@ options: state: description: - State of the client template. - - On V(present), the client template will be created (or updated if it exists already). - - On V(absent), the client template will be removed if it exists. + - On V(present), the client template is created (or updated if it exists already). + - On V(absent), the client template is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str @@ -238,10 +238,7 @@ proposed: description: Representation of proposed client template. returned: always type: dict - sample: - { - "name": "test01" - } + sample: {"name": "test01"} existing: description: Representation of existing client template (sample is truncated). diff --git a/plugins/modules/keycloak_component.py b/plugins/modules/keycloak_component.py index 15c3c8e731..8b0c67b321 100644 --- a/plugins/modules/keycloak_component.py +++ b/plugins/modules/keycloak_component.py @@ -35,8 +35,8 @@ options: state: description: - State of the Keycloak component. - - On V(present), the component will be created (or updated if it exists already). - - On V(absent), the component will be removed if it exists. + - On V(present), the component is created (or updated if it exists already). + - On V(absent), the component is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str diff --git a/plugins/modules/keycloak_group.py b/plugins/modules/keycloak_group.py index 865b52213a..7053b33a35 100644 --- a/plugins/modules/keycloak_group.py +++ b/plugins/modules/keycloak_group.py @@ -20,9 +20,9 @@ description: scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/20.0.2/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. - When updating a group, where possible provide the group ID to the module. This removes a lookup to the API to translate the name into the group ID. attributes: @@ -37,9 +37,9 @@ options: state: description: - State of the group. - - On V(present), the group will be created if it does not yet exist, or updated with the parameters you provide. - - On V(absent), the group will be removed if it exists. Be aware that absenting a group with subgroups will automatically - delete all its subgroups too. + - On V(present), the group is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the group is removed if it exists. Be aware that absenting a group with subgroups automatically deletes + all its subgroups too. default: 'present' type: str choices: @@ -61,8 +61,7 @@ options: type: str description: - The unique identifier for this group. - - This parameter is not required for updating or deleting a group but providing it will reduce the number of API calls - required. + - This parameter is not required for updating or deleting a group but providing it reduces the number of API calls required. attributes: type: dict description: @@ -282,8 +281,7 @@ end_state: returned: always sample: [] subGroups: - description: A list of groups that are children of this group. These groups will have the same parameters as documented - here. + description: A list of groups that are children of this group. These groups have the same parameters as documented here. type: list returned: always clientRoles: diff --git a/plugins/modules/keycloak_identity_provider.py b/plugins/modules/keycloak_identity_provider.py index eea168a14b..40a06846d6 100644 --- a/plugins/modules/keycloak_identity_provider.py +++ b/plugins/modules/keycloak_identity_provider.py @@ -34,9 +34,8 @@ options: state: description: - State of the identity provider. - - On V(present), the identity provider will be created if it does not yet exist, or updated with the parameters you - provide. - - On V(absent), the identity provider will be removed if it exists. + - On V(present), the identity provider is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the identity provider is removed if it exists. default: 'present' type: str choices: @@ -148,14 +147,14 @@ options: sync_mode: description: - - Default sync mode for all mappers. The sync mode determines when user data will be synced using the mappers. + - Default sync mode for all mappers. The sync mode determines when user data is synced using the mappers. aliases: - syncMode type: str issuer: description: - - The issuer identifier for the issuer of the response. If not provided, no validation will be performed. + - The issuer identifier for the issuer of the response. If not provided, no validation is performed. type: str authorizationUrl: @@ -205,7 +204,7 @@ options: useJwksUrl: description: - - If the switch is on, identity provider public keys will be downloaded from given JWKS URL. + - If V(true), identity provider public keys are downloaded from given JWKS URL. type: bool jwksUrl: @@ -215,7 +214,7 @@ options: entityId: description: - - The Entity ID that will be used to uniquely identify this SAML Service Provider. + - The Entity ID that is used to uniquely identify this SAML Service Provider. type: str singleSignOnServiceUrl: diff --git a/plugins/modules/keycloak_realm.py b/plugins/modules/keycloak_realm.py index c2d4dceb21..c8bc7dc7df 100644 --- a/plugins/modules/keycloak_realm.py +++ b/plugins/modules/keycloak_realm.py @@ -39,8 +39,8 @@ options: state: description: - State of the realm. - - On V(present), the realm will be created (or updated if it exists already). - - On V(absent), the realm will be removed if it exists. + - On V(present), the realm is created (or updated if it exists already). + - On V(absent), the realm is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str @@ -553,19 +553,31 @@ proposed: description: Representation of proposed realm. returned: always type: dict - sample: {realm: "test"} + sample: {"realm": "test"} existing: description: Representation of existing realm (sample is truncated). returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: Representation of realm after module execution (sample is truncated). returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ diff --git a/plugins/modules/keycloak_realm_info.py b/plugins/modules/keycloak_realm_info.py index 838b19513d..501ca48c21 100644 --- a/plugins/modules/keycloak_realm_info.py +++ b/plugins/modules/keycloak_realm_info.py @@ -19,9 +19,9 @@ description: - This module allows you to get Keycloak realm public information using the Keycloak REST API. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. extends_documentation_fragment: - community.general.attributes - community.general.attributes.info_module diff --git a/plugins/modules/keycloak_realm_key.py b/plugins/modules/keycloak_realm_key.py index 4f6caa4464..dbb284ec4b 100644 --- a/plugins/modules/keycloak_realm_key.py +++ b/plugins/modules/keycloak_realm_key.py @@ -25,11 +25,9 @@ description: at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). Aliases are provided so camelCased versions can be used as well. - This module is unable to detect changes to the actual cryptographic key after importing it. However, if some other property - is changed alongside the cryptographic key, then the key will also get changed as a side-effect, as the JSON payload needs - to include the private key. This can be considered either a bug or a feature, as the alternative would be to always update - the realm key whether it has changed or not. - - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current - state of the certificate to the desired state (which may be empty) is not possible. + is changed alongside the cryptographic key, then the key also changes as a side-effect, as the JSON payload needs to include + the private key. This can be considered either a bug or a feature, as the alternative would be to always update the realm + key whether it has changed or not. attributes: check_mode: support: full @@ -42,8 +40,8 @@ options: state: description: - State of the keycloak realm key. - - On V(present), the realm key will be created (or updated if it exists already). - - On V(absent), the realm key will be removed if it exists. + - On V(present), the realm key is created (or updated if it exists already). + - On V(absent), the realm key is removed if it exists. choices: ['present', 'absent'] default: 'present' type: str @@ -119,10 +117,10 @@ options: notes: - Current value of the private key cannot be fetched from Keycloak. Therefore comparing its desired state to the current state is not possible. - - If certificate is not explicitly provided it will be dynamically created by Keycloak. Therefore comparing the current + - If O(config.certificate) is not explicitly provided it is dynamically created by Keycloak. Therefore comparing the current state of the certificate to the desired state (which may be empty) is not possible. - Due to the private key and certificate options the module is B(not fully idempotent). You can use O(force=true) to force - the module to always update if you know that the private key might have changed. + the module to ensure updating if you know that the private key might have changed. extends_documentation_fragment: - community.general.keycloak - community.general.keycloak.actiongroup_keycloak @@ -208,7 +206,21 @@ end_state: description: Realm key configuration. type: dict returned: when O(state=present) - sample: {"active": ["true"], "algorithm": ["RS256"], "enabled": ["true"], "priority": ["140"]} + sample: + { + "active": [ + "true" + ], + "algorithm": [ + "RS256" + ], + "enabled": [ + "true" + ], + "priority": [ + "140" + ] + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ diff --git a/plugins/modules/keycloak_realm_rolemapping.py b/plugins/modules/keycloak_realm_rolemapping.py index 2e3366d422..2b6b6a4eda 100644 --- a/plugins/modules/keycloak_realm_rolemapping.py +++ b/plugins/modules/keycloak_realm_rolemapping.py @@ -22,9 +22,9 @@ description: definition with the scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/18.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. - When updating a group_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to translate the name into the role ID. attributes: @@ -39,9 +39,8 @@ options: state: description: - State of the realm_rolemapping. - - On C(present), the realm_rolemapping will be created if it does not yet exist, or updated with the parameters you - provide. - - On C(absent), the realm_rolemapping will be removed if it exists. + - On C(present), the realm_rolemapping is created if it does not yet exist, or updated with the parameters you provide. + - On C(absent), the realm_rolemapping is removed if it exists. default: 'present' type: str choices: @@ -86,8 +85,8 @@ options: type: str description: - ID of the group to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. roles: description: - Roles to be mapped to the group. @@ -103,8 +102,8 @@ options: type: str description: - The unique identifier for this role_representation. - - This parameter is not required for updating or deleting a role_representation but providing it will reduce the - number of API calls required. + - This parameter is not required for updating or deleting a role_representation but providing it reduces the number + of API calls required. extends_documentation_fragment: - community.general.keycloak - community.general.keycloak.actiongroup_keycloak @@ -195,7 +194,7 @@ proposed: description: Representation of proposed client role mapping. returned: always type: dict - sample: {clientId: "test"} + sample: {"clientId": "test"} existing: description: @@ -203,7 +202,13 @@ existing: - The sample is truncated. returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: @@ -211,7 +216,13 @@ end_state: - The sample is truncated. returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import ( diff --git a/plugins/modules/keycloak_role.py b/plugins/modules/keycloak_role.py index c9979653c5..f49d55f599 100644 --- a/plugins/modules/keycloak_role.py +++ b/plugins/modules/keycloak_role.py @@ -22,9 +22,9 @@ description: scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. attributes: check_mode: support: full @@ -37,8 +37,8 @@ options: state: description: - State of the role. - - On V(present), the role will be created if it does not yet exist, or updated with the parameters you provide. - - On V(absent), the role will be removed if it exists. + - On V(present), the role is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the role is removed if it exists. default: 'present' type: str choices: @@ -195,10 +195,7 @@ proposed: description: Representation of proposed role. returned: always type: dict - sample: - { - "description": "My updated test description" - } + sample: {"description": "My updated test description"} existing: description: Representation of existing role. diff --git a/plugins/modules/keycloak_user.py b/plugins/modules/keycloak_user.py index 83bf8f5d02..02eb226a4d 100644 --- a/plugins/modules/keycloak_user.py +++ b/plugins/modules/keycloak_user.py @@ -101,9 +101,9 @@ options: groups: description: - List of groups for the user. - Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering). - The path syntax allows you to reference subgroups, which is not possible otherwise. - This is possible since community.general 10.6.0. + - Groups can be referenced by their name, like V(staff), or their path, like V(/staff/engineering). The path syntax + allows you to reference subgroups, which is not possible otherwise. + - Using the path is possible since community.general 10.6.0. type: list elements: dict default: [] diff --git a/plugins/modules/keycloak_user_federation.py b/plugins/modules/keycloak_user_federation.py index b3b86111c0..3290ab8dd9 100644 --- a/plugins/modules/keycloak_user_federation.py +++ b/plugins/modules/keycloak_user_federation.py @@ -34,8 +34,8 @@ options: state: description: - State of the user federation. - - On V(present), the user federation will be created if it does not yet exist, or updated with the parameters you provide. - - On V(absent), the user federation will be removed if it exists. + - On V(present), the user federation is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the user federation is removed if it exists. default: 'present' type: str choices: @@ -50,7 +50,7 @@ options: id: description: - - The unique ID for this user federation. If left empty, the user federation will be searched by its O(name). + - The unique ID for this user federation. If left empty, the user federation is searched by its O(name). type: str name: @@ -76,7 +76,7 @@ options: parent_id: description: - - Unique ID for the parent of this user federation. Realm ID will be automatically used if left blank. + - Unique ID for the parent of this user federation. Realm ID is automatically used if left blank. aliases: - parentId type: str @@ -95,11 +95,11 @@ options: value with the desired value always evaluates to not equal. This means the before and desired states are never equal if the parameter is set. - Set to V(always) to include O(config.bindCredential) in the comparison of before and desired state. Because of the - redacted value returned by Keycloak the module will always detect a change and make an update if a O(config.bindCredential) + redacted value returned by Keycloak the module always detects a change and make an update if a O(config.bindCredential) value is set. - Set to V(only_indirect) to exclude O(config.bindCredential) when comparing the before state with the desired state. - The value of O(config.bindCredential) will only be updated if there are other changes to the user federation that - require an update. + The value of O(config.bindCredential) is only updated if there are other changes to the user federation that require + an update. type: str default: always choices: @@ -129,14 +129,14 @@ options: importEnabled: description: - - If V(true), LDAP users will be imported into Keycloak DB and synced by the configured sync policies. + - If V(true), LDAP users are imported into Keycloak DB and synced by the configured sync policies. default: true type: bool editMode: description: - - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data will be synced back to LDAP on demand. V(UNSYNCED) - means user data will be imported, but not synced back to LDAP. + - V(READ_ONLY) is a read-only LDAP store. V(WRITABLE) means data is synced back to LDAP on demand. V(UNSYNCED) means + user data is imported, but not synced back to LDAP. type: str choices: - READ_ONLY @@ -181,7 +181,7 @@ options: userObjectClasses: description: - All values of LDAP objectClass attribute for users in LDAP divided by comma. For example V(inetOrgPerson, organizationalPerson). - Newly created Keycloak users will be written to LDAP with all those object classes and existing LDAP user records + Newly created Keycloak users are written to LDAP with all those object classes and existing LDAP user records are found just if they contain all those object classes. type: str @@ -222,7 +222,7 @@ options: bindDn: description: - - DN of LDAP user which will be used by Keycloak to access LDAP server. + - DN of LDAP user which is used by Keycloak to access LDAP server. type: str bindCredential: @@ -232,7 +232,7 @@ options: startTls: description: - - Encrypts the connection to LDAP using STARTTLS, which will disable connection pooling. + - Encrypts the connection to LDAP using STARTTLS, which disables connection pooling. default: false type: bool @@ -258,11 +258,11 @@ options: useTruststoreSpi: description: - - Specifies whether LDAP connection will use the truststore SPI with the truststore configured in standalone.xml/domain.xml. - V(always) means that it will always use it. V(never) means that it will not use it. V(ldapsOnly) means that it - will use if your connection URL use ldaps. + - Specifies whether LDAP connection uses the truststore SPI with the truststore configured in standalone.xml/domain.xml. + V(always) means that it always uses it. V(never) means that it does not use it. V(ldapsOnly) means that it uses + if your connection URL use ldaps. - Note even if standalone.xml/domain.xml is not configured, the default Java cacerts or certificate specified by - C(javax.net.ssl.trustStore) property will be used. + C(javax.net.ssl.trustStore) property is used. default: ldapsOnly type: str choices: @@ -335,8 +335,8 @@ options: allowKerberosAuthentication: description: - - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users will - be provisioned from this LDAP server. + - Enable/disable HTTP authentication of users with SPNEGO/Kerberos tokens. The data about authenticated users is + provisioned from this LDAP server. default: false type: bool @@ -348,9 +348,9 @@ options: krbPrincipalAttribute: description: - Name of the LDAP attribute, which refers to Kerberos principal. This is used to lookup appropriate LDAP user after - successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user will be looked based - on LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG), - it will assume that LDAP username is V(john). + successful Kerberos/SPNEGO authentication in Keycloak. When this is empty, the LDAP user is looked up based on + LDAP username corresponding to the first part of his Kerberos principal. For instance, for principal C(john@KEYCLOAK.ORG), + it assumes that LDAP username is V(john). type: str version_added: 8.1.0 @@ -419,17 +419,17 @@ options: evictionDay: description: - - Day of the week the entry will become invalid on. + - Day of the week the entry is set to become invalid on. type: str evictionHour: description: - - Hour of day the entry will become invalid on. + - Hour of day the entry is set to become invalid on. type: str evictionMinute: description: - - Minute of day the entry will become invalid on. + - Minute of day the entry is set to become invalid on. type: str maxLifespan: @@ -461,12 +461,12 @@ options: name: description: - - Name of the mapper. If no ID is given, the mapper will be searched by name. + - Name of the mapper. If no ID is given, the mapper is searched by name. type: str parentId: description: - - Unique ID for the parent of this mapper. ID of the user federation will automatically be used if left blank. + - Unique ID for the parent of this mapper. ID of the user federation is automatically used if left blank. type: str providerId: diff --git a/plugins/modules/keycloak_user_rolemapping.py b/plugins/modules/keycloak_user_rolemapping.py index 794ea369d7..49d71e2ca9 100644 --- a/plugins/modules/keycloak_user_rolemapping.py +++ b/plugins/modules/keycloak_user_rolemapping.py @@ -21,9 +21,9 @@ description: the scope tailored to your needs and a user having the expected roles. - The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html). - - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that - way by this module. You may pass single values for attributes when calling the module, and this will be translated into - a list suitable for the API. + - Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and are returned that way + by this module. You may pass single values for attributes when calling the module, and this is translated into a list + suitable for the API. - When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to translate the name into the role ID. attributes: @@ -38,8 +38,8 @@ options: state: description: - State of the user_rolemapping. - - On V(present), the user_rolemapping will be created if it does not yet exist, or updated with the parameters you provide. - - On V(absent), the user_rolemapping will be removed if it exists. + - On V(present), the user_rolemapping is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the user_rolemapping is removed if it exists. default: 'present' type: str choices: @@ -61,14 +61,14 @@ options: type: str description: - ID of the user to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. service_account_user_client_id: type: str description: - Client ID of the service-account-user to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. client_id: type: str description: @@ -79,8 +79,8 @@ options: type: str description: - ID of the client to be mapped. - - This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of - API calls required. + - This parameter is not required for updating or deleting the rolemapping but providing it reduces the number of API + calls required. roles: description: - Roles to be mapped to the user. @@ -96,8 +96,8 @@ options: type: str description: - The unique identifier for this role_representation. - - This parameter is not required for updating or deleting a role_representation but providing it will reduce the - number of API calls required. + - This parameter is not required for updating or deleting a role_representation but providing it reduces the number + of API calls required. extends_documentation_fragment: - community.general.keycloak - community.general.keycloak.actiongroup_keycloak @@ -190,7 +190,7 @@ proposed: description: Representation of proposed client role mapping. returned: always type: dict - sample: {clientId: "test"} + sample: {"clientId": "test"} existing: description: @@ -198,7 +198,13 @@ existing: - The sample is truncated. returned: always type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } end_state: description: @@ -206,7 +212,13 @@ end_state: - The sample is truncated. returned: on success type: dict - sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}} + sample: + { + "adminUrl": "http://www.example.com/admin_url", + "attributes": { + "request.object.signature.alg": "RS256" + } + } """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, \ diff --git a/plugins/modules/keycloak_userprofile.py b/plugins/modules/keycloak_userprofile.py index a79ca93890..81594de5c3 100644 --- a/plugins/modules/keycloak_userprofile.py +++ b/plugins/modules/keycloak_userprofile.py @@ -33,9 +33,8 @@ options: state: description: - State of the User Profile provider. - - On V(present), the User Profile provider will be created if it does not yet exist, or updated with the parameters - you provide. - - On V(absent), the User Profile provider will be removed if it exists. + - On V(present), the User Profile provider is created if it does not yet exist, or updated with the parameters you provide. + - On V(absent), the User Profile provider is removed if it exists. default: 'present' type: str choices: @@ -171,7 +170,7 @@ options: group: description: - - Specifies the User Profile group where this attribute will be added. + - Specifies the User Profile group where this attribute is added. type: str permissions: @@ -406,7 +405,6 @@ data: description: The data returned by the Keycloak API. returned: when state is present type: dict - sample: {'...': '...'} """ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ diff --git a/plugins/modules/kibana_plugin.py b/plugins/modules/kibana_plugin.py index 09703b504c..8e8ccd106d 100644 --- a/plugins/modules/kibana_plugin.py +++ b/plugins/modules/kibana_plugin.py @@ -59,11 +59,11 @@ options: version: description: - Version of the plugin to be installed. - - If plugin exists with previous version, plugin will B(not) be updated unless O(force) is set to V(true). + - If the plugin is installed with in a previous version, it is B(not) updated unless O(force=true). type: str force: description: - - Delete and re-install the plugin. Can be useful for plugins update. + - Delete and re-install the plugin. It can be useful for plugins update. type: bool default: false allow_root: diff --git a/plugins/modules/krb_ticket.py b/plugins/modules/krb_ticket.py index e021050c22..3a01944535 100644 --- a/plugins/modules/krb_ticket.py +++ b/plugins/modules/krb_ticket.py @@ -30,7 +30,7 @@ options: principal: description: - The principal name. - - If not set, the user running this module will be used. + - If not set, the user running this module is used. type: str state: description: @@ -50,17 +50,17 @@ options: - Use O(cache_name) as the ticket cache name and location. - If this option is not used, the default cache name and location are used. - The default credentials cache may vary between systems. - - If not set the the value of E(KRB5CCNAME) environment variable will be used instead, its value is used to name the - default ticket cache. + - If not set the the value of E(KRB5CCNAME) environment variable is used instead, its value is used to name the default + ticket cache. type: str lifetime: description: - Requests a ticket with the lifetime, if the O(lifetime) is not specified, the default ticket lifetime is used. - - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) will not override the + - Specifying a ticket lifetime longer than the maximum ticket lifetime (configured by each site) does not override the configured maximum ticket lifetime. - 'The value for O(lifetime) must be followed by one of the following suffixes: V(s) - seconds, V(m) - minutes, V(h) - hours, V(d) - days.' - - You cannot mix units; a value of V(3h30m) will result in an error. + - You cannot mix units; a value of V(3h30m) results in an error. - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference. type: str start_time: @@ -78,7 +78,7 @@ options: - Requests renewable tickets, with a total lifetime equal to O(renewable). - 'The value for O(renewable) must be followed by one of the following delimiters: V(s) - seconds, V(m) - minutes, V(h) - hours, V(d) - days.' - - You cannot mix units; a value of V(3h30m) will result in an error. + - You cannot mix units; a value of V(3h30m) results in an error. - See U(https://web.mit.edu/kerberos/krb5-1.12/doc/basic/date_format.html) for reference. type: str forwardable: @@ -119,7 +119,7 @@ options: keytab: description: - Requests a ticket, obtained from a key in the local host's keytab. - - If O(keytab_path) is not specified will try to use default client keytab path (C(-i) option). + - If O(keytab_path) is not specified it tries to use default client keytab path (C(-i) option). type: bool keytab_path: description: