shared argument spec for FreeIPA (#28950)

Adds unified argument spec and documentation updates for FreeIPA modules. Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2025-07-27 23:21:22 -07:00 · 2017-09-08 00:37:15 +05:30 · 2017-09-08 00:37:15 +05:30 · 4a73390823
commit 4a73390823
parent 67c7bd8745
12 changed files with 197 additions and 537 deletions
--- a/lib/ansible/modules/identity/ipa/ipa_hbacrule.py
+++ b/lib/ansible/modules/identity/ipa/ipa_hbacrule.py
@ -27,7 +27,6 @@ options:
    aliases: ["name"]
  description:
    description: Description
-    required: false
  host:
    description:
    - List of host names to assign.
@ -36,7 +35,6 @@ options:
    required: false
  hostcategory:
    description: Host category
-    required: false
    choices: ['all']
  hostgroup:
    description:
@ -50,7 +48,6 @@ options:
    - If option is omitted services will not be checked or changed.
  servicecategory:
    description: Service category
-    required: false
    choices: ['all']
  servicegroup:
    description:
@ -64,7 +61,6 @@ options:
    - If option is omitted source hosts will not be checked or changed.
  sourcehostcategory:
    description: Source host category
-    required: false
    choices: ['all']
  sourcehostgroup:
    description:
@ -73,7 +69,6 @@ options:
    - If option is omitted source host groups will not be checked or changed.
  state:
    description: State to ensure
-    required: false
    default: "present"
    choices: ["present", "absent", "enabled", "disabled"]
  user:
@ -83,40 +78,13 @@ options:
    - If option is omitted users will not be checked or changed.
  usercategory:
    description: User category
-    required: false
    choices: ['all']
  usergroup:
    description:
    - List of user group names to assign.
    - If an empty list if passed all assigned user groups will be removed from the rule.
    - If option is omitted user groups will not be checked or changed.
-  ipa_port:
-    description: Port of IPA server
-    required: false
-    default: 443
-  ipa_host:
-    description: IP or hostname of IPA server
-    required: false
-    default: "ipa.example.com"
-  ipa_user:
-    description: Administrative account used on IPA server
-    required: false
-    default: "admin"
-  ipa_pass:
-    description: Password of administrative user
-    required: true
-  ipa_prot:
-    description: Protocol used by IPA server
-    required: false
-    default: "https"
-    choices: ["http", "https"]
-  validate_certs:
-    description:
-    - This only applies if C(ipa_prot) is I(https).
-    - If set to C(no), the SSL certificates will not be validated.
-    - This should only set to C(no) used on personally controlled sites using self-signed certificates.
-    required: false
-    default: true
+extends_documentation_fragment: ipa.documentation
 version_added: "2.3"
 '''

@ -165,7 +133,7 @@ hbacrule:
 import traceback

 from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils.ipa import IPAClient
+from ansible.module_utils.ipa import IPAClient, ipa_argument_spec
 from ansible.module_utils._text import to_native


@ -329,33 +297,26 @@ def ensure(module, client):


 def main():
-    module = AnsibleModule(
-        argument_spec=dict(
-            cn=dict(type='str', required=True, aliases=['name']),
-            description=dict(type='str', required=False),
-            host=dict(type='list', required=False),
-            hostcategory=dict(type='str', required=False, choices=['all']),
-            hostgroup=dict(type='list', required=False),
-            service=dict(type='list', required=False),
-            servicecategory=dict(type='str', required=False, choices=['all']),
-            servicegroup=dict(type='list', required=False),
-            sourcehost=dict(type='list', required=False),
-            sourcehostcategory=dict(type='str', required=False, choices=['all']),
-            sourcehostgroup=dict(type='list', required=False),
-            state=dict(type='str', required=False, default='present',
-                       choices=['present', 'absent', 'enabled', 'disabled']),
-            user=dict(type='list', required=False),
-            usercategory=dict(type='str', required=False, choices=['all']),
-            usergroup=dict(type='list', required=False),
-            ipa_prot=dict(type='str', required=False, default='https', choices=['http', 'https']),
-            ipa_host=dict(type='str', required=False, default='ipa.example.com'),
-            ipa_port=dict(type='int', required=False, default=443),
-            ipa_user=dict(type='str', required=False, default='admin'),
-            ipa_pass=dict(type='str', required=True, no_log=True),
-            validate_certs=dict(type='bool', required=False, default=True),
-        ),
-        supports_check_mode=True,
-    )
+    argument_spec = ipa_argument_spec()
+    argument_spec.update(cn=dict(type='str', required=True, aliases=['name']),
+                         description=dict(type='str'),
+                         host=dict(type='list'),
+                         hostcategory=dict(type='str', choices=['all']),
+                         hostgroup=dict(type='list'),
+                         service=dict(type='list'),
+                         servicecategory=dict(type='str', choices=['all']),
+                         servicegroup=dict(type='list'),
+                         sourcehost=dict(type='list'),
+                         sourcehostcategory=dict(type='str', choices=['all']),
+                         sourcehostgroup=dict(type='list'),
+                         state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']),
+                         user=dict(type='list'),
+                         usercategory=dict(type='str', choices=['all']),
+                         usergroup=dict(type='list'))
+
+    module = AnsibleModule(argument_spec=argument_spec,
+                           supports_check_mode=True
+                           )

    client = HBACRuleIPAClient(module=module,
                               host=module.params['ipa_host'],