Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

implemented check mode #13

Merged
merged 1 commit into from
Jun 21, 2024
Merged

implemented check mode #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,10 @@ That means:
## HOW DO I DEBUG DURING THE DEV PROCESS?

Ansible makes it _really_ hard to get good insight into a module.
The most reliable way is to log to stdout and make your function not return anything.
At this point, Ansible will throw an error and dump the module's stdout.
I suggest setting the debug environment variable
````bash
export ANSIBLE_DEBUG=True
````
This will then print all kind of debug info to your screen.
In this mode, you can simply use `print` within your python code to have it show up during the run.
I heavily encourage turning debug mode back off in production, because passwords will be printed to your screen, even if they are specified as no-log.
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ If anyone wants to initialize a collection of our own, i'm ready for the PR.
- **Type**: `str`

- `action`:
- **Description**: The Action you want to take on the Secret Server. Must be one of "search", "get", "upsert", "update". "search" performs a text search over all the secret names your user has access to. "get" looks up a single secret by its ID. "upsert" will look for the secret_name and folder_id you specify. If no secret exists that matches those two criteria, a new secret will be created. If a secret already exists that matches both criteria, the secret will be updated with the values you provided. If more than one secret matches both criteria, no secret will be changed. You cannot change the secret type or its name with this method. Any other fields you set will be overwritten with that value. If you do not specify a field that was previously set, it will not be overwritten. If you want to explicitly clear a field of any values, specify it to `set_to_none`. "update" updates the password of an existing secret."get" and "search" will run in check mode, "upsert" and "update" will return after doing the input validation
- **Description**: The Action you want to take on the Secret Server. Must be one of "search", "get", "upsert", "update". "search" performs a text search over all the secret names your user has access to. "get" looks up a single secret by its ID. "upsert" will look for the secret_name and folder_id you specify. If no secret exists that matches those two criteria, a new secret will be created. If a secret already exists that matches both criteria, the secret will be updated with the values you provided. If more than one secret matches both criteria, no secret will be changed. You cannot change the secret type or its name with this method. Any other fields you set will be overwritten with that value. If you do not specify a field that was previously set, it will not be overwritten. If you want to explicitly clear a field of any values, specify it to `set_to_none`. "update" updates the password of an existing secret. "get" and "search" will run in check mode, "upsert" and "update" will skip after doing the input validation (ergo the module will still fail in check mode if the input you have given is nonsense or incomplete)
- **Required**: `true`
- **Type**: `str`

Expand Down
16 changes: 6 additions & 10 deletions library/secretserver.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1149,6 +1149,10 @@ def update_secret(secret_name: str,
return {"success": False, "reason": "Could not lookup if secret exists", "search_result": search_result}


def debug(var):
print(var)


def main():
# define available arguments/parameters a user can pass to the module
module_args = dict(
Expand Down Expand Up @@ -1193,12 +1197,6 @@ def main():
supports_check_mode=True
)

# if the user is working with this module in only check mode we do not
# want to make any changes to the environment, just return the current
# state with no modifications
if module.check_mode:
module.exit_json(**result)

# input validation
permitted_actions = ["search", "get", "upsert", "update"]
if module.params.get("action") not in permitted_actions:
Expand Down Expand Up @@ -1292,8 +1290,7 @@ def main():

elif action == "upsert":
if module.check_mode:
result["comment"] = "Upsert will do nothing in check mode"
module.exit_json(**result)
module.exit_json(skipped=True, msg="Upsert will do nothing in check mode")
else:
res = update_secret(secret_name=module.params.get("secret_name"),
user_name=module.params.get("user_name"),
Expand Down Expand Up @@ -1321,8 +1318,7 @@ def main():

elif action == "update":
if module.check_mode:
result["comment"] = "Upsert will do nothing in check mode"
module.exit_json(**result)
module.exit_json(skipped=True, msg="Update will do nothing in check mode")
else:
res = update_secret_by_id(
secret_id=int(module.params.get("secret_id")),
Expand Down