VhddlmZmZmZeZdZdZdZddl Z ddl m Z ddl m Z mZddlmZGd d e Zdd Zd Zd ZdZedk(reyy))absolute_importdivisionprint_functiona module: ipa_vault author: Juan Manuel Parrilla (@jparrill) short_description: Manage FreeIPA vaults description: - Add, modify and delete vaults and secret vaults. - KRA service should be enabled to use this module. attributes: check_mode: support: full diff_mode: support: none options: cn: description: - Vault name. - Can not be changed as it is the unique identifier. required: true aliases: ["name"] type: str description: description: - Description. type: str ipavaulttype: description: - Vault types are based on security level. default: "symmetric" choices: ["asymmetric", "standard", "symmetric"] aliases: ["vault_type"] type: str ipavaultpublickey: description: - Public key. aliases: ["vault_public_key"] type: str ipavaultsalt: description: - Vault Salt. aliases: ["vault_salt"] type: str username: description: - Any user can own one or more user vaults. - Mutually exclusive with O(service). aliases: ["user"] type: list elements: str service: description: - Any service can own one or more service vaults. - Mutually exclusive with O(user). type: str state: description: - State to ensure. default: "present" choices: ["absent", "present"] type: str replace: description: - Force replace the existent vault on IPA server. type: bool default: false choices: ["True", "False"] validate_certs: description: - Validate IPA server certificates. type: bool default: true extends_documentation_fragment: - community.general.ipa.documentation - community.general.attributes a - name: Ensure vault is present community.general.ipa_vault: name: vault01 vault_type: standard user: user01 ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure vault is present for Admin user community.general.ipa_vault: name: vault01 vault_type: standard ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure vault is absent community.general.ipa_vault: name: vault01 vault_type: standard user: user01 state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Modify vault if already exists community.general.ipa_vault: name: vault01 vault_type: standard description: "Vault for test" ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret replace: true - name: Get vault info if already exists community.general.ipa_vault: name: vault01 ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret zU vault: description: Vault as returned by IPA API. returned: always type: dict N) AnsibleModule) IPAClientipa_argument_spec) to_nativec6eZdZfdZdZdZdZdZxZS)VaultIPAClientc2tt| ||||y)N)superr __init__)selfmodulehostportprotocol __class__s o/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/general/plugins/modules/ipa_vault.pyrzVaultIPAClient.__init__s nd,VT4Jc0|jddd|dS)N vault_findT)allcnmethodnameitem _post_jsonrrs rrzVaultIPAClient.vault_findslDX\D]^^rc*|jd||S)Nvault_add_internalrrrrrs rr#z!VaultIPAClient.vault_add_internal&:DQQrc*|jd||S)Nvault_mod_internalrrr$s rr'z!VaultIPAClient.vault_mod_internalr%rc(|jd|S)N vault_del)rrrr!s rr)zVaultIPAClient.vault_delsk==r) __name__ __module__ __qualname__rrr#r'r) __classcell__)rs@rr r s K_RR>rr cPi}|||d<|||d<|||d<|||d<|||d<|S)N description ipavaulttype ipavaultsaltipavaultpublickeyservice)r/ vault_type vault_saltvault_public_keyr3vaults rget_vault_dictr9s] E*m *n *n#%5!""i Lrc(|j||S)N)ipa_data module_data)get_diff)client ipa_vault module_vaultrs rget_vault_diffrAs ??IrCruserrEr@r?changeddiffdatakeys rensurerPso MM' "E == D == $DmmI&G!fmmM.JW]WdWdesWt-3]]>-J39==AT3U*0-- *BDL!!t!,IG G$$"55d5N %fivNt9q="G!,,!#'>C(4(8(8(=DI>11t$1G G$$  & F%%4%0 00rct}|jtdddgtdtddgddg tdd g tdd g tdtd dddgtddddgtdddg t|dddgg}t ||j d|j d|j d} |j |j d|j dt||\}}|j|| y#t$r8}|jt|tj!Yd}~yd}~wwxYw)"NstrTr)typerequiredaliases)rS symmetric)standardrV asymmetricr5)rSdefaultchoicesrUr6)rSrUr7boolF)rSrYrZrFabsentlistrK)rSelementsrU) rr/r0r1r2r3rErCrDrDr3) argument_specsupports_check_modemutually_exclusiveipa_hostipa_portipa_prot)rrrripa_useripa_pass)rDpassword)rLr8)msg exception)rupdatedictrr rGloginrP exit_json Exception fail_jsonr traceback format_exc)r_rr>rLr8es rmainrssr%'MDedVHM%)u%5&*{3Zeqdr't&* ~&N+/UEWDX+Y!%5!1!%654QV-!X# IW_K`a"&FUVH"U W/30:I/F.GIF6!'z!:!'z!:%+]]:%>@FM fmmJ7$mmJ7  9/6 MYq\Y5I5I5KLLMsAD// E08.E++E0__main__)NNNNN) __future__rrrrS __metaclass__ DOCUMENTATIONEXAMPLESRETURNrpansible.module_utils.basicr>ansible_collections.community.general.plugins.module_utils.iparr+ansible.module_utils.common.text.convertersr r r9rArPrsr*r4rrr}spA@ I V, \ 4gA>Y>"  I%1PM< zFr