Add diff support to user module #48880
Open
+42
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hi @mgedmin, thank you for submitting this pull-request! |
ansibot
added
affects_2.8
bcoca
removed
the
needs_triage
ansibot
added
needs_rebase
This is not 100% complete (only the generic usermod-based User implementation reports changes), but it's better than nothing. Motivated by complete opaqueness of changed=True when a user's groups do not match what Ansible wants them to be.
ansibot
added
core_review
samdoran
reviewed
Nov 27, 2018
This is a good start, but it does need some refinement. Please add support for other platforms as well as integration tests. Feel free to ask questions and I'll help in any way I can.
| @@ -2609,6 +2629,10 @@ def main(): | |||
| module.fail_json(name=user.name, msg=err, rc=rc) | |||
| result['force'] = user.force | |||
| result['remove'] = user.remove | |||
| result['diff'] = { | |||
| 'before': 'user exists\n', | |||
There was a problem hiding this comment.
Return the actual username here:
Suggested change
| 'before': 'user exists\n', | |
| 'before': '{0} exists\n'.format(user.name), |
| @@ -2609,6 +2629,10 @@ def main(): | |||
| module.fail_json(name=user.name, msg=err, rc=rc) | |||
| result['force'] = user.force | |||
| result['remove'] = user.remove | |||
| result['diff'] = { | |||
| 'before': 'user exists\n', | |||
| 'after': 'user removed\n', | |||
There was a problem hiding this comment.
Suggested change
| 'after': 'user removed\n', | |
| 'after': '{0} removed\n'.format(user.name), |
| @@ -2619,11 +2643,27 @@ def main(): | |||
| else: | |||
| result['system'] = user.system | |||
| result['create_home'] = user.create_home | |||
| result['diff'] = { | |||
There was a problem hiding this comment.
Move this up to before line 2641 so that the diff is returned in check mode.
| @@ -2619,11 +2643,27 @@ def main(): | |||
| else: | |||
| result['system'] = user.system | |||
| result['create_home'] = user.create_home | |||
| result['diff'] = { | |||
| 'before': 'user does not exist\n', | |||
There was a problem hiding this comment.
Suggested change
| 'before': 'user does not exist\n', | |
| 'before': '{0} does not exist\n'.format(user.name), |
| @@ -2619,11 +2643,27 @@ def main(): | |||
| else: | |||
| result['system'] = user.system | |||
| result['create_home'] = user.create_home | |||
| result['diff'] = { | |||
| 'before': 'user does not exist\n', | |||
| 'after': 'user created\n', | |||
There was a problem hiding this comment.
Suggested change
| 'after': 'user created\n', | |
| 'after': '{0} created\n'.format(user.name), |
| @@ -744,17 +760,21 @@ def modify_user_usermod(self): | |||
| if current_expires < 0 or current_expire_date[:3] != self.expires[:3]: | |||
| cmd.append('-e') | |||
| cmd.append(time.strftime(self.DATE_FORMAT, self.expires)) | |||
| self.changes['expires'] = (current_expires, self.expires) | |||
There was a problem hiding this comment.
Format the date string here so it's more human readable in the diff:
Suggested change
| self.changes['expires'] = (current_expires, self.expires) | |
| self.changes['expires'] = (current_expires, time.strftime(self.DATE_FORMAT, self.expires)) |
There was a problem hiding this comment.
In that case I think I should also format current_expires the same way.
samdoran
suggested changes
Nov 27, 2018
You'll need to return the diff when exiting in check mode:
module.exit_json(changed=True, diff=result['diff'])
ansibot
added
needs_revision
ansibot
added
the
stale_ci
ansibot
added
core_review
ansibot
added
needs_revision
ansibot
added
the
needs_rebase
ansibot
added
the
needs_repo
ansibot
added
pre_azp
|
waiting_on_contributor |
ansibot
added
the
waiting_on_contributor
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
SUMMARY
Make the
usermodule report what was changed if you run ansible-playbook --diff.ISSUE TYPE
COMPONENT NAME
user
ADDITIONAL INFORMATION
This was motivated by me trying to manage user group memberships with Ansible and having no way to verify that my playbook is correct when the
usermodule reportschangedwith no details whatsoever.What this does is produce brief diffs that lists old and new values of all user attributes that were modified, e.g.
This is not 100% complete (only the generic usermod-based User implementation reports changes, all those FreeBsdUser etc subclasses need to be updated), but it's better than nothing.
When a user is created or deleted, instead of listing all the attributes only a brief summary is shown, e.g.