From 35bd3cb8f60eea24bf34c58ff1174b24a88e653a Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 5 Dec 2024 15:55:59 +0100 Subject: [PATCH] Extending Ansible role 389ds-config-plugins --- inventory/dpx-ldap-dev1.yaml | 2 + .../tasks/attr-uniq-entry-remove.yaml | 15 ++++ .../tasks/attr-uniq-entry.yaml | 77 +++++++++++++++++++ .../389ds-config-plugins/tasks/attr-uniq.yaml | 24 +++++- 4 files changed, 115 insertions(+), 3 deletions(-) create mode 100644 roles/389ds-config-plugins/tasks/attr-uniq-entry-remove.yaml create mode 100644 roles/389ds-config-plugins/tasks/attr-uniq-entry.yaml diff --git a/inventory/dpx-ldap-dev1.yaml b/inventory/dpx-ldap-dev1.yaml index 1e2c294..25e901b 100644 --- a/inventory/dpx-ldap-dev1.yaml +++ b/inventory/dpx-ldap-dev1.yaml @@ -54,5 +54,7 @@ all: 'uidNumber': subtrees: - 'o=isp' + 'blaBlub': + ensure: absent # vim: filetype=yaml diff --git a/roles/389ds-config-plugins/tasks/attr-uniq-entry-remove.yaml b/roles/389ds-config-plugins/tasks/attr-uniq-entry-remove.yaml new file mode 100644 index 0000000..ec7e177 --- /dev/null +++ b/roles/389ds-config-plugins/tasks/attr-uniq-entry-remove.yaml @@ -0,0 +1,15 @@ +--- + +- name: "Removing attr-uniq entry." + debug: + msg: "Removing attr-uniq entry {{ entry_name | quote }}." + verbosity: 0 + +- name: "Finally remove attr-uniq entry." + ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin attr-uniq delete {{ entry_name | quote }}" + +- name: "Setting restart_389ds." + set_fact: + restart_389ds: true + +# vim: filetype=yaml diff --git a/roles/389ds-config-plugins/tasks/attr-uniq-entry.yaml b/roles/389ds-config-plugins/tasks/attr-uniq-entry.yaml new file mode 100644 index 0000000..a9458ca --- /dev/null +++ b/roles/389ds-config-plugins/tasks/attr-uniq-entry.yaml @@ -0,0 +1,77 @@ +--- + +- name: "Define attr-uniq entry name." + set_fact: + entry_name: "{{ attr_name }} attribute uniqueness" + entry_name_lc: "{{ attr_name | lower }} attribute uniqueness" + +- name: "Configure particular attr-uniq entry." + debug: + var: entry_name + verbosity: 0 + +- name: 'Define presence or absence of attr-uniq entry.' + set_fact: + entry_should_exists: true + when: "'ensure' not in entry_data" + +- name: 'Define presence or absence of attr-uniq entry.' + when: "'ensure' in entry_data" + block: + + - name: 'Define presence or absence of attr-uniq entry by ensure == "present".' + set_fact: + entry_should_exists: true + when: "(entry_data['ensure'] | lower ) == 'present'" + + - name: 'Define presence or absence of attr-uniq entry by ensure == "absent".' + set_fact: + entry_should_exists: false + when: "(entry_data['ensure'] | lower ) == 'absent'" + + - name: 'Define presence or absence of attr-uniq entry by ensure.' + when: "(entry_data['ensure'] | lower ) != 'present' and ( entry_data['ensure'] | lower ) != 'absent'" + block: + + - name: 'Define presence or absence of attr-uniq entry by ensure to bool (true).' + set_fact: + entry_should_exists: true + when: "entry_data['ensure'] | bool == true" + + - name: 'Define presence or absence of attr-uniq entry by ensure to bool (false).' + set_fact: + entry_should_exists: false + when: "entry_data['ensure'] | bool == false" + +- debug: + msg: "Entry {{ entry_name | quote }} should exists: {{ entry_should_exists }}" + verbosity: 2 + +- name: 'Ensure absence of attr-uniq entry.' + when: "entry_should_exists == false" + block: + + - name: 'Ensure absence of attr-uniq entry.' + debug: + msg: "Ensure absence of attr-uniq entry {{ entry_name | quote }}." + verbosity: 0 + + - name: 'Purge unwanted existing attr-uniq entry.' + include_tasks: 'attr-uniq-entry-remove.yaml' + when: entry_name_lc in cur_attr_uniq_entries_lc + +- name: 'Manage wanted attr-uniq entry.' + when: "entry_should_exists == true" + block: + + - name: 'Add attr-uniq entry.' + debug: + msg: "Adding attr-uniq entry {{ entry_name | quote }}." + when: entry_name_lc not in cur_attr_uniq_entries_lc + + - name: 'Set attr-uniq entry.' + debug: + msg: "Setting attr-uniq entry {{ entry_name | quote }}." + when: entry_name_lc in cur_attr_uniq_entries_lc + +# vim: filetype=yaml diff --git a/roles/389ds-config-plugins/tasks/attr-uniq.yaml b/roles/389ds-config-plugins/tasks/attr-uniq.yaml index 6903b8e..da0b928 100644 --- a/roles/389ds-config-plugins/tasks/attr-uniq.yaml +++ b/roles/389ds-config-plugins/tasks/attr-uniq.yaml @@ -24,11 +24,20 @@ set_fact: cur_attr_uniq_entries: "{{ get_all_attr_uniq_entries.stdout_lines | map('regex_replace', '\\s*$', '') }}" +- name: "Set cur_attr_uniq_entries_lc." + set_fact: + cur_attr_uniq_entries_lc: "{{ cur_attr_uniq_entries | map('lower') }}" + - name: 'Show cur_attr_uniq_entries.' debug: var: cur_attr_uniq_entries verbosity: 2 +- name: 'Show cur_attr_uniq_entries_lc.' + debug: + var: cur_attr_uniq_entries_lc + verbosity: 3 + - name: 'Set exp_attr_uniq_entries_lc.' set_fact: exp_attr_uniq_entries_lc: [] @@ -43,17 +52,26 @@ var: exp_attr_uniq_entries_lc verbosity: 2 +- name: 'Configure attr-uniq entry.' + include_tasks: 'attr-uniq-entry.yaml' + vars: + attr_name: "{{ attrdict.key }}" + entry_data: "{{ attrdict.value }}" + loop: "{{ uniq_attributes | dict2items }}" + loop_control: + loop_var: attrdict + - name: 'Purge attr-uniq entries.' when: (ds389_plugin_attr_uniq_purge | bool) == true block: - name: 'Purge unnecessary attr-uniq entries.' - debug: - msg: "Deleting attr-uniq entry '{{ attr_uniq_entry }}'." + include_tasks: 'attr-uniq-entry-remove.yaml' + vars: + entry_name: "{{ attr_uniq_entry }}" when: ( attr_uniq_entry | lower ) not in exp_attr_uniq_entries_lc loop: "{{ cur_attr_uniq_entries }}" loop_control: loop_var: attr_uniq_entry - # vim: filetype=yaml -- 2.39.5