From 891d9cff726fa849c0354734257c9e2c17a6dd13 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 3 Jan 2025 12:38:08 +0100 Subject: [PATCH] Using evaluated configuration in roles/389ds-config-plugins/tasks/referint.yaml --- roles/389ds-config-plugins/tasks/main.yaml | 6 +- .../389ds-config-plugins/tasks/memberof.yaml | 6 +- .../389ds-config-plugins/tasks/referint.yaml | 59 ++++++++----------- 3 files changed, 28 insertions(+), 43 deletions(-) diff --git a/roles/389ds-config-plugins/tasks/main.yaml b/roles/389ds-config-plugins/tasks/main.yaml index d7967db..3a9fac6 100644 --- a/roles/389ds-config-plugins/tasks/main.yaml +++ b/roles/389ds-config-plugins/tasks/main.yaml @@ -32,9 +32,9 @@ ds389_plugin_referint_config: true when: ds389_plugin_referint_config is undefined -# - name: "Configuring the 389ds referential-integrity-Plugin." -# include_tasks: 'referint.yaml' -# when: (ds389_plugin_referint_config | bool) == true +- name: "Configuring the 389ds referential-integrity-Plugin." + include_tasks: 'referint.yaml' + when: (ds389_plugin_referint_config | bool) == true - name: "Set default for ds389_plugin_attr_uniq_config." set_fact: diff --git a/roles/389ds-config-plugins/tasks/memberof.yaml b/roles/389ds-config-plugins/tasks/memberof.yaml index 30e0676..994d497 100644 --- a/roles/389ds-config-plugins/tasks/memberof.yaml +++ b/roles/389ds-config-plugins/tasks/memberof.yaml @@ -1,10 +1,5 @@ --- -- name: 'Show raw memberof attribute config.' - debug: - var: plugin_memberof - verbosity: 3 - - name: 'Predefine variable exec_set to false' set_fact: exec_set: false @@ -37,6 +32,7 @@ - name: "Has the memberOf-Plugin to be configured:" debug: var: exec_set + verbosity: 1 - name: "Configure the memberof plugin, if necessary." when: exec_set == true diff --git a/roles/389ds-config-plugins/tasks/referint.yaml b/roles/389ds-config-plugins/tasks/referint.yaml index 5250482..d0bfc74 100644 --- a/roles/389ds-config-plugins/tasks/referint.yaml +++ b/roles/389ds-config-plugins/tasks/referint.yaml @@ -1,28 +1,5 @@ --- -- name: 'Get the current configuration of the referential-integrity-Plugin.' - ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin referential-integrity show | \ - grep -P -i '^(referint|nsslapd-pluginEnabled)' | \ - sed -e 's/^referint-//i' -e 's/nsslapd-plugin//i' | tr '[:upper:]' '[:lower:]' | \ - sort || true" - register: plugin_referint - changed_when: false - check_mode: false - -- name: 'Show raw referential-integrity attribute config.' - debug: - var: plugin_referint - verbosity: 3 - -- name: "Set variable plugin_referint_config" - set_fact: - plugin_referint_config: "{{ plugin_referint.stdout_lines | cfg_389ds_to_dict }}" - -- name: "Show config hash:" - debug: - var: plugin_referint_config - verbosity: 2 - - name: 'Predefine variable exec_set to false' set_fact: exec_set: false @@ -30,17 +7,28 @@ - name: 'Check for membership-attr not set.' set_fact: exec_set: true - when: '"membership-attr" not in plugin_referint_config' + when: '"membership_attr" not in ds389_plugin_config.referint' - name: 'Check for membership-attr.' - set_fact: - exec_set: true - when: '"groupattr" in plugin_referint_config and (plugin_referint_config["membership-attr"] | compare_lc_list(ds389_plugin_referint_membership_attributes) != true)' + when: '"membership_attr" in ds389_plugin_config.referint and (ds389_plugin_config.referint["membership_attr"] | compare_lc_list(ds389_plugin_referint_membership_attributes) != true)' + block: + + - debug: + var: 'ds389_plugin_config.referint["membership_attr"]' + verbosity: 0 + + - debug: + var: ds389_plugin_referint_membership_attributes + verbosity: 0 + + - name: 'Set exec_set to true because of membership-attr.' + set_fact: + exec_set: true - name: 'Check for update-delay.' set_fact: exec_set: true - when: '"update-delay" not in plugin_referint_config or plugin_referint_config["update-delay"] != ds389_plugin_referint_update_delay' + when: '"update_delay" not in ds389_plugin_config.referint or ds389_plugin_config.referint["update_delay"] != ds389_plugin_referint_update_delay' - name: 'Set expected logfile.' set_fact: @@ -48,17 +36,18 @@ - name: "Show referential-integrity-Plugin logfile stuff" debug: - msg: "Current logfile: '{{ plugin_referint_config['logfile'] }}', expected: '{{ referint_expected_logfile }}'." - verbosity: 0 + msg: "Current logfile: '{{ ds389_plugin_config.referint['logfile'] }}', expected: '{{ referint_expected_logfile }}'." + verbosity: 1 -- name: 'Check for logfilelogfile.' +- name: 'Check for logfile.' set_fact: exec_set: true - when: plugin_referint_config['logfile'] != referint_expected_logfile + when: ds389_plugin_config.referint['logfile'] != referint_expected_logfile - name: "Has the referential-integrity-Plugin to be configured:" debug: var: exec_set + verbosity: 1 - name: "Configure the referential-integrity plugin, if necessary." when: exec_set == true @@ -84,13 +73,13 @@ - name: "Show the command to execute:" debug: var: plugin_referint_cmd - verbosity: 0 + verbosity: 1 - name: "Finally configure the referential-integrity plugin." ansible.builtin.shell: "{{ plugin_referint_cmd }}" - name: "Enabling referential-integrity plugin." - when: "plugin_referint_config['enabled'] == false and ds389_plugin_referint_enabled == true" + when: "ds389_plugin_config.referint['enabled'] == false and ds389_plugin_referint_enabled == true" block: - name: "Enabling referential-integrity plugin." @@ -101,7 +90,7 @@ restart_389ds: true - name: "Disabling referential-integrity plugin." - when: "plugin_referint_config['enabled'] == true and ds389_plugin_referint_enabled == false" + when: "ds389_plugin_config.referint['enabled'] == true and ds389_plugin_referint_enabled == false" block: - name: "Disabling referential-integrity plugin." -- 2.39.5