diff options
author | Felix Fontein <felix@fontein.de> | 2019-12-03 21:59:15 +0100 |
---|---|---|
committer | Matt Davis <nitzmahone@users.noreply.github.com> | 2019-12-03 12:59:15 -0800 |
commit | 0ed744c0a090e834f37121d54700027ec23215e0 (patch) | |
tree | 601e53c044cdea05bf559a1e402da2d6ec4748df | |
parent | 34eb3f54ddf9921cd5e0a9921b5f0b3919967816 (diff) | |
download | ansible-0ed744c0a090e834f37121d54700027ec23215e0.tar.gz |
openssl_csr: make sure privatekey_path is specified when state is present (#65435) (#65460)
* Make sure privatekey_path is specified when state is present.
* Add changelog.
(cherry picked from commit ae4363f6d104a5ea211d5e35848a8f98150e2306)
-rw-r--r-- | changelogs/fragments/65435-openssl_csr-privatekey_path-required.yml | 2 | ||||
-rw-r--r-- | lib/ansible/modules/crypto/openssl_csr.py | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/changelogs/fragments/65435-openssl_csr-privatekey_path-required.yml b/changelogs/fragments/65435-openssl_csr-privatekey_path-required.yml new file mode 100644 index 0000000000..e7bb5a15d1 --- /dev/null +++ b/changelogs/fragments/65435-openssl_csr-privatekey_path-required.yml @@ -0,0 +1,2 @@ +bugfixes: +- "openssl_csr - the module will now enforce that ``privatekey_path`` is specified when ``state=present``." diff --git a/lib/ansible/modules/crypto/openssl_csr.py b/lib/ansible/modules/crypto/openssl_csr.py index 8489822500..8503d64b09 100644 --- a/lib/ansible/modules/crypto/openssl_csr.py +++ b/lib/ansible/modules/crypto/openssl_csr.py @@ -44,8 +44,8 @@ options: privatekey_path: description: - The path to the private key to use when signing the certificate signing request. + - Required if I(state) is C(present). type: path - required: true privatekey_passphrase: description: - The passphrase for the private key. @@ -851,7 +851,7 @@ def main(): argument_spec=dict( state=dict(type='str', default='present', choices=['absent', 'present']), digest=dict(type='str', default='sha256'), - privatekey_path=dict(type='path', require=True), + privatekey_path=dict(type='path'), privatekey_passphrase=dict(type='str', no_log=True), version=dict(type='int', default=1), force=dict(type='bool', default=False), @@ -878,6 +878,7 @@ def main(): backup=dict(type='bool', default=False), select_crypto_backend=dict(type='str', default='auto', choices=['auto', 'cryptography', 'pyopenssl']), ), + required_if=[('state', 'present', ['privatekey_path'])], add_file_common_args=True, supports_check_mode=True, ) |