ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 02:25:53 +00:00
Code Activity

ipa_group: fix idempotency when external: false on existing non-external group (#11933)

Browse source 
* fix(ipa_group): skip group_mod when external flag matches IPA state

When external=false (the default), get_group_diff() left the external
key in the diff even though the group was already non-external, causing
a spurious group_mod call that IPA rejected with "no modifications to
be performed". The fix checks equality in both directions.

Fixes #5061

* fix(ipa_group): add changelog fragment for PR 11933

* add quoting to fragment
This commit is contained in:
Alexei Znamensky 2026-05-04 07:27:00 +12:00 committed by GitHub
parent de42aec78b
commit c4fc0ff4e1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/modules/ipa_group.py
View file

@ -238,7 +238,8 @@ def get_group_diff(client, ipa_group, module_group):
del module_group["nonposix"]
if "external" in module_group:
if module_group["external"] and "ipaexternalgroup" in ipa_group.get("objectclass"):
is_external_in_ipa = "ipaexternalgroup" in ipa_group.get("objectclass", [])
if module_group["external"] == is_external_in_ipa:
del module_group["external"]
return client.get_diff(ipa_data=ipa_group, module_data=module_group)