collection 교체

collection/community/general/plugins/modules/java_cert.py

@@ -1,8 +1,9 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 
-# Copyright: (c) 2013, RSD Services S.A
-# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+# Copyright (c) 2013, RSD Services S.A
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
 
 from __future__ import absolute_import, division, print_function
 __metaclass__ = type
@@ -15,11 +16,18 @@ short_description: Uses keytool to import/remove certificate to/from java keysto
 description:
   - This is a wrapper module around keytool, which can be used to import certificates
     and optionally private keys to a given java keystore, or remove them from it.
+extends_documentation_fragment:
+  - community.general.attributes
+attributes:
+  check_mode:
+    support: full
+  diff_mode:
+    support: full
 options:
   cert_url:
     description:
       - Basic URL to fetch SSL certificate from.
-      - Exactly one of C(cert_url), C(cert_path) or C(pkcs12_path) is required to load certificate.
+      - Exactly one of O(cert_url), O(cert_path), or O(pkcs12_path) is required to load certificate.
     type: str
   cert_port:
     description:
@@ -30,7 +38,7 @@ options:
   cert_path:
     description:
       - Local path to load certificate from.
-      - Exactly one of C(cert_url), C(cert_path) or C(pkcs12_path) is required to load certificate.
+      - Exactly one of O(cert_url), O(cert_path), or O(pkcs12_path) is required to load certificate.
     type: path
   cert_alias:
     description:
@@ -41,21 +49,20 @@ options:
     description:
       - Trust imported cert as CAcert.
     type: bool
-    default: False
+    default: false
     version_added: '0.2.0'
   pkcs12_path:
     description:
       - Local path to load PKCS12 keystore from.
-      - Unlike C(cert_url) and C(cert_path), the PKCS12 keystore embeds the private key matching
+      - Unlike O(cert_url) and O(cert_path), the PKCS12 keystore embeds the private key matching
         the certificate, and is used to import both the certificate and its private key into the
         java keystore.
-      - Exactly one of C(cert_url), C(cert_path) or C(pkcs12_path) is required to load certificate.
+      - Exactly one of O(cert_url), O(cert_path), or O(pkcs12_path) is required to load certificate.
     type: path
   pkcs12_password:
     description:
       - Password for importing from PKCS12 keystore.
     type: str
-    default: ''
   pkcs12_alias:
     description:
       - Alias in the PKCS12 keystore.
@@ -118,17 +125,17 @@ EXAMPLES = r'''
     cert_path: /opt/certs/rootca.crt
     keystore_path: /tmp/cacerts
     keystore_pass: changeit
-    keystore_create: yes
+    keystore_create: true
     state: present
     cert_alias: LE_RootCA
-    trust_cacert: True
+    trust_cacert: true
 
 - name: Import SSL certificate from google.com to a keystore, create it if it doesn't exist
   community.general.java_cert:
     cert_url: google.com
     keystore_path: /tmp/cacerts
     keystore_pass: changeit
-    keystore_create: yes
+    keystore_create: true
     state: present
 
 - name: Import a pkcs12 keystore with a specified alias, create it if it doesn't exist
@@ -137,7 +144,7 @@ EXAMPLES = r'''
     cert_alias: default
     keystore_path: /opt/wildfly/standalone/configuration/defaultkeystore.jks
     keystore_pass: changeit
-    keystore_create: yes
+    keystore_create: true
     state: present
 
 - name: Import SSL certificate to JCEKS keystore
@@ -149,7 +156,7 @@ EXAMPLES = r'''
     keystore_path: /opt/someapp/security/keystore.jceks
     keystore_type: "JCEKS"
     keystore_pass: changeit
-    keystore_create: yes
+    keystore_create: true
     state: present
 '''
 
@@ -175,8 +182,6 @@ cmd:
 
 import os
 import tempfile
-import random
-import string
 import re
 
 
@@ -283,7 +288,8 @@ def _export_public_cert_from_pkcs12(module, executable, pkcs_file, alias, passwo
     (export_rc, export_stdout, export_err) = module.run_command(export_cmd, data=password, check_rc=False)
 
     if export_rc != 0:
-        module.fail_json(msg="Internal module failure, cannot extract public certificate from pkcs12, error: %s" % export_stdout,
+        module.fail_json(msg="Internal module failure, cannot extract public certificate from PKCS12, message: %s" % export_stdout,
+                         stderr=export_err,
                          rc=export_rc)
 
     with open(dest, 'w') as f: