search

ionos-cloud / module-ansible

Apache License 2.0
10 stars 8 forks source link

Idempotency mode for user module #201

Closed jplitza closed 2 months ago

jplitza commented 3 months ago

Current SDK Version

7.4.1

Use-cases

It would be nice to use the ionoscloudsdk.ionoscloud.user module in a "create if it does not exist" way for technical accounts whose passwords should be auto-generated and not even be stored anywhere.

We have tons of those accounts for S3 access, and don't really care about their passwords. We just want them to be there.

Attempted Solutions

Currently, we use 

- name: Create IONOS user for application
  ionoscloudsdk.ionoscloud.user:
    user_password: "{{ lookup('ansible.builtin.password', '/dev/null chars=ascii_letters,digits') }}"
    # ...

But that causes Ansible to change the password on every invocation and consequently report the module as changed.

Proposal

The ionoscloudsdk.ionoscloud.s3key module has an idempotency flag that has a similar purpose. It would be nice if the user module had something similar (dont_update_password?), which would cause the user_password to be ignored for existing accounts.

References

rmocanu-ionos commented 2 months ago

Hello, this should be available in the latest beta release, v7.5.0-beta.1, please let us if we should make any changes to the current implementation

jplitza commented 2 months ago

Thanks for the quick implementation! It's more generic than I would have needed, but works for me. :+1: