known_hosts: don't modify `AnsibleModule.params` (#83517)

Using this dictionary to store the return values results in the return values showing up in the returned `invocation['module_args']`, which is confusing. It also causes all module arguments to be returned, which is preserved by this change but should ideally be removed in the future.
5 months ago · 4f6a4534a7
parent 83a0975611
commit 4f6a4534a7
2 changed files with 14 additions and 9 deletions
--- a/changelogs/fragments/known_hosts_module_args.yml
+++ b/changelogs/fragments/known_hosts_module_args.yml
@ -0,0 +1,2 @@
+bugfixes:
+  - known_hosts - the returned module invocation now accurately reflects the module arguments.
--- a/lib/ansible/modules/known_hosts.py
+++ b/lib/ansible/modules/known_hosts.py
@ -101,6 +101,7 @@ EXAMPLES = r'''
 #    state = absent|present (default: present)

 import base64
+import copy
 import errno
 import hashlib
 import hmac
@ -118,6 +119,7 @@ def enforce_state(module, params):
    Add or remove key.
    """

+    results = dict(changed=False)
    host = params["name"].lower()
    key = params.get("key", None)
    path = params.get("path")
@ -140,13 +142,12 @@ def enforce_state(module, params):

    found, replace_or_add, found_line = search_for_host_key(module, host, key, path, sshkeygen)

-    params['diff'] = compute_diff(path, found_line, replace_or_add, state, key)
+    results['diff'] = compute_diff(path, found_line, replace_or_add, state, key)

    # check if we are trying to remove a non matching key,
    # in that case return with no change to the host
    if state == 'absent' and not found_line and key:
-        params['changed'] = False
-        return params
+        return results

    # We will change state if found==True & state!="present"
    # or found==False & state=="present"
@ -154,15 +155,15 @@ def enforce_state(module, params):
    # Alternatively, if replace is true (i.e. key present, and we must change
    # it)
    if module.check_mode:
-        module.exit_json(changed=replace_or_add or (state == "present") != found,
-                         diff=params['diff'])
+        results['changed'] = replace_or_add or (state == "present") != found
+        module.exit_json(**results)

    # Now do the work.

    # Only remove whole host if found and no key provided
    if found and not key and state == "absent":
        module.run_command([sshkeygen, '-R', host, '-f', path], check_rc=True)
-        params['changed'] = True
+        results['changed'] = True

    # Next, add a new (or replacing) entry
    if replace_or_add or found != (state == "present"):
@ -188,9 +189,9 @@ def enforce_state(module, params):
        else:
            module.atomic_move(outf.name, path)

-        params['changed'] = True
+        results['changed'] = True

-    return params
+    return results


 def sanity_check(module, host, key, sshkeygen):
@ -364,7 +365,9 @@ def main():
        supports_check_mode=True
    )

-    results = enforce_state(module, module.params)
+    # TODO: deprecate returning everything that was passed in
+    results = copy.copy(module.params)
+    results.update(enforce_state(module, module.params))
    module.exit_json(**results)