From 58cb8ca4fa0f2ac3ae6d1d640974de8293a50aed Mon Sep 17 00:00:00 2001
From: ShIRann Chen <72802064+ShIRannx@users.noreply.github.com>
Date: Sat, 12 Oct 2024 02:02:39 +0800
Subject: feat: checksum_algo param for find module (#83014)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: shirann <shirannx@gmail.com>
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <webknjaz@redhat.com>
---
 changelogs/fragments/find-checksum.yml             |  2 ++
 lib/ansible/modules/find.py                        | 18 ++++++++-------
 lib/ansible/modules/stat.py                        | 20 +++-------------
 .../plugins/doc_fragments/checksum_common.py       | 27 ++++++++++++++++++++++
 test/integration/targets/find/tasks/main.yml       | 23 ++++++++++++++++++
 5 files changed, 65 insertions(+), 25 deletions(-)
 create mode 100644 changelogs/fragments/find-checksum.yml
 create mode 100644 lib/ansible/plugins/doc_fragments/checksum_common.py

diff --git a/changelogs/fragments/find-checksum.yml b/changelogs/fragments/find-checksum.yml
new file mode 100644
index 0000000000..c713beabd6
--- /dev/null
+++ b/changelogs/fragments/find-checksum.yml
@@ -0,0 +1,2 @@
+minor_changes:
+  - find - add a checksum_algorithm parameter to specify which type of checksum the module will return
diff --git a/lib/ansible/modules/find.py b/lib/ansible/modules/find.py
index 0e25923a32..8c2820c48e 100644
--- a/lib/ansible/modules/find.py
+++ b/lib/ansible/modules/find.py
@@ -29,6 +29,10 @@ options:
             - You can choose seconds, minutes, hours, days, or weeks by specifying the
               first letter of any of those words (e.g., "1w").
         type: str
+    get_checksum:
+        default: false
+    checksum_algorithm:
+        version_added: "2.19"
     patterns:
         default: []
         description:
@@ -132,11 +136,6 @@ options:
             - Set this to V(true) to follow symlinks in path for systems with python 2.6+.
         type: bool
         default: no
-    get_checksum:
-        description:
-            - Set this to V(true) to retrieve a file's SHA1 checksum.
-        type: bool
-        default: no
     use_regex:
         description:
             - If V(false), the patterns are file globs (shell).
@@ -163,7 +162,7 @@ options:
             - Default is unlimited matches.
         type: int
         version_added: "2.18"
-extends_documentation_fragment: action_common_attributes
+extends_documentation_fragment: [action_common_attributes, checksum_common]
 attributes:
     check_mode:
         details: since this action does not modify the target it just executes normally during check mode
@@ -482,6 +481,9 @@ def main():
             hidden=dict(type='bool', default=False),
             follow=dict(type='bool', default=False),
             get_checksum=dict(type='bool', default=False),
+            checksum_algorithm=dict(type='str', default='sha1',
+                                    choices=['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'],
+                                    aliases=['checksum', 'checksum_algo']),
             use_regex=dict(type='bool', default=False),
             depth=dict(type='int'),
             mode=dict(type='raw'),
@@ -583,7 +585,7 @@ def main():
 
                             r.update(statinfo(st))
                             if stat.S_ISREG(st.st_mode) and params['get_checksum']:
-                                r['checksum'] = module.sha1(fsname)
+                                r['checksum'] = module.digest_from_file(fsname, params['checksum_algorithm'])
 
                             if stat.S_ISREG(st.st_mode):
                                 if sizefilter(st, size):
@@ -608,7 +610,7 @@ def main():
 
                             r.update(statinfo(st))
                             if params['get_checksum']:
-                                r['checksum'] = module.sha1(fsname)
+                                r['checksum'] = module.digest_from_file(fsname, params['checksum_algorithm'])
                             filelist.append(r)
 
                     elif stat.S_ISLNK(st.st_mode) and params['file_type'] == 'link':
diff --git a/lib/ansible/modules/stat.py b/lib/ansible/modules/stat.py
index 274374c28d..81707af7a8 100644
--- a/lib/ansible/modules/stat.py
+++ b/lib/ansible/modules/stat.py
@@ -25,23 +25,6 @@ options:
       - Whether to follow symlinks.
     type: bool
     default: no
-  get_checksum:
-    description:
-      - Whether to return a checksum of the file.
-    type: bool
-    default: yes
-    version_added: "1.8"
-  checksum_algorithm:
-    description:
-      - Algorithm to determine checksum of file.
-      - Will throw an error if the host is unable to use specified algorithm.
-      - The remote host has to support the hashing method specified, V(md5)
-        can be unavailable if the host is FIPS-140 compliant.
-    type: str
-    choices: [ md5, sha1, sha224, sha256, sha384, sha512 ]
-    default: sha1
-    aliases: [ checksum, checksum_algo ]
-    version_added: "2.0"
   get_mime:
     description:
       - Use file magic and return data about the nature of the file. This uses
@@ -59,8 +42,11 @@ options:
     default: yes
     aliases: [ attr, attributes ]
     version_added: "2.3"
+  get_checksum:
+    version_added: "1.8"
 extends_documentation_fragment:
   -  action_common_attributes
+  -  checksum_common
 attributes:
     check_mode:
         support: full
diff --git a/lib/ansible/plugins/doc_fragments/checksum_common.py b/lib/ansible/plugins/doc_fragments/checksum_common.py
new file mode 100644
index 0000000000..73936a5106
--- /dev/null
+++ b/lib/ansible/plugins/doc_fragments/checksum_common.py
@@ -0,0 +1,27 @@
+# Copyright (c) 2024 ShIRann Chen <shirannx@gmail.com>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import annotations
+
+
+class ModuleDocFragment(object):
+
+    DOCUMENTATION = r"""
+options:
+    checksum_algorithm:
+        description:
+        - Algorithm to determine checksum of file.
+        - Will throw an error if the host is unable to use specified algorithm.
+        - The remote host has to support the hashing method specified, V(md5)
+            can be unavailable if the host is FIPS-140 compliant.
+        - Availability might be restricted by the target system, for example FIPS systems won't allow md5 use
+        type: str
+        choices: [ md5, sha1, sha224, sha256, sha384, sha512 ]
+        default: sha1
+        aliases: [ checksum, checksum_algo ]
+        version_added: "2.0"
+    get_checksum:
+        description:
+        - Whether to return a checksum of the file.
+        type: bool
+        default: yes
+"""
diff --git a/test/integration/targets/find/tasks/main.yml b/test/integration/targets/find/tasks/main.yml
index afc55fbaf0..ec028f9c48 100644
--- a/test/integration/targets/find/tasks/main.yml
+++ b/test/integration/targets/find/tasks/main.yml
@@ -227,6 +227,29 @@
       that:
           - success_to_read_right_encoding_file.matched == 1
 
+- name: specify the checksum_algo
+  register: find_by_specific_algo_res
+  find:
+    paths: "{{ remote_tmp_dir_test }}"
+    get_checksum: true
+    checksum_algorithm: md5
+
+- debug: var=find_by_specific_algo_res
+
+- name: get the md5 checksum by stat
+  register: all_files_st
+  stat:
+    get_checksum: true
+    checksum_algorithm: md5
+    path: "{{ item.path }}"
+  loop: "{{ find_by_specific_algo_res.files }}"
+
+- assert:
+      that: "all_files_st.results[index].stat.checksum == item.checksum"
+  loop: "{{ find_by_specific_algo_res.files }}"
+  loop_control:
+    index_var: index
+
 - name: read a gbk file by non-exists encoding
   find:
     paths: "{{ remote_tmp_dir_test }}"
-- 
cgit v1.2.3