Skip to content

Allow for toggling of LDAP attribute ordering #68628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
tacerus wants to merge 1 commit into
base: 3006.x
Choose a base branch
from
Draft

Allow for toggling of LDAP attribute ordering #68628

tacerus wants to merge 1 commit into from

Conversation

@tacerus
Copy link
Contributor

@tacerus tacerus commented Jan 13, 2026

What does this PR do?

With some LDAP implementations attributes are not stored and returned in the order in which they were added, leading to the state repeatedly reporting changes. Introduce a toggle which enables internal sorting of old and new attributes and restores idempotency in such situations.

What issues does this PR fix or reference?

Fixes #68626.

Previous Behavior

Stray changes upon ordering differences.

New Behavior

No changes if ordering is not deemed relevant.

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

Yes

@tacerus
Allow for toggling of LDAP attribute ordering
1e49a62 
With some LDAP implementations attributes are not stored and returned in
the order in which they were added, leading to the state repeatedly
reporting changes. Introduce a toggle which enables internal sorting of
old and new attributes and restores idempotency in such situations.

Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
@tacerus tacerus mentioned this pull request Jan 13, 2026
Open
bdrx312
bdrx312 reviewed Jan 16, 2026
View reviewed changes
salt/states/ldap.py
Comment on lines -350 to -351
# convert the value sets to lists before returning them to the
# user (sorted for easier comparisons)
Copy link
Contributor

@bdrx312 bdrx312 Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This comment was removed, but sorted is still called on the output below on line 368 attr: sorted(vals).

Copy link
Contributor Author

@tacerus tacerus Jan 16, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the pointer, that indeed needs to go too.
Currently I have this a bit stalled because I submitted python-ldap/python-ldap#604 in parallel, and in case that gets approved, it would be nice to make strict_order support a list of attributes instead of only a general toggle. Generally the improvements here would not do much without the patch in python-ldap (besides improving the output after removing the sorted() you mention), because the change would be reported but never committed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@bdrx312 bdrx312 bdrx312 left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tacerus @bdrx312