From 09250cb2c5d8b26a45cfbb1e1f65aba9d71d2c82 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Tue, 6 Jun 2023 13:00:26 +0200
Subject: [PATCH] ipaservice: Updated and new tests for certificates and multi
service handling
The tests test_services_absent.yml, test_services_present.yml and
test_services_present_slice.yml have been updated to use in memory data
for testing instead of loading json files. This made is simpler to use
variables from the playbook for example for fqdn host names.
New tests for certificates with and without trailing new lines have been
added for single service and multiple service handling.
---
.../test_service_certificate_newline.yml | 200 +++++++++++
.../test_services_certificate_newline.yml | 314 ++++++++++++++++++
tests/service/create_services_json.yml | 22 --
tests/service/generate_test_data.yml | 98 ++++++
tests/service/hosts.sh | 24 --
tests/service/services.sh | 25 --
tests/service/services_absent.sh | 22 --
tests/service/test_services_absent.yml | 23 +-
tests/service/test_services_present.yml | 72 ++--
tests/service/test_services_present_slice.yml | 91 +++--
10 files changed, 735 insertions(+), 156 deletions(-)
create mode 100644 tests/service/certificate/test_service_certificate_newline.yml
create mode 100644 tests/service/certificate/test_services_certificate_newline.yml
delete mode 100644 tests/service/create_services_json.yml
create mode 100644 tests/service/generate_test_data.yml
delete mode 100644 tests/service/hosts.sh
delete mode 100644 tests/service/services.sh
delete mode 100644 tests/service/services_absent.sh
diff --git a/tests/service/certificate/test_service_certificate_newline.yml b/tests/service/certificate/test_service_certificate_newline.yml
new file mode 100644
index 00000000..01f7c536
--- /dev/null
+++ b/tests/service/certificate/test_service_certificate_newline.yml
@@ -0,0 +1,200 @@
+---
+- name: Test service with certificates with and without trailing new line
+ hosts: ipaserver
+ become: true
+
+ tasks:
+ - name: Include tasks ../../env_freeipa_facts.yml
+ ansible.builtin.include_tasks: ../../env_freeipa_facts.yml
+
+ - name: Setup test environment
+ ansible.builtin.include_tasks: ../env_vars.yml
+
+ - name: Generate self-signed certificates.
+ ansible.builtin.shell:
+ cmd: |
+ openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
+ openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
+ base64 "cert{{ item }}.der" -w5000 > "cert{{ item }}.b64"
+ with_items: [1, 2, 3]
+ become: no
+ delegate_to: localhost
+
+ # The rstrip=False for lookup will add keep the newline at the end of the
+ # cert and this is automatically revoved in IPA, This is an additional
+ # test of ipaservice later on to behave correctly in both cases.
+ - name: Set fact cert1,2,3 from lookup
+ ansible.builtin.set_fact:
+ cert1: "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
+ cert2: "{{ lookup('file', 'cert2.b64', rstrip=True) }}"
+ cert3: "{{ lookup('file', 'cert3.b64', rstrip=False) }}"
+
+ - name: Host {{ svc_fqdn }} absent
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ state: absent
+
+ - name: Host {{ svc_fqdn }} present
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ force: true
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+
+ - name: Service FOO/{{ svc_fqdn }} present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ force: yes
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2 members present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ action: member
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2 members present again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ action: member
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2,3 members present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ action: member
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2,3 members present again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ action: member
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 2,3 member absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ state: absent
+ action: member
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 2,3 member absent again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2,3 members absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} certs 1,2,3 members absent again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert1 }}"
+ - "{{ cert2 }}"
+ - "{{ cert3 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO/{{ svc_fqdn }} absent again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name: "FOO/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Host {{ svc_fqdn }} absent
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Remove certificate files. # noqa: deprecated-command-syntax
+ ansible.builtin.shell:
+ cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
+ with_items: [1, 2, 3]
+ become: no
+ delegate_to: localhost
diff --git a/tests/service/certificate/test_services_certificate_newline.yml b/tests/service/certificate/test_services_certificate_newline.yml
new file mode 100644
index 00000000..33815a01
--- /dev/null
+++ b/tests/service/certificate/test_services_certificate_newline.yml
@@ -0,0 +1,314 @@
+---
+- name: Test services with certificates with and without trailing new line
+ hosts: ipaserver
+ become: true
+
+ tasks:
+ - name: Include tasks ../../env_freeipa_facts.yml
+ ansible.builtin.include_tasks: ../../env_freeipa_facts.yml
+
+ - name: Setup test environment
+ ansible.builtin.include_tasks: ../env_vars.yml
+
+ - name: Generate self-signed certificates.
+ ansible.builtin.shell:
+ cmd: |
+ openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
+ openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
+ base64 "cert{{ item }}.der" -w5000 > "cert{{ item }}.b64"
+ with_items: [11, 12, 13, 21, 22, 23, 31, 32, 33]
+ become: no
+ delegate_to: localhost
+
+ # The rstrip=False for lookup will add keep the newline at the end of the
+ # cert and this is automatically revoved in IPA, This is an additional
+ # test of ipaservice later on to behave correctly in both cases.
+ - name: Set fact for certs 11,12,13,21,22,23,31,32,33 from lookup
+ ansible.builtin.set_fact:
+ cert11: "{{ lookup('file', 'cert11.b64', rstrip=True) }}"
+ cert12: "{{ lookup('file', 'cert12.b64', rstrip=False) }}"
+ cert13: "{{ lookup('file', 'cert13.b64', rstrip=True) }}"
+ cert21: "{{ lookup('file', 'cert21.b64', rstrip=False) }}"
+ cert22: "{{ lookup('file', 'cert22.b64', rstrip=False) }}"
+ cert23: "{{ lookup('file', 'cert23.b64', rstrip=True) }}"
+ cert31: "{{ lookup('file', 'cert31.b64', rstrip=False) }}"
+ cert32: "{{ lookup('file', 'cert32.b64', rstrip=True) }}"
+ cert33: "{{ lookup('file', 'cert33.b64', rstrip=False) }}"
+
+ - name: Services FOO,BAR,BAZ/{{ svc_fqdn }} absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name:
+ - "FOO/{{ svc_fqdn }}"
+ - "BAR/{{ svc_fqdn }}"
+ - "BAZ/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+
+ - name: Host {{ svc_fqdn }} absent
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ state: absent
+
+ - name: Host {{ svc_fqdn }} present
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ force: true
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Services FOO,BAR,BAZ/{{ svc_fqdn }} present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ force: yes
+ - name: "BAR/{{ svc_fqdn }}"
+ force: yes
+ - name: "BAZ/{{ svc_fqdn }}"
+ force: yes
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Services FOO,BAR,BAZ/{{ svc_fqdn }} present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ force: yes
+ - name: "BAR/{{ svc_fqdn }}"
+ force: yes
+ - name: "BAZ/{{ svc_fqdn }}"
+ force: yes
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2 members present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ action: member
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2 members present again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ action: member
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2,x3 members present
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2,x3 members present again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x2,x3 members absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x2,x3 members absent, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2,x3 members absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Service FOO,BAR,BAZ/{{ svc_fqdn }} certs x1,x2,x3 members absent, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ services:
+ - name: "FOO/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert11 }}"
+ - "{{ cert12 }}"
+ - "{{ cert13 }}"
+ - name: "BAR/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert21 }}"
+ - "{{ cert22 }}"
+ - "{{ cert23 }}"
+ - name: "BAZ/{{ svc_fqdn }}"
+ certificate:
+ - "{{ cert31 }}"
+ - "{{ cert32 }}"
+ - "{{ cert33 }}"
+ action: member
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Services FOO,BAR,BAZ/{{ svc_fqdn }} absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name:
+ - "FOO/{{ svc_fqdn }}"
+ - "BAR/{{ svc_fqdn }}"
+ - "BAZ/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Services FOO,BAR,BAZ/{{ svc_fqdn }} absent, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ ipaapi_context: "{{ ipa_context | default(omit) }}"
+ name:
+ - "FOO/{{ svc_fqdn }}"
+ - "BAR/{{ svc_fqdn }}"
+ - "BAZ/{{ svc_fqdn }}"
+ continue: true
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Host {{ svc_fqdn }} absent
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ name: "{{ svc_fqdn }}"
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Remove certificate files. # noqa: deprecated-command-syntax
+ ansible.builtin.shell:
+ cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
+ with_items: [11, 12, 13, 21, 22, 23, 31, 32, 33]
+ become: no
+ delegate_to: localhost
diff --git a/tests/service/create_services_json.yml b/tests/service/create_services_json.yml
deleted file mode 100644
index 197648b5..00000000
--- a/tests/service/create_services_json.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Create services.json
- hosts: localhost
-
- tasks:
- - name: Check if services.json exists
- ansible.builtin.stat:
- path: services.json
- register: register_stat_services
-
- - name: Create services.json
- ansible.builtin.command: /bin/bash services.sh 500
- when: not register_stat_services.stat.exists
-
- - name: Check if hosts.json exists
- ansible.builtin.stat:
- path: hosts.json
- register: register_stat_hosts
-
- - name: Create hosts.json
- ansible.builtin.command: /bin/bash hosts.sh 500
- when: not register_stat_hosts.stat.exists
diff --git a/tests/service/generate_test_data.yml b/tests/service/generate_test_data.yml
new file mode 100644
index 00000000..b046617f
--- /dev/null
+++ b/tests/service/generate_test_data.yml
@@ -0,0 +1,98 @@
+# Generate lists for hosts and services
+---
+- name: Get Domain from server name
+ ansible.builtin.set_fact:
+ ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join('.') }}"
+ when: ipaserver_domain is not defined
+
+- name: Create present services.json data
+ ansible.builtin.shell: |
+ echo "["
+ for i in $(seq 1 "{{ NUM }}"); do
+ echo " {"
+ echo " \"name\": \"HTTP/www$i.{{ DOMAIN }}\","
+ echo " \"principal\": \"host/test$i.{{ DOMAIN }}\","
+ echo " \"force\": \"true\""
+ if [ "$i" -lt "{{ NUM }}" ]; then
+ echo " },"
+ else
+ echo " }"
+ fi
+ done
+ echo "]"
+ vars:
+ NUM: 500
+ DOMAIN: "{{ ipaserver_domain }}"
+ register: command
+
+- name: Set service_list
+ ansible.builtin.set_fact:
+ service_list: "{{ command.stdout | from_json }}"
+
+- name: Create absent services.json data
+ ansible.builtin.shell: |
+ echo "["
+ for i in $(seq 1 "{{ NUM }}"); do
+ echo " {"
+ echo " \"name\": \"HTTP/www$i.{{ DOMAIN }}\","
+ echo " \"continue\": \"true\""
+ if [ "$i" -lt "{{ NUM }}" ]; then
+ echo " },"
+ else
+ echo " }"
+ fi
+ done
+ echo "]"
+ vars:
+ NUM: 500
+ DOMAIN: "{{ ipaserver_domain }}"
+ register: command
+
+- name: Set service_absent_list
+ ansible.builtin.set_fact:
+ service_absent_list: "{{ command.stdout | from_json }}"
+
+- name: Create present hosts.json data
+ ansible.builtin.shell: |
+ echo "["
+ for i in $(seq 1 "{{ NUM }}"); do
+ echo " {"
+ echo " \"name\": \"www$i.{{ DOMAIN }}\","
+ echo " \"force\": \"true\""
+ if [ "$i" -lt "{{ NUM }}" ]; then
+ echo " },"
+ else
+ echo " }"
+ fi
+ done
+ echo "]"
+ vars:
+ NUM: 500
+ DOMAIN: "{{ ipaserver_domain }}"
+ register: command
+
+- name: Set host_list
+ ansible.builtin.set_fact:
+ host_list: "{{ command.stdout | from_json }}"
+
+- name: Create absent hosts.json data
+ ansible.builtin.shell: |
+ echo "["
+ for i in $(seq 1 "{{ NUM }}"); do
+ echo " {"
+ echo " \"name\": \"www$i.{{ DOMAIN }}\""
+ if [ "$i" -lt "{{ NUM }}" ]; then
+ echo " },"
+ else
+ echo " }"
+ fi
+ done
+ echo "]"
+ vars:
+ NUM: 500
+ DOMAIN: "{{ ipaserver_domain }}"
+ register: command
+
+- name: Set host_absent_list
+ ansible.builtin.set_fact:
+ host_absent_list: "{{ command.stdout | from_json }}"
diff --git a/tests/service/hosts.sh b/tests/service/hosts.sh
deleted file mode 100644
index 2a64855c..00000000
--- a/tests/service/hosts.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash -eu
-
-NUM=${1-1000}
-FILE="hosts.json"
-
-echo "{" > "$FILE"
-
-echo " \"host_list\": [" >> "$FILE"
-
-for i in $(seq 1 "$NUM"); do
- {
- echo " {"
- echo " \"name\": \"www.example$i.com\""
- } >> "$FILE"
- if [ "$i" -lt "$NUM" ]; then
- echo " }," >> "$FILE"
- else
- echo " }" >> "$FILE"
- fi
-done
-
-echo " ]" >> "$FILE"
-
-echo "}" >> "$FILE"
diff --git a/tests/service/services.sh b/tests/service/services.sh
deleted file mode 100644
index 79f3b38a..00000000
--- a/tests/service/services.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash -eu
-
-NUM=${1-1000}
-FILE="services.json"
-
-echo "{" > "$FILE"
-
-echo " \"service_list\": [" >> "$FILE"
-
-for i in $(seq 1 "$NUM"); do
- {
- echo " {"
- echo " \"name\": \"HTTP/www.example$i.com\","
- echo " \"principal\": \"host/test.example$i.com\""
- } >> "$FILE"
- if [ "$i" -lt "$NUM" ]; then
- echo " }," >> "$FILE"
- else
- echo " }" >> "$FILE"
- fi
-done
-
-echo " ]" >> "$FILE"
-
-echo "}" >> "$FILE"
diff --git a/tests/service/services_absent.sh b/tests/service/services_absent.sh
deleted file mode 100644
index 80d0b796..00000000
--- a/tests/service/services_absent.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/bash -eu
-
-NUM=1000
-FILE="services_absent.json"
-
-echo "{" > "$FILE"
-
-echo " \"services\": [" >> "$FILE"
-
-for i in $(seq 1 "$NUM"); do
- echo " {" >> "$FILE"
- echo " \"name\": \"HTTP/www.example$i.com\"," >> "$FILE"
- if [ "$i" -lt "$NUM" ]; then
- echo " }," >> "$FILE"
- else
- echo " }" >> "$FILE"
- fi
-done
-
-echo " ]" >> "$FILE"
-
-echo "}" >> "$FILE"
diff --git a/tests/service/test_services_absent.yml b/tests/service/test_services_absent.yml
index a212ee24..473cc8e6 100644
--- a/tests/service/test_services_absent.yml
+++ b/tests/service/test_services_absent.yml
@@ -1,32 +1,15 @@
---
-- name: Include create_services_json.yml
- ansible.builtin.import_playbook: create_services_json.yml
-
- name: Test services absent
hosts: ipaserver
become: true
gather_facts: false
tasks:
- - name: Include services.json
- ansible.builtin.include_vars:
- file: services.json # noqa 505
-
- - name: Create dict with service names
- ansible.builtin.set_fact:
- services_names: "{{ services_names | default([]) + [{'name': item.name}] }}"
- loop: "{{ service_list }}"
+ - name: Include generate_test_data.yml
+ ansible.builtin.include_tasks: generate_test_data.yml
- name: Services absent len:{{ service_list | length }}
ipaservice:
ipaadmin_password: SomeADMINpassword
- services: "{{ services_names }}"
- state: absent
-
-- name: Remove services.json
- hosts: localhost
- tasks:
- - name: Remove services.json
- ansible.builtin.file:
+ services: "{{ service_absent_list }}"
state: absent
- path: services.json
diff --git a/tests/service/test_services_present.yml b/tests/service/test_services_present.yml
index b8491fb7..338737eb 100644
--- a/tests/service/test_services_present.yml
+++ b/tests/service/test_services_present.yml
@@ -1,39 +1,71 @@
---
-- name: Include create_services_json.yml
- ansible.builtin.import_playbook: create_services_json.yml
-
- name: Test services present
hosts: ipaserver
become: true
- gather_facts: false
+ gather_facts: true
tasks:
- - name: Include services.json
- ansible.builtin.include_vars:
- file: services.json # noqa 505
-
- - name: Include hosts.json
- ansible.builtin.include_vars:
- file: hosts.json # noqa 505
+ - name: Include generate_test_data.yml
+ ansible.builtin.include_tasks: generate_test_data.yml
- name: Hosts present len:{{ host_list | length }}
ipahost:
ipaadmin_password: SomeADMINpassword
hosts: "{{ host_list }}"
+ force: true
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Hosts present len:{{ host_list | length }}, again
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_list }}"
+ force: true
+ register: result
+ failed_when: result.changed or result.failed
- name: Services present len:{{ service_list | length }}
ipaservice:
ipaadmin_password: SomeADMINpassword
services: "{{ service_list }}"
+ register: result
+ failed_when: not result.changed or result.failed
-- name: Remove services.json
- hosts: localhost
- tasks:
- - name: Remove services.json
- ansible.builtin.file:
+ - name: Services present len:{{ service_list | length }}, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_list }}"
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Services absent len:{{ service_list | length }}
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_absent_list }}"
+ state: absent
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Services absent len:{{ service_list | length }}, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_absent_list }}"
+ state: absent
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Hosts absent len:{{ host_list | length }}
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_absent_list }}"
state: absent
- path: services.json
- - name: Remove hosts.json
- ansible.builtin.file:
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Hosts absent len:{{ host_list | length }}, again
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_absent_list }}"
state: absent
- path: hosts.json
+ register: result
+ failed_when: result.changed or result.failed
diff --git a/tests/service/test_services_present_slice.yml b/tests/service/test_services_present_slice.yml
index d9e7055d..6a500a39 100644
--- a/tests/service/test_services_present_slice.yml
+++ b/tests/service/test_services_present_slice.yml
@@ -1,46 +1,91 @@
---
-- name: Include create_services_json.yml
- ansible.builtin.import_playbook: create_services_json.yml
-
- name: Test services present slice
hosts: ipaserver
become: true
- gather_facts: false
+ gather_facts: true
vars:
- slice_size: 500
+ slice_size: 100
tasks:
- - name: Include services.json
- ansible.builtin.include_vars:
- file: services.json # noqa 505
- - name: Include hosts.json
- ansible.builtin.include_vars:
- file: hosts.json # noqa 505
- - name: Size of services slice.
+ - name: Include generate_test_data.yml
+ ansible.builtin.include_tasks: generate_test_data.yml
+
+ - name: Size of slice
+ ansible.builtin.debug:
+ msg: "{{ slice_size }}"
+
+ - name: Size of services list
ansible.builtin.debug:
msg: "{{ service_list | length }}"
- - name: Size of hosts slice.
+
+ - name: Size of hosts list
ansible.builtin.debug:
msg: "{{ host_list | length }}"
+
- name: Hosts present
ipahost:
ipaadmin_password: SomeADMINpassword
hosts: "{{ host_list[item : item + slice_size] }}"
- loop: "{{ range(0, service_list | length, slice_size) | list }}"
+ loop: "{{ range(0, host_list | length, slice_size) | list }}"
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Hosts present, again
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_list[item : item + slice_size] }}"
+ loop: "{{ range(0, host_list | length, slice_size) | list }}"
+ register: result
+ failed_when: result.changed or result.failed
+
- name: Services present
ipaservice:
ipaadmin_password: SomeADMINpassword
services: "{{ service_list[item : item + slice_size] }}"
loop: "{{ range(0, service_list | length, slice_size) | list }}"
+ register: result
+ failed_when: not result.changed or result.failed
-- name: Remove services.json
- hosts: localhost
- tasks:
- - name: Remove services.json
- ansible.builtin.file:
+ - name: Services present, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_list[item : item + slice_size] }}"
+ loop: "{{ range(0, service_list | length, slice_size) | list }}"
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Services absent
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_absent_list[item : item + slice_size] }}"
+ state: absent
+ loop: "{{ range(0, service_absent_list | length, slice_size) | list }}"
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Services absent, again
+ ipaservice:
+ ipaadmin_password: SomeADMINpassword
+ services: "{{ service_absent_list[item : item + slice_size] }}"
state: absent
- path: services.json
- - name: Remove hosts.json
- ansible.builtin.file:
+ loop: "{{ range(0, service_absent_list | length, slice_size) | list }}"
+ register: result
+ failed_when: result.changed or result.failed
+
+ - name: Hosts absent
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_absent_list[item : item + slice_size] }}"
+ state: absent
+ loop: "{{ range(0, host_absent_list | length, slice_size) | list }}"
+ register: result
+ failed_when: not result.changed or result.failed
+
+ - name: Hosts absent, again
+ ipahost:
+ ipaadmin_password: SomeADMINpassword
+ hosts: "{{ host_absent_list[item : item + slice_size] }}"
state: absent
- path: hosts.json
+ loop: "{{ range(0, host_absent_list | length, slice_size) | list }}"
+ register: result
+ failed_when: result.changed or result.failed
--
GitLab