Merge pull request #307 from seocam/molecule-tests

Running upstream tests on Azure pipelines

Merge pull request #307 from seocam/molecule-tests
3633ba5a · Thomas Woerner · GitHub · 4e89da85 · 627c6441 · 3633ba5a
Unverified Commit 3633ba5a authored 4 years ago by Thomas Woerner Committed by GitHub 4 years ago
--- a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml
+++ b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml
@@ -18,7 +18,6 @@

 - name: Get /root/ipa.csr, create CA, sign with our CA and copy to node
  hosts: localhost
-  gather_facts: false

  tasks:
  - name: Run external-ca.sh

--- a/tests/hbacrule/test_hbacrule.yml
+++ b/tests/hbacrule/test_hbacrule.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  # CLEANUP TEST ITEMS

--- a/tests/host/certificate/test_host_certificate.yml
+++ b/tests/host/certificate/test_host_certificate.yml
@@ -21,12 +21,11 @@
 - name: Test host certificates
  hosts: ipaserver
  become: true
-  gather_facts: false

  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Host test absent

--- a/tests/host/certificate/test_hosts_certificate.yml
+++ b/tests/host/certificate/test_hosts_certificate.yml
@@ -21,12 +21,11 @@
 - name: Test host certificates
  hosts: ipaserver
  become: true
-  gather_facts: false

  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Host test absent

--- a/tests/host/test_host.yml
+++ b/tests/host/test_host.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn

--- a/tests/host/test_host_allow_create_keytab.yml
+++ b/tests/host/test_host_allow_create_keytab.yml
@@ -6,12 +6,12 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
    set_fact:
-      ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host3_fqdn

--- a/tests/host/test_host_allow_retrieve_keytab.yml
+++ b/tests/host/test_host_allow_retrieve_keytab.yml
@@ -6,12 +6,12 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
    set_fact:
-      ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host3_fqdn

--- a/tests/host/test_host_bool_params.yml
+++ b/tests/host/test_host_bool_params.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn

--- a/tests/host/test_host_ipaddresses.yml
+++ b/tests/host/test_host_ipaddresses.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn

--- a/tests/host/test_host_managedby_host.yml
+++ b/tests/host/test_host_managedby_host.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host2_fqdn
@@ -55,39 +55,39 @@
    register: result
    failed_when: result.changed

-  - name: Host "{{ host1_fqdn }}" managed by "{{ groups.ipaserver[0] }}"
+  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}"
    ipahost:
      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
-      managedby_host: "{{ groups.ipaserver[0] }}"
+      managedby_host: "{{ ansible_fqdn }}"
      action: member
    register: result
    failed_when: not result.changed

-  - name: Host "{{ host1_fqdn }}" managed by "{{ groups.ipaserver[0] }}" again
+  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}" again
    ipahost:
      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
-      managedby_host: "{{ groups.ipaserver[0] }}"
+      managedby_host: "{{ ansible_fqdn }}"
      action: member
    register: result
    failed_when: result.changed

-  - name: Host "{{ host1_fqdn }}" not managed by "{{ groups.ipaserver[0] }}"
+  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}"
    ipahost:
      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
-      managedby_host: "{{ groups.ipaserver[0] }}"
+      managedby_host: "{{ ansible_fqdn }}"
      action: member
      state: absent
    register: result
    failed_when: not result.changed

-  - name: Host "{{ host1_fqdn }}" not managed by "{{ groups.ipaserver[0] }}" again
+  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}" again
    ipahost:
      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
-      managedby_host: "{{ groups.ipaserver[0] }}"
+      managedby_host: "{{ ansible_fqdn }}"
      action: member
      state: absent
    register: result

--- a/tests/host/test_host_no_zone.yml
+++ b/tests/host/test_host_no_zone.yml
@@ -6,6 +6,7 @@
  tasks:
  - name: Ensure host with inexistent zone is absent.
    ipahost:
+      ipaadmin_password: SomeADMINpassword
      name: host01.absentzone.test
      state: absent
    register: result

--- a/tests/host/test_host_principal.yml
+++ b/tests/host/test_host_principal.yml
@@ -6,12 +6,12 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
    set_fact:
-      ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn

--- a/tests/host/test_host_random.yml
+++ b/tests/host/test_host_random.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn and host2_fqdn
@@ -77,11 +77,11 @@
    debug:
      var: ipahost.host["{{host2_fqdn }}"].randompassword

-  - name: Enrolled host "{{ groups.ipaserver[0] }}" fails to set random password with update_password always
+  - name: Enrolled host "{{ ansible_fqdn }}" fails to set random password with update_password always
    ipahost:
      ipaadmin_password: SomeADMINpassword
      hosts:
-      - name: "{{ groups.ipaserver[0] }}"
+      - name: "{{ ansible_fqdn }}"
        random: yes
      update_password: always
    register: ipahost
@@ -89,7 +89,7 @@

  - assert:
      that:
-      - ipahost.host["{{ groups.ipaserver[0] }}"].randompassword is
+      - ipahost.host["{{ ansible_fqdn }}"].randompassword is
        not defined
      - "'Password cannot be set on enrolled host' in ipahost.msg"


--- a/tests/host/test_host_reverse.yml
+++ b/tests/host/test_host_reverse.yml
@@ -2,12 +2,11 @@
 - name: Test host
  hosts: ipaserver
  become: true
-  gather_facts: true

  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn
@@ -26,15 +25,29 @@
    set_fact:
      ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
                       join('.') }}"
-      reverse_zone: "{{ ansible_default_ipv4.address.split('.')[2::-1] |
-                        join('.') }}"
+
+  - name: Set zone prefixes.
+    set_fact:
+      zone_ipv6_reverse: "ip6.arpa."
+      zone_ipv6_reverse_workaround: "d.f.ip6.arpa."
+      zone_prefix_reverse: "in-addr.arpa"
+      zone_prefix_reverse_8: "{{ ipv4_prefix.split('.')[2::-1] | join ('.') }}.in-addr.arpa"
+      zone_prefix_reverse_16: "{{ ipv4_prefix.split('.')[1::-1] | join ('.') }}.in-addr.arpa"
+      zone_prefix_reverse_24: "{{ ipv4_prefix.split('.')[::-1] | join ('.') }}.in-addr.arpa"

  - name: Set zone for reverse address.
-    command: ipa dnszone-add "{{ item }}" --skip-nameserver-check --skip-overlap-check
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+      skip_nameserver_check: yes
+      skip_overlap_check: yes
    with_items:
-      - "{{ reverse_zone + '.in-addr.arpa.' }}"
-      - 'ip6.arpa.'
-    ignore_errors: yes
+      - "{{ zone_ipv6_reverse }}"
+      - "{{ zone_ipv6_reverse_workaround }}"
+      - "{{ zone_prefix_reverse }}"
+      - "{{ zone_prefix_reverse_8 }}"
+      - "{{ zone_prefix_reverse_16 }}"
+      - "{{ zone_prefix_reverse_24 }}"

  - name: Host "{{ host1_fqdn }}" present
    ipahost:
@@ -96,8 +109,15 @@
    register: result
    failed_when: not result.changed

-  - name: Set zone for reverse address.
-    command: ipa dnszone-del "{{ item }}"
+  - name: Delete zone for reverse address.
+    ipadnszone:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{ item }}"
+      state: absent
    with_items:
-      - "{{ reverse_zone + '.in-addr.arpa.' }}"
-      - 'ip6.arpa.'
+      - "{{ zone_ipv6_reverse }}"
+      - "{{ zone_ipv6_reverse_workaround }}"
+      - "{{ zone_prefix_reverse }}"
+      - "{{ zone_prefix_reverse_8 }}"
+      - "{{ zone_prefix_reverse_16 }}"
+      - "{{ zone_prefix_reverse_24 }}"
--- a/tests/host/test_hosts.yml
+++ b/tests/host/test_hosts.yml
@@ -2,12 +2,11 @@
 - name: Test hosts
  hosts: ipaserver
  become: true
-  gather_facts: false

  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn

--- a/tests/host/test_hosts_managedby_host.yml
+++ b/tests/host/test_hosts_managedby_host.yml
@@ -6,7 +6,7 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host5_fqdn

--- a/tests/host/test_hosts_principal.yml
+++ b/tests/host/test_hosts_principal.yml
@@ -6,12 +6,12 @@
  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
    set_fact:
-      ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host2_fqdn

--- a/tests/hostgroup/test_hostgroup.yml
+++ b/tests/hostgroup/test_hostgroup.yml
@@ -2,12 +2,12 @@
 - name: Test hostgroup
  hosts: ipaserver
  become: true
-  gather_facts: false
+  gather_facts: true

  tasks:
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Ensure host-group databases, mysql-server and oracle-server are absent

--- a/tests/service/certificate/test_service_certificate.yml
+++ b/tests/service/certificate/test_service_certificate.yml
@@ -29,7 +29,7 @@
  # setup
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get IPv4 address prefix from server node

--- a/tests/service/test_service.yml
+++ b/tests/service/test_service.yml
@@ -19,7 +19,7 @@
  # setup
  - name: Get Domain from server name
    set_fact:
-      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1, host2 and svc hosts fqdn
@@ -51,13 +51,16 @@
      ipaadmin_password: SomeADMINpassword
      hosts:
          - name: "{{ host1_fqdn }}"
+            ip_address: "{{ ipv4_prefix + '.101' }}"
            force: yes
          - name: "{{ host2_fqdn }}"
+            ip_address: "{{ ipv4_prefix + '.102' }}"
            force: yes
          - name: "{{ svc_fqdn }}"
            ip_address: "{{ ipv4_prefix + '.201' }}"
          - name: svc.ihavenodns.info
            force: yes
+      update_dns: yes

  - name: Ensure testing user user01 is present.
    ipauser:
@@ -408,7 +411,7 @@
      - group02
      allow_retrieve_keytab_host:
      - "{{ host1_fqdn }}"
-      - host02.exampl "{{ groups.ipaserver[0] }}"e.com
+      - "{{ host2_fqdn }}"
      allow_retrieve_keytab_hostgroup:
      - hostgroup01
      - hostgroup02
@@ -543,7 +546,7 @@

  - name: Ensure SMB service is present.
    ipaservice:
-      ipaadmin_password: MyPassword123
+      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
      smb: yes
      netbiosname: SAMBASVC
@@ -552,7 +555,7 @@

  - name: Ensure SMB service is again.
    ipaservice:
-      ipaadmin_password: MyPassword123
+      ipaadmin_password: SomeADMINpassword
      name: "{{ host1_fqdn }}"
      smb: yes
      netbiosname: SAMBASVC
@@ -561,7 +564,7 @@

  - name: Ensure SMB service is absent.
    ipaservice:
-      ipaadmin_password: MyPassword123
+      ipaadmin_password: SomeADMINpassword
      name: "cifs/{{ host1_fqdn }}"
      state: absent
    register: result
@@ -569,7 +572,7 @@

  - name: Ensure SMB service is absent, again.
    ipaservice:
-      ipaadmin_password: MyPassword123
+      ipaadmin_password: SomeADMINpassword
      name: "cifs/{{ host1_fqdn }}"
      state: absent
    register: result