diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index 99c955697445f41957d58d76e4db9608015f2451..46cfc3aa78cdb71e9548ff1172a66bb01854d1d5 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -216,15 +216,18 @@
ipaclient_force_join)
- block:
- - fail:
+ - name: krb5 configuration not correct
+ fail:
msg: >
The krb5 configuration is not correct, please enable allow_repair
to fix this.
when: not result_ipaclient_test_keytab.krb5_conf_ok
- - fail:
+ - name: IPA test failed
+ fail:
msg: "The IPA test failed, please enable allow_repair to fix this."
when: not result_ipaclient_test_keytab.ping_test_ok
- - fail:
+ - name: ca.crt file is missing
+ fail:
msg: >
The ca.crt file is missing, please enable allow_repair to fix this.
when: not result_ipaclient_test_keytab.ca_crt_exists
diff --git a/tests/config/test_config.yml b/tests/config/test_config.yml
index c3f26872f01a2efef8b63e2a2a4ec13b422f7f25..cac579d451cf030378c3205f0944e670174294c2 100644
--- a/tests/config/test_config.yml
+++ b/tests/config/test_config.yml
@@ -56,9 +56,9 @@
ipaapi_context: "{{ ipa_context | default(omit) }}"
pac_type: ""
- - name: set maxhostname to 255
- block:
- - ipaconfig:
+ - block:
+ - name: set maxhostname to 255
+ ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 255
@@ -221,16 +221,17 @@
register: result
failed_when: result.changed or result.failed
- - name: set maxhostname to 77
- block:
- - ipaconfig:
+ - block:
+ - name: set maxhostname to 77
+ ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 77
register: result
failed_when: not result.changed or result.failed
- - ipaconfig:
+ - name: set maxhostname to 77, again
+ ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 77
@@ -409,9 +410,9 @@
register: result
failed_when: not result.changed or result.failed
- - name: reset maxhostname
- block:
- - ipaconfig:
+ - block:
+ - name: reset maxhostname
+ ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: '{{ previousconfig.config.maxhostname | default(omit) }}'
@@ -444,9 +445,9 @@
register: result
failed_when: result.changed or result.failed
- - name: reset maxhostname
- block:
- - ipaconfig:
+ - block:
+ - name: reset maxhostname
+ ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: '{{ previousconfig.config.maxhostname | default(omit) }}'
diff --git a/tests/env_freeipa_facts.yml b/tests/env_freeipa_facts.yml
index 0ab8541e12df03b1420039036d5882c26ee59bec..b9bce90aafd1174e9b578aebf1436d29ba7f61eb 100644
--- a/tests/env_freeipa_facts.yml
+++ b/tests/env_freeipa_facts.yml
@@ -15,12 +15,12 @@
- name: Verify if host is an IPA server or client.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- RESULT=$(KRB5CCNAME={{ KRB5CCNAME }} ipa server-show `hostname` && echo SERVER || echo CLIENT)
- kdestroy -A -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ RESULT=$(KRB5CCNAME={{ krb5ccname }} ipa server-show `hostname` && echo SERVER || echo CLIENT)
+ kdestroy -A -c {{ krb5ccname }}
echo $RESULT
vars:
- KRB5CCNAME: "__check_ipa_host_is_client_or_server__"
+ krb5ccname: "__check_ipa_host_is_client_or_server__"
register: output
- name: Set FreeIPA facts.
diff --git a/tests/role/test_role_lists_handling.yml b/tests/role/test_role_lists_handling.yml
index d698aab9a0d176c9d771caa17ff7fa3a022b2c9f..ca3f023c81c11c9631a4d1b4e806988d388a0de3 100644
--- a/tests/role/test_role_lists_handling.yml
+++ b/tests/role/test_role_lists_handling.yml
@@ -43,9 +43,9 @@
- name: Verify role privileges.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -57,7 +57,7 @@
and "Group Administrators" in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_409
+ krb5ccname: verify_issue_409
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/409
# Test fix for https://github.com/freeipa/ansible-freeipa/issues/412
@@ -73,9 +73,9 @@
- name: Verify role users.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -83,7 +83,7 @@
and "user02" in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_412
+ krb5ccname: verify_issue_412
- name: Add new group to role.
iparole:
@@ -97,9 +97,9 @@
- name: Verify role group.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -107,7 +107,7 @@
and "group02" in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_412
+ krb5ccname: verify_issue_412
- name: Add new host to role.
iparole:
@@ -121,9 +121,9 @@
- name: Verify role hosts.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -131,7 +131,7 @@
and host2 in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_412
+ krb5ccname: verify_issue_412
host1: " {{ host1_fqdn }}"
host2: " {{ host2_fqdn }}"
@@ -147,9 +147,9 @@
- name: Verify role hostgroups.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -157,7 +157,7 @@
and " hostgroup02" in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_412
+ krb5ccname: verify_issue_412
- name: Add new service to role.
iparole:
@@ -171,9 +171,9 @@
- name: Verify role services.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -181,7 +181,7 @@
and service1 in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_412
+ krb5ccname: verify_issue_412
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/412
@@ -199,9 +199,9 @@
- name: Verify role services.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -210,7 +210,7 @@
and "user03" in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_413
+ krb5ccname: verify_issue_413
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
@@ -227,9 +227,9 @@
- name: Verify role services.
shell:
cmd: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -238,7 +238,7 @@
and "user03" not in result.stdout
)
vars:
- KRB5CCNAME: verify_issue_413
+ krb5ccname: verify_issue_413
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/413
diff --git a/tests/vault/test_vault_change_type.yml b/tests/vault/test_vault_change_type.yml
index f7106af1c52390cf1a84e0eb57f2bd653b4128a5..8490a2c9a5f6582379c03ff7a0694e2d52e99e77 100644
--- a/tests/vault/test_vault_change_type.yml
+++ b/tests/vault/test_vault_change_type.yml
@@ -43,14 +43,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_asymmetric
+ krb5ccname: verify_change_from_asymmetric
- block:
- name: Change from symmetric to standard
@@ -64,14 +64,14 @@
- name: Verify salt is not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_symmetric
+ krb5ccname: verify_change_from_symmetric
- name: Change from standard to symmetric
ipavault:
@@ -95,14 +95,14 @@
- name: Verify salt is not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_symmetric
+ krb5ccname: verify_change_from_symmetric
- block:
- name: Change from asymmetric to standard
@@ -116,14 +116,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_asymmetric
+ krb5ccname: verify_change_from_asymmetric
- name: Ensure test_vault is absent.
ipavault:
@@ -169,14 +169,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_asymmetric
+ krb5ccname: verify_change_from_asymmetric
- name: Retrieve data from symmetric vault.
ipavault:
@@ -199,14 +199,14 @@
- name: Verify salt is not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_symmetric
+ krb5ccname: verify_change_from_symmetric
- name: Retrieve data from standard vault.
ipavault:
@@ -247,14 +247,14 @@
- name: Verify salt is not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_symmetric
+ krb5ccname: verify_change_from_symmetric
- name: Retrieve data from asymmetric vault.
ipavault:
@@ -277,14 +277,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
- echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
- KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
- kdestroy -A -q -c {{ KRB5CCNAME }}
+ echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
+ KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
+ kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
- KRB5CCNAME: verify_change_from_asymmetric
+ krb5ccname: verify_change_from_asymmetric
- name: Retrieve data from standard vault.
ipavault: