Skip to content
Hide whitespace changes
Inline Side-by-side
tests/config/test_config_sid.yml
View file @ 1028f61b
......@@ -30,7 +30,7 @@
check_mode: yes
register: sid_disabled
- name: Ensure netbios_name can't be changed without SID enabled. # noqa 503
- name: Ensure netbios_name can't be changed without SID enabled. # noqa no-handler
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
......@@ -39,7 +39,7 @@
failed_when: not result.failed and "SID generation must be enabled" in result.msg
when: sid_disabled.changed
- name: Ensure SIDs can't be changed without SID enabled. # noqa 503
- name: Ensure SIDs can't be changed without SID enabled. # noqa no-handler
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
......
tests/dnsrecord/test_dnsrecord.yml
View file @ 1028f61b
......@@ -1549,7 +1549,7 @@
- name: Cleanup test environment.
ansible.builtin.include_tasks: env_cleanup.yml
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1]
become: no
......
tests/dnszone/test_dnszone.yml
View file @ 1028f61b
......@@ -3,6 +3,10 @@
hosts: "{{ ipa_test_host | default('ipaserver') }}"
become: true
gather_facts: true
module_defaults:
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
tasks:
......@@ -13,8 +17,6 @@
# Tests
- name: Check if zone is present, when it shouldn't be.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: present
check_mode: yes
......@@ -23,8 +25,6 @@
- name: Check if zone is present again, when it shouldn't be.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: present
check_mode: yes
......@@ -33,8 +33,6 @@
- name: Ensure zone is present.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: present
register: result
......@@ -42,8 +40,6 @@
- name: Check if zone is present, when it should be.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: present
check_mode: yes
......@@ -52,8 +48,6 @@
- name: Ensure zone is present, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: present
register: result
......@@ -61,8 +55,6 @@
- name: Ensure zone is disabled.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: disabled
register: result
......@@ -70,8 +62,6 @@
- name: Ensure zone is disabled, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: disabled
register: result
......@@ -79,8 +69,6 @@
- name: Ensure zone is enabled.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: enabled
register: result
......@@ -88,8 +76,6 @@
- name: Ensure zone is enabled, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
state: enabled
register: result
......@@ -97,8 +83,6 @@
- name: Ensure forward_policy is none.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forward_policy: none
register: result
......@@ -106,8 +90,6 @@
- name: Ensure forward_policy is none, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forward_policy: none
register: result
......@@ -115,8 +97,6 @@
- name: Ensure forward_policy is first.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forward_policy: first
register: result
......@@ -124,8 +104,6 @@
- name: Ensure forward_policy is first, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forward_policy: first
register: result
......@@ -133,8 +111,6 @@
- name: Ensure first forwarder is set.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forwarders:
- ip_address: 8.8.8.8
......@@ -144,8 +120,6 @@
- name: Ensure first and second forwarder are set.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forwarders:
- ip_address: 8.8.8.8
......@@ -156,8 +130,6 @@
- name: Ensure first and second forwarder are set, again.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forwarders:
- ip_address: 8.8.8.8
......@@ -168,8 +140,6 @@
- name: Ensure only second forwarder is set.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forwarders:
- ip_address: 2001:4860:4860::8888
......@@ -178,16 +148,12 @@
- name: Nothing changes.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
register: result
failed_when: result.changed or result.failed
- name: Ensure no forwarders are set.
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testzone.local
forwarders: []
register: result
......@@ -195,56 +161,70 @@
- name: Create zones test1
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test1.testzone.local
register: result
failed_when: not result.changed or result.failed
- name: Create zones test1, again
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test1.testzone.local
register: result
failed_when: result.changed or result.failed
- name: Create zones test2
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test2.testzone.local
register: result
failed_when: not result.changed or result.failed
- name: Create zones test2, again
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test2.testzone.local
register: result
failed_when: result.changed or result.failed
- name: Create zones test3
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test3.testzone.local
register: result
failed_when: not result.changed or result.failed
- name: Create zones test3, again
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: test3.testzone.local
register: result
failed_when: result.changed or result.failed
- name: Ensure zone test1.testzone.local has management permissioon
ipadnszone:
name: test1.testzone.local
permission: true
register: result
failed_when: not result.changed or result.failed
- name: Ensure zone test1.testzone.local has management permissioon
ipadnszone:
name: test1.testzone.local
permission: true
register: result
failed_when: result.changed or result.failed
- name: Ensure zone test1.testzone.local don't have management permissioon
ipadnszone:
name: test1.testzone.local
permission: false
register: result
failed_when: not result.changed or result.failed
- name: Ensure zone test1.testzone.local don't have management permissioon
ipadnszone:
name: test1.testzone.local
permission: false
register: result
failed_when: result.changed or result.failed
- name: Ensure multiple zones are absent
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name:
- test1.testzone.local
- test2.testzone.local
......@@ -255,8 +235,6 @@
- name: Ensure multiple zones are absent, again
ipadnszone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name:
- test1.testzone.local
- test2.testzone.local
......
tests/group/test_group.yml
View file @ 1028f61b
......@@ -3,6 +3,13 @@
hosts: "{{ ipa_test_host | default('ipaserver') }}"
become: true
gather_facts: true
module_defaults:
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
tasks:
# setup
......@@ -19,24 +26,18 @@
- name: Ensure users user1, user2 and user3 are absent
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user1,user2,user3
state: absent
- name: Ensure group group3, group2 and group1 are absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group3,group2,group1
name: groupren,group3,group2,group1
state: absent
# CREATE TEST ITEMS
- name: Ensure users user1..user3 are present
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
users:
- name: user1
first: user1
......@@ -54,56 +55,74 @@
- name: Ensure group1 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
register: result
failed_when: not result.changed or result.failed
- name: Ensure group1 is present again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
register: result
failed_when: result.changed or result.failed
- name: Rename group1 to groupren
ipagroup:
name: group1
rename: groupren
state: renamed
register: result
failed_when: not result.changed or result.failed
- name: Rename group1 to groupren
ipagroup:
name: group1
rename: groupren
state: renamed
register: result
failed_when: not result.failed or "No group 'group1'" not in result.msg
- name: Rename group groupren to groupren
ipagroup:
name: groupren
rename: groupren
state: renamed
register: result
failed_when: result.changed or result.failed
- name: Rename group groupren back to group1
ipagroup:
name: groupren
rename: group1
state: renamed
register: result
failed_when: not result.changed or result.failed
- name: Ensure group2 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group2
register: result
failed_when: not result.changed or result.failed
- name: Ensure group2 is present again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group2
register: result
failed_when: result.changed or result.failed
- name: Ensure group3 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group3
register: result
failed_when: not result.changed or result.failed
- name: Ensure group3 is present again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group3
register: result
failed_when: result.changed or result.failed
- name: Ensure groups group2 and group3 are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
group:
- group2
......@@ -114,8 +133,6 @@
- name: Ensure groups group2 and group3 are present in group group1 again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
group:
- group2
......@@ -126,8 +143,6 @@
- name: Ensure group3 ia present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
group:
- group3
......@@ -143,8 +158,6 @@
- name: Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -154,8 +167,6 @@
- name: Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is present in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -165,8 +176,6 @@
- name: Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'ldap/' + fqdn_at_domain }}"
......@@ -176,8 +185,6 @@
- name: Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is present in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'ldap/' + fqdn_at_domain }}"
......@@ -187,8 +194,6 @@
- name: Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is absent in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -199,8 +204,6 @@
- name: Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is absent in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -211,8 +214,6 @@
- name: Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is absent in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'ldap/' + fqdn_at_domain }}"
......@@ -223,8 +224,6 @@
- name: Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is absent in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'ldap/' + fqdn_at_domain }}"
......@@ -235,8 +234,6 @@
- name: Ensure services are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -247,8 +244,6 @@
- name: Ensure services are present in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'http/' + fqdn_at_domain }}"
......@@ -259,8 +254,6 @@
- name: Ensure services are absent in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -272,8 +265,6 @@
- name: Ensure services are absent in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
service:
- "{{ 'HTTP/' + fqdn_at_domain }}"
......@@ -283,12 +274,10 @@
register: result
failed_when: result.changed or result.failed
# user
# user
- name: Ensure users user1, user2 and user3 are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -300,8 +289,6 @@
- name: Ensure users user1, user2 and user3 are present in group group1 again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -312,8 +299,6 @@
failed_when: result.changed or result.failed
#- ipagroup:
# ipaadmin_password: SomeADMINpassword
# ipaapi_context: "{{ ipa_context | default(omit) }}"
# name: group1
# user:
# - user7
......@@ -321,8 +306,6 @@
- name: Ensure user user7 is absent in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user7
......@@ -333,8 +316,6 @@
- name: Ensure group group4 is absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group4
state: absent
register: result
......@@ -342,8 +323,6 @@
- name: Ensure groups group3, group2, and group1 are absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group3,group2,group1
state: absent
register: result
......@@ -351,16 +330,12 @@
- name: Ensure group group1 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
register: result
failed_when: not result.changed or result.failed
- name: Ensure users user1, user2 are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -371,8 +346,6 @@
- name: Ensure users user1, user2 and user3 are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -384,8 +357,6 @@
- name: Ensure users user1, user2 are present in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -396,8 +367,6 @@
- name: Ensure users user1, user2 and user3 are present in group group1, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -409,8 +378,6 @@
- name: Ensure group group1 is absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
state: absent
register: result
......@@ -418,8 +385,6 @@
- name: Ensure group group1 with users user1, user2 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -429,8 +394,6 @@
- name: Ensure group group1 with users user1, user2 and user3 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -441,8 +404,6 @@
- name: Ensure group group1 with users user1, user2 and user3 is present, again
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -454,8 +415,6 @@
- name: Ensure only users user1, user2 are present in group group1
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group1
user:
- user1
......@@ -467,8 +426,6 @@
- name: Ensure group group3, group2 and group1 are absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group3,group2,group1
state: absent
register: result
......@@ -476,8 +433,6 @@
- name: Ensure users user1, user2 and user3 are absent
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user1,user2,user3
state: absent
register: result
......
tests/group/test_groups.yml
View file @ 1028f61b
......@@ -19,7 +19,7 @@
- name: Remove test groups
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
name: group1,group2,group3,group4,group5,group6,group7,group8,group9,group10,newgroup1,newgroup2
state: absent
- name: Remove test users
......@@ -130,10 +130,53 @@
register: result
failed_when: result.changed or not result.failed or "Only one group can be added at a time using 'name'." not in result.msg
- name: Ensure group1 and group2 exist
ipagroup:
ipaadmin_password: SomeADMINpassword
groups:
- name: group1
- name: group2
- name: Rename group1 and group2 to newgroup1 and newgroup2, respectively
ipagroup:
ipaadmin_password: SomeADMINpassword
groups:
- name: group1
rename: newgroup1
- name: group2
rename: newgroup2
state: renamed
register: result
failed_when: not result.changed or result.failed
- name: Rename newgroup1 and newgroup2 to the same name
ipagroup:
ipaadmin_password: SomeADMINpassword
groups:
- name: newgroup1
rename: newgroup1
- name: newgroup2
rename: newgroup2
state: renamed
register: result
failed_when: result.changed or result.failed
- name: Rename newgroup1 and newgroup2 back to group1 and group2, respectively
ipagroup:
ipaadmin_password: SomeADMINpassword
groups:
- name: newgroup1
rename: group1
- name: newgroup2
rename: group2
state: renamed
register: result
failed_when: not result.changed or result.failed
- name: Remove test groups
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
name: group1,group2,group3,group4,group5,group6,group7,group8,group9,group10,newgroup1,newgroup2
state: absent
- name: Remove test users
......
tests/group/test_groups_absent.yml
View file @ 1028f61b
......@@ -9,7 +9,7 @@
tasks:
- name: Include groups.json
ansible.builtin.include_vars:
file: groups.json # noqa 505
file: groups.json
- name: Initialize groups_names
ansible.builtin.set_fact:
......
tests/group/test_groups_present.yml
View file @ 1028f61b
......@@ -9,7 +9,7 @@
tasks:
- name: Include groups.json
ansible.builtin.include_vars:
file: groups.json # noqa 505
file: groups.json
- name: Groups present len:{{ group_list | length }}
ipagroup:
......
tests/group/test_groups_present_slice.yml
View file @ 1028f61b
......@@ -11,7 +11,7 @@
tasks:
- name: Include groups.json
ansible.builtin.include_vars:
file: groups.json # noqa 505
file: groups.json
- name: Size of groups slice.
ansible.builtin.debug:
......
tests/host/certificate/test_host_certificate.yml
View file @ 1028f61b
......@@ -99,7 +99,7 @@
register: result
failed_when: result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/host/certificate/test_hosts_certificate.yml
View file @ 1028f61b
......@@ -98,7 +98,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/idoverrideuser/test_idoverrideuser.yml
View file @ 1028f61b
......@@ -558,7 +558,7 @@
name: test_idview
state: absent
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/service/certificate/test_service_certificate.yml
View file @ 1028f61b
......@@ -214,7 +214,7 @@
update_dns: yes
state: absent
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2]
......
tests/service/certificate/test_service_certificate_newline.yml
View file @ 1028f61b
......@@ -192,7 +192,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/service/certificate/test_services_certificate_newline.yml
View file @ 1028f61b
......@@ -306,7 +306,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [11, 12, 13, 21, 22, 23, 31, 32, 33]
......
tests/service/test_service_disable.yml
View file @ 1028f61b
......@@ -100,7 +100,7 @@
- name: Destroy Kerberos tickets.
ansible.builtin.shell: kdestroy -A -q -c ${KRB5CCNAME}
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1]
......
tests/sudorule/test_sudorule.yml
View file @ 1028f61b
......@@ -8,34 +8,26 @@
tasks:
# setup
- name: Ensure user is absent
- name: Ensure test user is present
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user01
state: absent
first: user
last: zeroone
- name: Ensure group is absent
- name: Ensure group01 is present, with user01 on it.
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group01
state: absent
- name: Ensure user is present
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user01
first: user
last: zeroone
user: user01
- name: Ensure group is present, with user01 on it.
- name: Ensure group02 is present
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: group01
user: user01
name: group02
- name: Ensure sudocmdgroup is absent
ipasudocmdgroup:
......@@ -154,6 +146,100 @@
register: result
failed_when: result.changed or result.failed
- name: Ensure group01 is on the list of users sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure group01 is on the list of users sudorule execute as, again.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure group01 and group2 are on the list of users sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
- group02
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure group01 and group2 are on the list of users sudorule execute as, again.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
- group02
action: member
register: result
failed_when: result.changed or result.failed
- name: Check if group02 is on the list of users sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group02
action: member
register: result
check_mode: true
failed_when: result.changed or result.failed
- name: Ensure group01 is not on the list of users sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
action: member
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure group01 is not on the list of users sudorule execute as, again.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group01
action: member
state: absent
register: result
failed_when: result.changed or result.failed
- name: Check if group02 is on the list of users sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testrule1
runasuser_group:
- group02
action: member
register: result
check_mode: true
failed_when: result.changed or result.failed
- name: Ensure group01 is on the list of group sudorule execute as.
ipasudorule:
ipaadmin_password: SomeADMINpassword
......@@ -1155,3 +1241,19 @@
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: cluster
state: absent
- name: Ensure groups are absent
ipagroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name:
- group01
- group02
state: absent
- name: Ensure user is absent
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user01
state: absent
tests/user/certificate/test_user_certificate.yml
View file @ 1028f61b
......@@ -80,7 +80,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/user/certificate/test_users_certificate.yml
View file @ 1028f61b
......@@ -93,7 +93,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/user/certmapdata/test_user_certmapdata.yml
View file @ 1028f61b
......@@ -225,7 +225,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......
tests/user/certmapdata/test_users_certmapdata.yml
View file @ 1028f61b
......@@ -161,7 +161,7 @@
register: result
failed_when: not result.changed or result.failed
- name: Remove certificate files. # noqa: deprecated-command-syntax
- name: Remove certificate files.
ansible.builtin.shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1, 2, 3]
......