Skip to content
GitLab
Explore
Sign in
Mirror
Ansible FreeIPA
Compare revisions
81e6cbe6b709313fc3ce8b9af60896c1a92cbfe7 to 1028f61b6ccec53d281e8e81ee5e7c09d3d02ea6
Hide whitespace changes
Inline
Side-by-side
tests/config/test_config_sid.yml
View file @
1028f61b
...
...
@@ -30,7 +30,7 @@
check_mode
:
yes
register
:
sid_disabled
-
name
:
Ensure netbios_name can't be changed without SID enabled.
# noqa
503
-
name
:
Ensure netbios_name can't be changed without SID enabled.
# noqa
no-handler
ipaconfig
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
...
...
@@ -39,7 +39,7 @@
failed_when
:
not result.failed and "SID generation must be enabled" in result.msg
when
:
sid_disabled.changed
-
name
:
Ensure SIDs can't be changed without SID enabled.
# noqa
503
-
name
:
Ensure SIDs can't be changed without SID enabled.
# noqa
no-handler
ipaconfig
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
...
...
tests/dnsrecord/test_dnsrecord.yml
View file @
1028f61b
...
...
@@ -1549,7 +1549,7 @@
-
name
:
Cleanup test environment.
ansible.builtin.include_tasks
:
env_cleanup.yml
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
]
become
:
no
...
...
tests/dnszone/test_dnszone.yml
View file @
1028f61b
...
...
@@ -3,6 +3,10 @@
hosts
:
"
{{
ipa_test_host
|
default('ipaserver')
}}"
become
:
true
gather_facts
:
true
module_defaults
:
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
tasks
:
...
...
@@ -13,8 +17,6 @@
# Tests
-
name
:
Check if zone is present, when it shouldn't be.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
present
check_mode
:
yes
...
...
@@ -23,8 +25,6 @@
-
name
:
Check if zone is present again, when it shouldn't be.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
present
check_mode
:
yes
...
...
@@ -33,8 +33,6 @@
-
name
:
Ensure zone is present.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
present
register
:
result
...
...
@@ -42,8 +40,6 @@
-
name
:
Check if zone is present, when it should be.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
present
check_mode
:
yes
...
...
@@ -52,8 +48,6 @@
-
name
:
Ensure zone is present, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
present
register
:
result
...
...
@@ -61,8 +55,6 @@
-
name
:
Ensure zone is disabled.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
disabled
register
:
result
...
...
@@ -70,8 +62,6 @@
-
name
:
Ensure zone is disabled, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
disabled
register
:
result
...
...
@@ -79,8 +69,6 @@
-
name
:
Ensure zone is enabled.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
enabled
register
:
result
...
...
@@ -88,8 +76,6 @@
-
name
:
Ensure zone is enabled, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
state
:
enabled
register
:
result
...
...
@@ -97,8 +83,6 @@
-
name
:
Ensure forward_policy is none.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forward_policy
:
none
register
:
result
...
...
@@ -106,8 +90,6 @@
-
name
:
Ensure forward_policy is none, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forward_policy
:
none
register
:
result
...
...
@@ -115,8 +97,6 @@
-
name
:
Ensure forward_policy is first.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forward_policy
:
first
register
:
result
...
...
@@ -124,8 +104,6 @@
-
name
:
Ensure forward_policy is first, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forward_policy
:
first
register
:
result
...
...
@@ -133,8 +111,6 @@
-
name
:
Ensure first forwarder is set.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forwarders
:
-
ip_address
:
8.8.8.8
...
...
@@ -144,8 +120,6 @@
-
name
:
Ensure first and second forwarder are set.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forwarders
:
-
ip_address
:
8.8.8.8
...
...
@@ -156,8 +130,6 @@
-
name
:
Ensure first and second forwarder are set, again.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forwarders
:
-
ip_address
:
8.8.8.8
...
...
@@ -168,8 +140,6 @@
-
name
:
Ensure only second forwarder is set.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forwarders
:
-
ip_address
:
2001:4860:4860::8888
...
...
@@ -178,16 +148,12 @@
-
name
:
Nothing changes.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure no forwarders are set.
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testzone.local
forwarders
:
[]
register
:
result
...
...
@@ -195,56 +161,70 @@
-
name
:
Create zones test1
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test1.testzone.local
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Create zones test1, again
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test1.testzone.local
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Create zones test2
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test2.testzone.local
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Create zones test2, again
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test2.testzone.local
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Create zones test3
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test3.testzone.local
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Create zones test3, again
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
test3.testzone.local
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure zone test1.testzone.local has management permissioon
ipadnszone
:
name
:
test1.testzone.local
permission
:
true
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure zone test1.testzone.local has management permissioon
ipadnszone
:
name
:
test1.testzone.local
permission
:
true
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure zone test1.testzone.local don't have management permissioon
ipadnszone
:
name
:
test1.testzone.local
permission
:
false
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure zone test1.testzone.local don't have management permissioon
ipadnszone
:
name
:
test1.testzone.local
permission
:
false
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure multiple zones are absent
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
-
test1.testzone.local
-
test2.testzone.local
...
...
@@ -255,8 +235,6 @@
-
name
:
Ensure multiple zones are absent, again
ipadnszone
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
-
test1.testzone.local
-
test2.testzone.local
...
...
tests/group/test_group.yml
View file @
1028f61b
...
...
@@ -3,6 +3,13 @@
hosts
:
"
{{
ipa_test_host
|
default('ipaserver')
}}"
become
:
true
gather_facts
:
true
module_defaults
:
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
tasks
:
# setup
...
...
@@ -19,24 +26,18 @@
-
name
:
Ensure users user1, user2 and user3 are absent
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
user1,user2,user3
state
:
absent
-
name
:
Ensure group group3, group2 and group1 are absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group3,group2,group1
name
:
groupren,group3,group2,group1
state
:
absent
# CREATE TEST ITEMS
-
name
:
Ensure users user1..user3 are present
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
users
:
-
name
:
user1
first
:
user1
...
...
@@ -54,56 +55,74 @@
-
name
:
Ensure group1 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group1 is present again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Rename group1 to groupren
ipagroup
:
name
:
group1
rename
:
groupren
state
:
renamed
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Rename group1 to groupren
ipagroup
:
name
:
group1
rename
:
groupren
state
:
renamed
register
:
result
failed_when
:
not result.failed or "No group 'group1'" not in result.msg
-
name
:
Rename group groupren to groupren
ipagroup
:
name
:
groupren
rename
:
groupren
state
:
renamed
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Rename group groupren back to group1
ipagroup
:
name
:
groupren
rename
:
group1
state
:
renamed
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group2 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group2
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group2 is present again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group2
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure group3 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group3
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group3 is present again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group3
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure groups group2 and group3 are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
group
:
-
group2
...
...
@@ -114,8 +133,6 @@
-
name
:
Ensure groups group2 and group3 are present in group group1 again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
group
:
-
group2
...
...
@@ -126,8 +143,6 @@
-
name
:
Ensure group3 ia present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
group
:
-
group3
...
...
@@ -143,8 +158,6 @@
-
name
:
Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -154,8 +167,6 @@
-
name
:
Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is present in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -165,8 +176,6 @@
-
name
:
Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'ldap/'
+
fqdn_at_domain
}}"
...
...
@@ -176,8 +185,6 @@
-
name
:
Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is present in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'ldap/'
+
fqdn_at_domain
}}"
...
...
@@ -187,8 +194,6 @@
-
name
:
Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is absent in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -199,8 +204,6 @@
-
name
:
Ensure service "{{ 'HTTP/' + fqdn_at_domain }}" is absent in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -211,8 +214,6 @@
-
name
:
Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is absent in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'ldap/'
+
fqdn_at_domain
}}"
...
...
@@ -223,8 +224,6 @@
-
name
:
Ensure service "{{ 'ldap/' + fqdn_at_domain }}" is absent in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'ldap/'
+
fqdn_at_domain
}}"
...
...
@@ -235,8 +234,6 @@
-
name
:
Ensure services are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -247,8 +244,6 @@
-
name
:
Ensure services are present in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'http/'
+
fqdn_at_domain
}}"
...
...
@@ -259,8 +254,6 @@
-
name
:
Ensure services are absent in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -272,8 +265,6 @@
-
name
:
Ensure services are absent in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
service
:
-
"
{{
'HTTP/'
+
fqdn_at_domain
}}"
...
...
@@ -283,12 +274,10 @@
register
:
result
failed_when
:
result.changed or result.failed
# user
# user
-
name
:
Ensure users user1, user2 and user3 are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -300,8 +289,6 @@
-
name
:
Ensure users user1, user2 and user3 are present in group group1 again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -312,8 +299,6 @@
failed_when
:
result.changed or result.failed
#- ipagroup:
# ipaadmin_password: SomeADMINpassword
# ipaapi_context: "{{ ipa_context | default(omit) }}"
# name: group1
# user:
# - user7
...
...
@@ -321,8 +306,6 @@
-
name
:
Ensure user user7 is absent in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user7
...
...
@@ -333,8 +316,6 @@
-
name
:
Ensure group group4 is absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group4
state
:
absent
register
:
result
...
...
@@ -342,8 +323,6 @@
-
name
:
Ensure groups group3, group2, and group1 are absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group3,group2,group1
state
:
absent
register
:
result
...
...
@@ -351,16 +330,12 @@
-
name
:
Ensure group group1 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure users user1, user2 are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -371,8 +346,6 @@
-
name
:
Ensure users user1, user2 and user3 are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -384,8 +357,6 @@
-
name
:
Ensure users user1, user2 are present in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -396,8 +367,6 @@
-
name
:
Ensure users user1, user2 and user3 are present in group group1, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -409,8 +378,6 @@
-
name
:
Ensure group group1 is absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
state
:
absent
register
:
result
...
...
@@ -418,8 +385,6 @@
-
name
:
Ensure group group1 with users user1, user2 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -429,8 +394,6 @@
-
name
:
Ensure group group1 with users user1, user2 and user3 is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -441,8 +404,6 @@
-
name
:
Ensure group group1 with users user1, user2 and user3 is present, again
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -454,8 +415,6 @@
-
name
:
Ensure only users user1, user2 are present in group group1
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group1
user
:
-
user1
...
...
@@ -467,8 +426,6 @@
-
name
:
Ensure group group3, group2 and group1 are absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group3,group2,group1
state
:
absent
register
:
result
...
...
@@ -476,8 +433,6 @@
-
name
:
Ensure users user1, user2 and user3 are absent
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
user1,user2,user3
state
:
absent
register
:
result
...
...
tests/group/test_groups.yml
View file @
1028f61b
...
...
@@ -19,7 +19,7 @@
-
name
:
Remove test groups
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
name
:
group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
name
:
group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
,newgroup1,newgroup2
state
:
absent
-
name
:
Remove test users
...
...
@@ -130,10 +130,53 @@
register
:
result
failed_when
:
result.changed or not result.failed or "Only one group can be added at a time using 'name'." not in result.msg
-
name
:
Ensure group1 and group2 exist
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
groups
:
-
name
:
group1
-
name
:
group2
-
name
:
Rename group1 and group2 to newgroup1 and newgroup2, respectively
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
groups
:
-
name
:
group1
rename
:
newgroup1
-
name
:
group2
rename
:
newgroup2
state
:
renamed
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Rename newgroup1 and newgroup2 to the same name
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
groups
:
-
name
:
newgroup1
rename
:
newgroup1
-
name
:
newgroup2
rename
:
newgroup2
state
:
renamed
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Rename newgroup1 and newgroup2 back to group1 and group2, respectively
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
groups
:
-
name
:
newgroup1
rename
:
group1
-
name
:
newgroup2
rename
:
group2
state
:
renamed
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove test groups
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
name
:
group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
name
:
group1,group2,group3,group4,group5,group6,group7,group8,group9,group10
,newgroup1,newgroup2
state
:
absent
-
name
:
Remove test users
...
...
tests/group/test_groups_absent.yml
View file @
1028f61b
...
...
@@ -9,7 +9,7 @@
tasks
:
-
name
:
Include groups.json
ansible.builtin.include_vars
:
file
:
groups.json
# noqa 505
file
:
groups.json
-
name
:
Initialize groups_names
ansible.builtin.set_fact
:
...
...
tests/group/test_groups_present.yml
View file @
1028f61b
...
...
@@ -9,7 +9,7 @@
tasks
:
-
name
:
Include groups.json
ansible.builtin.include_vars
:
file
:
groups.json
# noqa 505
file
:
groups.json
-
name
:
Groups present len:{{ group_list | length }}
ipagroup
:
...
...
tests/group/test_groups_present_slice.yml
View file @
1028f61b
...
...
@@ -11,7 +11,7 @@
tasks
:
-
name
:
Include groups.json
ansible.builtin.include_vars
:
file
:
groups.json
# noqa 505
file
:
groups.json
-
name
:
Size of groups slice.
ansible.builtin.debug
:
...
...
tests/host/certificate/test_host_certificate.yml
View file @
1028f61b
...
...
@@ -99,7 +99,7 @@
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/host/certificate/test_hosts_certificate.yml
View file @
1028f61b
...
...
@@ -98,7 +98,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/idoverrideuser/test_idoverrideuser.yml
View file @
1028f61b
...
...
@@ -558,7 +558,7 @@
name
:
test_idview
state
:
absent
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/service/certificate/test_service_certificate.yml
View file @
1028f61b
...
...
@@ -214,7 +214,7 @@
update_dns
:
yes
state
:
absent
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
]
...
...
tests/service/certificate/test_service_certificate_newline.yml
View file @
1028f61b
...
...
@@ -192,7 +192,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/service/certificate/test_services_certificate_newline.yml
View file @
1028f61b
...
...
@@ -306,7 +306,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
11
,
12
,
13
,
21
,
22
,
23
,
31
,
32
,
33
]
...
...
tests/service/test_service_disable.yml
View file @
1028f61b
...
...
@@ -100,7 +100,7 @@
-
name
:
Destroy Kerberos tickets.
ansible.builtin.shell
:
kdestroy -A -q -c ${KRB5CCNAME}
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
]
...
...
tests/sudorule/test_sudorule.yml
View file @
1028f61b
...
...
@@ -8,34 +8,26 @@
tasks
:
# setup
- name: Ensure user is
ab
sent
-
name
:
Ensure
test
user is
pre
sent
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
user01
state: absent
first
:
user
last
:
zeroone
- name: Ensure group is
absent
-
name
:
Ensure group
01
is
present, with user01 on it.
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
group01
state: absent
- name: Ensure user is present
ipauser:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: user01
first: user
last: zeroone
user
:
user01
- name: Ensure group is present
, with user01 on it.
-
name
:
Ensure group
02
is present
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name: group01
user: user01
name
:
group02
-
name
:
Ensure sudocmdgroup is absent
ipasudocmdgroup
:
...
...
@@ -154,6 +146,100 @@
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure group01 is on the list of users sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
action
:
member
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group01 is on the list of users sudorule execute as, again.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
action
:
member
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Ensure group01 and group2 are on the list of users sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
-
group02
action
:
member
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group01 and group2 are on the list of users sudorule execute as, again.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
-
group02
action
:
member
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Check if group02 is on the list of users sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group02
action
:
member
register
:
result
check_mode
:
true
failed_when
:
result.changed or result.failed
-
name
:
Ensure group01 is not on the list of users sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
action
:
member
state
:
absent
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Ensure group01 is not on the list of users sudorule execute as, again.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group01
action
:
member
state
:
absent
register
:
result
failed_when
:
result.changed or result.failed
-
name
:
Check if group02 is on the list of users sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
testrule1
runasuser_group
:
-
group02
action
:
member
register
:
result
check_mode
:
true
failed_when
:
result.changed or result.failed
-
name
:
Ensure group01 is on the list of group sudorule execute as.
ipasudorule
:
ipaadmin_password
:
SomeADMINpassword
...
...
@@ -1155,3 +1241,19 @@
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
cluster
state
:
absent
-
name
:
Ensure groups are absent
ipagroup
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
-
group01
-
group02
state
:
absent
-
name
:
Ensure user is absent
ipauser
:
ipaadmin_password
:
SomeADMINpassword
ipaapi_context
:
"
{{
ipa_context
|
default(omit)
}}"
name
:
user01
state
:
absent
tests/user/certificate/test_user_certificate.yml
View file @
1028f61b
...
...
@@ -80,7 +80,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/user/certificate/test_users_certificate.yml
View file @
1028f61b
...
...
@@ -93,7 +93,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/user/certmapdata/test_user_certmapdata.yml
View file @
1028f61b
...
...
@@ -225,7 +225,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
tests/user/certmapdata/test_users_certmapdata.yml
View file @
1028f61b
...
...
@@ -161,7 +161,7 @@
register
:
result
failed_when
:
not result.changed or result.failed
-
name
:
Remove certificate files.
# noqa: deprecated-command-syntax
-
name
:
Remove certificate files.
ansible.builtin.shell
:
cmd
:
rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items
:
[
1
,
2
,
3
]
...
...
Prev
1
2
3
Next