|
Packit |
8cb997 |
---
|
|
Packit |
8c87ca |
- name: Playbook to handle hbacrules
|
|
Packit |
8cb997 |
hosts: ipaserver
|
|
Packit |
8cb997 |
become: true
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
tasks:
|
|
Packit |
8c87ca |
- name: Get Domain from server name
|
|
Packit |
8c87ca |
set_fact:
|
|
Packit |
8c87ca |
ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
|
|
Packit |
8c87ca |
when: ipaserver_domain is not defined
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
# CLEANUP TEST ITEMS
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test hosts are absent
|
|
Packit |
8c87ca |
ipahost:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test hostgroups are absent
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup01,testhostgroup02,testhostgroup03,testhostgroup04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test users are absent
|
|
Packit |
8cb997 |
ipauser:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testuser01,testuser02,testuser03,testuser04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test user groups are absent
|
|
Packit |
8cb997 |
ipagroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup01,testgroup02,testgroup03,testgroup04
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC Services are absent
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc01,testhbacsvc02,testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC Service Groups are absent
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup01,testhbacsvcgroup02,testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# CREATE TEST ITEMS
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure hosts "{{ 'host[1..4].' + ipaserver_domain }}" are present
|
|
Packit |
8c87ca |
ipahost:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
hosts:
|
|
Packit |
8c87ca |
- name: "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
force: yes
|
|
Packit |
8c87ca |
- name: "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
force: yes
|
|
Packit |
8c87ca |
- name: "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
force: yes
|
|
Packit |
8c87ca |
- name: "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
force: yes
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure host-group testhostgroup01 is present
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup01
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure host-group testhostgroup02 is present
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup02
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure host-group testhostgroup03 is present
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup03
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure host-group testhostgroup04 is present
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure testusers are present
|
|
Packit |
8cb997 |
ipauser:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
users:
|
|
Packit |
8c87ca |
- name: testuser01
|
|
Packit |
8c87ca |
first: test
|
|
Packit |
8c87ca |
last: user01
|
|
Packit |
8c87ca |
- name: testuser02
|
|
Packit |
8c87ca |
first: test
|
|
Packit |
8c87ca |
last: user02
|
|
Packit |
8c87ca |
- name: testuser03
|
|
Packit |
8c87ca |
first: test
|
|
Packit |
8c87ca |
last: user03
|
|
Packit |
8c87ca |
- name: testuser04
|
|
Packit |
8c87ca |
first: test
|
|
Packit |
8c87ca |
last: user04
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure user group testgroup01 is present
|
|
Packit |
8cb997 |
ipagroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup01
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure user group testgroup02 is present
|
|
Packit |
8c87ca |
ipagroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup02
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure user group testgroup03 is present
|
|
Packit |
8c87ca |
ipagroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup03
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure user group testgroup04 is present
|
|
Packit |
8c87ca |
ipagroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service testhbacsvc01 is present
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc01
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service testhbacsvc02 is present
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc02
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service testhbacsvc03 is present
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc03
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service testhbacsvc04 is present
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service Group testhbacsvcgroup01 is present
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup01
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service Group testhbacsvcgroup02 is present
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup02
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service Group testhbacsvcgroup03 is present
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup03
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC Service Group testhbacsvcgroup04 is present
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 is absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
# ENSURE HBACRULE
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present
|
|
Packit |
8c87ca |
ipahbacrule:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# CHANGE HBACRULE WITH ALL MEMBERS
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present with hosts, hostgroups, users, groups, hbassvcs and hbacsvcgroups
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present with hosts, hostgroups, users, groups, hbassvcs and hbacsvcgroups again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# REMOVE MEMBERS ONE BY ONE
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 host members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 host members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hostgroup members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hostgroup members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user group members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user group members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvc members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvc members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvcgroup members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvcgroup members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# ADD MEMBERS BACK
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 host members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 host members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hostgroup members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hostgroup members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user group members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 user group members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvc members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvc members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvcgroup members are present
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 hbacsvcgroup members are present again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
action: member
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
# CHANGE TO DIFFERENT MEMBERS
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present with different hosts, hostgroups, users, groups, hbassvcs and hbacsvcgroups
|
|
Packit |
8c87ca |
ipahbacrule:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup03,testhostgroup04
|
|
Packit |
8c87ca |
user: testuser03,testuser04
|
|
Packit |
8c87ca |
group: testgroup03,testgroup04
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: not result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 is present with different hosts, hostgroups, users, groups, hbassvcs and hbacsvcgroups again
|
|
Packit |
8c87ca |
ipahbacrule:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup03,testhostgroup04
|
|
Packit |
8c87ca |
user: testuser03,testuser04
|
|
Packit |
8c87ca |
group: testgroup03,testgroup04
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8c87ca |
register: result
|
|
Packit |
8c87ca |
failed_when: result.changed
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
# ENSURE OLD TEST MEMBERS ARE ABSENT
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 members (same) are present
|
|
Packit |
8c87ca |
ipahbacrule:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup01,testhostgroup02
|
|
Packit |
8c87ca |
user: testuser01,testuser02
|
|
Packit |
8c87ca |
group: testgroup01,testgroup02
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc01,testhbacsvc02
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup01,testhbacsvcgroup02
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# ENSURE NEW TEST MEMBERS ARE ABSENT
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 members are absent
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup03,testhostgroup04
|
|
Packit |
8c87ca |
user: testuser03,testuser04
|
|
Packit |
8c87ca |
group: testgroup03,testgroup04
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: not result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure HBAC rule hbacrule01 members are absent again
|
|
Packit |
8cb997 |
ipahbacrule:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
host:
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
hostgroup: testhostgroup03,testhostgroup04
|
|
Packit |
8c87ca |
user: testuser03,testuser04
|
|
Packit |
8c87ca |
group: testgroup03,testgroup04
|
|
Packit |
8c87ca |
hbacsvc: testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
hbacsvcgroup: testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8c87ca |
action: member
|
|
Packit |
8cb997 |
register: result
|
|
Packit |
8cb997 |
failed_when: result.changed
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
# CLEANUP TEST ITEMS
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC rule hbacrule01 is absent
|
|
Packit |
8c87ca |
ipahbacrule:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: hbacrule01
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test hosts are absent
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name:
|
|
Packit |
8c87ca |
- "{{ 'testhost01.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost02.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost03.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
- "{{ 'testhost04.' + ipaserver_domain }}"
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test hostgroups are absent
|
|
Packit |
8c87ca |
ipahostgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhostgroup01,testhostgroup02,testhostgroup03,testhostgroup04
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test users are absent
|
|
Packit |
8cb997 |
ipauser:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testuser01,testuser02,testuser03,testuser04
|
|
Packit |
8cb997 |
state: absent
|
|
Packit |
8cb997 |
|
|
Packit |
8c87ca |
- name: Ensure test user groups are absent
|
|
Packit |
8cb997 |
ipagroup:
|
|
Packit |
8cb997 |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testgroup01,testgroup02,testgroup03,testgroup04
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC Services are absent
|
|
Packit |
8c87ca |
ipahbacsvc:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvc01,testhbacsvc02,testhbacsvc03,testhbacsvc04
|
|
Packit |
8c87ca |
state: absent
|
|
Packit |
8c87ca |
|
|
Packit |
8c87ca |
- name: Ensure test HBAC Service Groups are absent
|
|
Packit |
8c87ca |
ipahbacsvcgroup:
|
|
Packit |
8c87ca |
ipaadmin_password: MyPassword123
|
|
Packit |
8c87ca |
name: testhbacsvcgroup01,testhbacsvcgroup02,testhbacsvcgroup03,testhbacsvcgroup04
|
|
Packit |
8cb997 |
state: absent
|