source-git / ansible-freeipa

Clone
Source Code
GIT

Files

  1.   0a38efd457474926da4dac208add6a3038dfb621
  2.   tests
  3.   vault
  4.   tasks_vault_members.yml
Blob Blame History Raw 
---
# Tasks to test member management for Vault module.
  - name: Setup testing environment.
    import_tasks: env_setup.yml

  - name: Ensure vault is present
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      vault_type: "{{vault.vault_type}}"
    register: result
    failed_when: not result.changed
    when: vault.vault_type == 'standard'

  - name: Ensure vault is present
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      vault_password: SomeVAULTpassword
      vault_type: "{{vault.vault_type}}"
    register: result
    failed_when: not result.changed
    when: vault.vault_type == 'symmetric'

  - name: Ensure vault is present
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      vault_type: "{{vault.vault_type}}"
      public_key: "{{lookup('file', 'private.pem') | b64encode}}"
    register: result
    failed_when: not result.changed
    when: vault.vault_type == 'asymmetric'

  - name: Ensure vault member user is present.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - user02
    register: result
    failed_when: not result.changed

  - name: Ensure vault member user is present, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - user02
    register: result
    failed_when: result.changed

  - name: Ensure more vault member users are present.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - admin
      - user02
    register: result
    failed_when: not result.changed

  - name: Ensure vault member user is still present.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - user02
    register: result
    failed_when: result.changed

  - name: Ensure vault users are absent.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - admin
      - user02
      state: absent
    register: result
    failed_when: not result.changed

  - name: Ensure vault users are absent, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - admin
      - user02
      state: absent
    register: result
    failed_when: result.changed

  - name: Ensure vault user is absent, once more.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      users:
      - admin
      state: absent
    register: result
    failed_when: result.changed

  - name: Ensure vault member group is present.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      groups: vaultgroup
    register: result
    failed_when: not result.changed

  - name: Ensure vault member group is present, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      groups: vaultgroup
    register: result
    failed_when: result.changed

  - name: Ensure vault member group is absent.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      groups: vaultgroup
      state: absent
    register: result
    failed_when: not result.changed

  - name: Ensure vault member group is absent, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      groups: vaultgroup
      state: absent
    register: result
    failed_when: result.changed

  - name: Ensure vault member service is present.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      services: "HTTP/{{ groups.ipaserver[0] }}"
    register: result
    failed_when: not result.changed

  - name: Ensure vault member service is present, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      services: "HTTP/{{ groups.ipaserver[0] }}"
    register: result
    failed_when: result.changed

  - name: Ensure vault member service is absent.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      services: "HTTP/{{ groups.ipaserver[0] }}"
      state: absent
    register: result
    failed_when: not result.changed

  - name: Ensure vault member service is absent, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      action: member
      services: "HTTP/{{ groups.ipaserver[0] }}"
      state: absent
    register: result
    failed_when: result.changed

  - name: Ensure user03 is an owner of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      owners: user03
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure user03 is an owner of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      owners: user03
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure user03 is not owner of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      owners: user03
      state: absent
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure user03 is not owner of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      owners: user03
      state: absent
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure vaultgroup is an ownergroup of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownergroups: vaultgroup
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure vaultgroup is an ownergroup of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownergroups: vaultgroup
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure vaultgroup is not ownergroup of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownergroups: vaultgroup
      state: absent
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure vaultgroup is not ownergroup of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownergroups: vaultgroup
      state: absent
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure service is an owner of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure service is an owner of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure service is not owner of vault.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
      state: absent
      action: member
    register: result
    failed_when: not result.changed

  - name: Ensure service is not owner of vault, again.
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
      state: absent
      action: member
    register: result
    failed_when: result.changed

  - name: Ensure {{vault.vault_type}} vault is absent
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      state: absent
    register: result
    failed_when: not result.changed

  - name: Ensure {{vault.vault_type}} vault is absent, again
    ipavault:
      ipaadmin_password: SomeADMINpassword
      name: "{{vault.name}}"
      state: absent
    register: result
    failed_when: result.changed

  - name: Cleanup testing environment.
    import_tasks: env_cleanup.yml

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation