--- - name: Tests hosts: ipaserver become: true gather_facts: false tasks: - name: Ensure hostgroup is present, with a host. ipahostgroup: ipaadmin_password: MyPassword123 name: cluster host: - "{{ groups.ipaserver[0] }}" - name: Ensure some sudocmds are available ipasudocmd: ipaadmin_password: pass1234 name: - /sbin/ifconfig - /usr/bin/vim state: present - name: Ensure sudorules are absent ipasudorule: ipaadmin_password: pass1234 name: - testrule1 - allusers - allhosts - allcommands state: absent - name: Ensure sudorule is present ipasudorule: ipaadmin_password: pass1234 name: testrule1 register: result failed_when: not result.changed - name: Ensure sudorule is present again ipasudorule: ipaadmin_password: pass1234 name: testrule1 register: result failed_when: result.changed - name: Ensure sudorule is present, runAsUserCategory. ipasudorule: ipaadmin_password: pass1234 name: testrule1 runAsUserCategory: all register: result failed_when: result.changed - name: Ensure sudorule is present, with usercategory 'all' ipasudorule: ipaadmin_password: pass1234 name: allusers usercategory: all register: result failed_when: not result.changed - name: Ensure sudorule is present, with usercategory 'all', again ipasudorule: ipaadmin_password: pass1234 name: allusers usercategory: all register: result failed_when: result.changed - name: Ensure sudorule is present, with hostategory 'all' ipasudorule: ipaadmin_password: pass1234 name: allhosts hostcategory: all register: result failed_when: not result.changed - name: Ensure sudorule is present, with hostategory 'all', again ipasudorule: ipaadmin_password: pass1234 name: allhosts hostcategory: all register: result failed_when: result.changed - name: Ensure sudorule is disabled ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: disabled - name: Ensure sudorule is disabled, again ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: disabled register: result failed_when: result.changed - name: Ensure sudorule is enabled ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: enabled register: result failed_when: not result.changed - name: Ensure sudorule is enabled, again ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: enabled register: result failed_when: result.changed - name: Ensure sudorule is present and some sudocmd are a member of it. ipasudorule: ipaadmin_password: pass1234 name: testrule1 cmd: - /sbin/ifconfig - /usr/bin/vim action: member register: result failed_when: not result.changed - name: Ensure sudorule is present and some sudocmd are a member of it, again. ipasudorule: ipaadmin_password: pass1234 name: testrule1 cmd: - /sbin/ifconfig - /usr/bin/vim action: member register: result failed_when: result.changed - name: Ensure sudorule is present with cmdcategory 'all'. ipasudorule: ipaadmin_password: pass1234 name: allcommands cmdcategory: all register: result failed_when: not result.changed - name: Ensure sudorule is present with cmdcategory 'all', again. ipasudorule: ipaadmin_password: pass1234 name: allcommands cmdcategory: all register: result failed_when: result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is present in sudorule. ipasudorule: ipaadmin_password: pass1234 name: testrule1 host: "{{ groups.ipaserver[0] }}" action: member register: result failed_when: not result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is present in sudorule, again. ipasudorule: ipaadmin_password: pass1234 name: testrule1 host: "{{ groups.ipaserver[0] }}" action: member register: result failed_when: result.changed - name: Ensure hostgroup is present in sudorule. ipasudorule: ipaadmin_password: MyPassword123 name: testrule1 hostgroup: cluster action: member register: result failed_when: not result.changed - name: Ensure hostgroup is present in sudorule, again. ipasudorule: ipaadmin_password: MyPassword123 name: testrule1 hostgroup: cluster action: member register: result failed_when: result.changed - name: Ensure sudorule sudocmds are absent ipasudorule: ipaadmin_password: pass1234 name: testrule1 cmd: - /sbin/ifconfig - /usr/bin/vim action: member state: absent register: result failed_when: not result.changed - name: Ensure sudorule sudocmds are absent, again ipasudorule: ipaadmin_password: pass1234 name: testrule1 cmd: - /sbin/ifconfig - /usr/bin/vim action: member state: absent register: result failed_when: result.changed - name: Ensure sudorule is absent ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: absent register: result failed_when: not result.changed - name: Ensure sudorule is absent, again. ipasudorule: ipaadmin_password: pass1234 name: testrule1 state: absent register: result failed_when: result.changed - name: Ensure sudorule allhosts is absent ipasudorule: ipaadmin_password: pass1234 name: allhosts state: absent register: result failed_when: not result.changed - name: Ensure sudorule allhosts is absent, again ipasudorule: ipaadmin_password: pass1234 name: allhosts state: absent register: result failed_when: result.changed - name: Ensure sudorule allusers is absent ipasudorule: ipaadmin_password: pass1234 name: allusers state: absent register: result failed_when: not result.changed - name: Ensure sudorule allusers is absent, again ipasudorule: ipaadmin_password: pass1234 name: allusers state: absent register: result failed_when: result.changed - name: Ensure sudorule allcommands is absent ipasudorule: ipaadmin_password: pass1234 name: allcommands state: absent register: result failed_when: not result.changed - name: Ensure sudorule allcommands is absent, again ipasudorule: ipaadmin_password: pass1234 name: allcommands state: absent register: result failed_when: result.changed