internet/ansible-collections-openstack
3
0
Fork 0
mirror of https://opendev.org/openstack/ansible-collections-openstack.git synced 2026-05-06 13:23:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
experimental
ansible-collections-openstack/ci/roles/role_assignment/tasks/main.yml
Jakob Meng d5ab2bf33f Refactored {group,role}_assignment modules 
Change-Id: I6ec79eb203d0f68661b54bc89a194c366b3574c6
2023-01-26 13:36:30 +01:00

174 lines
4.0 KiB
YAML
Raw Permalink Blame History

---
- name: Create project
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: dummy description
domain: default
is_enabled: True
- name: Grant an admin role on the user admin in the project ansible_project
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
domain: default
project: ansible_project
role: admin
user: admin
register: role_assignment
- name: Assert role assignment
assert:
that:
- role_assignment is changed
- name: Grant an admin role on the user admin in the project ansible_project again
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
domain: default
project: ansible_project
role: admin
user: admin
register: role_assignment
- name: Ensure grant again did not change anything
assert:
that:
- role_assignment is not changed
- name: Revoke the admin role on the user admin in the project ansible_project
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
domain: default
project: ansible_project
role: admin
state: absent
user: admin
- name: Delete project
openstack.cloud.project:
cloud: "{{ cloud }}"
state: absent
name: ansible_project
- name: Create domain
openstack.cloud.identity_domain:
cloud: "{{ cloud }}"
state: present
name: ansible_domain
register: domain
- name: Create group in default domain
openstack.cloud.identity_group:
cloud: "{{ cloud }}"
state: present
name: ansible_group
domain_id: default
- name: Create group in specific domain
openstack.cloud.identity_group:
cloud: "{{ cloud }}"
state: present
name: ansible_group
domain_id: "{{ domain.domain.id }}"
- name: Create user in default domain
openstack.cloud.identity_user:
cloud: "{{ cloud }}"
state: present
name: ansible_user
domain: default
- name: Create user in specific domain
openstack.cloud.identity_user:
cloud: "{{ cloud }}"
state: present
name: ansible_user
domain: "{{ domain.domain.id }}"
- name: Assign role to group in default domain
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
role: anotherrole
group: ansible_group
domain: default
register: role_assignment
- name: Assert role assignment
assert:
that:
- role_assignment is changed
- name: Assign role to group in specific domain
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
role: anotherrole
group: ansible_group
domain: "{{ domain.domain.id }}"
register: role_assignment
- name: Assert role assignment
assert:
that:
- role_assignment is changed
- name: Assign role to user in default domain
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
role: anotherrole
user: ansible_user
domain: default
register: role_assignment
- name: Assert role assignment
assert:
that:
- role_assignment is changed
- name: Assign role to user in specific domain
openstack.cloud.role_assignment:
cloud: "{{ cloud }}"
role: anotherrole
user: ansible_user
domain: "{{ domain.domain.id }}"
register: role_assignment
- name: Assert role assignment
assert:
that:
- role_assignment is changed
- name: Delete group in default domain
openstack.cloud.identity_group:
cloud: "{{ cloud }}"
state: absent
name: ansible_group
domain_id: default
- name: Delete group in specific domain
openstack.cloud.identity_group:
cloud: "{{ cloud }}"
state: absent
name: ansible_group
domain_id: "{{ domain.domain.id }}"
- name: Delete user in default domain
openstack.cloud.identity_user:
cloud: "{{ cloud }}"
state: absent
name: ansible_user
domain: default
- name: Delete user in specific domain
openstack.cloud.identity_user:
cloud: "{{ cloud }}"
state: absent
name: ansible_user
domain: "{{ domain.domain.id }}"
- name: Delete domain
openstack.cloud.identity_domain:
cloud: "{{ cloud }}"
state: absent
name: ansible_domain
Reference in New Issue View Git Blame Copy Permalink