internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-07 05:43:26 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #772 from t-woerner/fix_new_ansible-lint_findings

Browse Source 
Fix new ansible-lint findings
This commit is contained in:
Rafael Guterres Jeffman
2022-02-14 11:50:25 -03:00
committed by GitHub
parent 1b74cf1692 bc72bbd92e
commit 40d4150590
5 changed files with 88 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
roles/ipaclient/tasks/install.yml
View File

@@ -216,15 +216,18 @@
ipaclient_force_join)
- block:
- fail:
- name: krb5 configuration not correct
fail:
msg: >
The krb5 configuration is not correct, please enable allow_repair
to fix this.
when: not result_ipaclient_test_keytab.krb5_conf_ok
- fail:
- name: IPA test failed
fail:
msg: "The IPA test failed, please enable allow_repair to fix this."
when: not result_ipaclient_test_keytab.ping_test_ok
- fail:
- name: ca.crt file is missing
fail:
msg: >
The ca.crt file is missing, please enable allow_repair to fix this.
when: not result_ipaclient_test_keytab.ca_crt_exists

27
tests/config/test_config.yml
View File

@@ -56,9 +56,9 @@
ipaapi_context: "{{ ipa_context | default(omit) }}"
pac_type: ""
- name: set maxhostname to 255
block:
- ipaconfig:
- block:
- name: set maxhostname to 255
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 255
@@ -221,16 +221,17 @@
register: result
failed_when: result.changed or result.failed
- name: set maxhostname to 77
block:
- ipaconfig:
- block:
- name: set maxhostname to 77
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 77
register: result
failed_when: not result.changed or result.failed
- ipaconfig:
- name: set maxhostname to 77, again
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: 77
@@ -409,9 +410,9 @@
register: result
failed_when: not result.changed or result.failed
- name: reset maxhostname
block:
- ipaconfig:
- block:
- name: reset maxhostname
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: '{{ previousconfig.config.maxhostname | default(omit) }}'
@@ -444,9 +445,9 @@
register: result
failed_when: result.changed or result.failed
- name: reset maxhostname
block:
- ipaconfig:
- block:
- name: reset maxhostname
ipaconfig:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
maxhostname: '{{ previousconfig.config.maxhostname | default(omit) }}'

8
tests/env_freeipa_facts.yml
View File

@@ -15,12 +15,12 @@
- name: Verify if host is an IPA server or client.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
RESULT=$(KRB5CCNAME={{ KRB5CCNAME }} ipa server-show `hostname` && echo SERVER || echo CLIENT)
kdestroy -A -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
RESULT=$(KRB5CCNAME={{ krb5ccname }} ipa server-show `hostname` && echo SERVER || echo CLIENT)
kdestroy -A -c {{ krb5ccname }}
echo $RESULT
vars:
KRB5CCNAME: "__check_ipa_host_is_client_or_server__"
krb5ccname: "__check_ipa_host_is_client_or_server__"
register: output
- name: Set FreeIPA facts.

64
tests/role/test_role_lists_handling.yml
View File

@@ -43,9 +43,9 @@
- name: Verify role privileges.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -57,7 +57,7 @@
and "Group Administrators" in result.stdout
)
vars:
KRB5CCNAME: verify_issue_409
krb5ccname: verify_issue_409
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/409
# Test fix for https://github.com/freeipa/ansible-freeipa/issues/412
@@ -73,9 +73,9 @@
- name: Verify role users.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -83,7 +83,7 @@
and "user02" in result.stdout
)
vars:
KRB5CCNAME: verify_issue_412
krb5ccname: verify_issue_412
- name: Add new group to role.
iparole:
@@ -97,9 +97,9 @@
- name: Verify role group.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -107,7 +107,7 @@
and "group02" in result.stdout
)
vars:
KRB5CCNAME: verify_issue_412
krb5ccname: verify_issue_412
- name: Add new host to role.
iparole:
@@ -121,9 +121,9 @@
- name: Verify role hosts.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -131,7 +131,7 @@
and host2 in result.stdout
)
vars:
KRB5CCNAME: verify_issue_412
krb5ccname: verify_issue_412
host1: " {{ host1_fqdn }}"
host2: " {{ host2_fqdn }}"
@@ -147,9 +147,9 @@
- name: Verify role hostgroups.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -157,7 +157,7 @@
and " hostgroup02" in result.stdout
)
vars:
KRB5CCNAME: verify_issue_412
krb5ccname: verify_issue_412
- name: Add new service to role.
iparole:
@@ -171,9 +171,9 @@
- name: Verify role services.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -181,7 +181,7 @@
and service1 in result.stdout
)
vars:
KRB5CCNAME: verify_issue_412
krb5ccname: verify_issue_412
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/412
@@ -199,9 +199,9 @@
- name: Verify role services.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -210,7 +210,7 @@
and "user03" in result.stdout
)
vars:
KRB5CCNAME: verify_issue_413
krb5ccname: verify_issue_413
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
@@ -227,9 +227,9 @@
- name: Verify role services.
shell:
cmd: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa role-show testrole
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa role-show testrole
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: |
result.failed or not (
@@ -238,7 +238,7 @@
and "user03" not in result.stdout
)
vars:
KRB5CCNAME: verify_issue_413
krb5ccname: verify_issue_413
service1: "service01/{{ host1_fqdn }}"
service2: "service02/{{ host2_fqdn }}"
# End of test fix for https://github.com/freeipa/ansible-freeipa/issues/413

64
tests/vault/test_vault_change_type.yml
View File

@@ -43,14 +43,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_asymmetric
krb5ccname: verify_change_from_asymmetric
- block:
- name: Change from symmetric to standard
@@ -64,14 +64,14 @@
- name: Verify salt is not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_symmetric
krb5ccname: verify_change_from_symmetric
- name: Change from standard to symmetric
ipavault:
@@ -95,14 +95,14 @@
- name: Verify salt is not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_symmetric
krb5ccname: verify_change_from_symmetric
- block:
- name: Change from asymmetric to standard
@@ -116,14 +116,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_asymmetric
krb5ccname: verify_change_from_asymmetric
- name: Ensure test_vault is absent.
ipavault:
@@ -169,14 +169,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_asymmetric
krb5ccname: verify_change_from_asymmetric
- name: Retrieve data from symmetric vault.
ipavault:
@@ -199,14 +199,14 @@
- name: Verify salt is not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_symmetric
krb5ccname: verify_change_from_symmetric
- name: Retrieve data from standard vault.
ipavault:
@@ -247,14 +247,14 @@
- name: Verify salt is not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Salt:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_symmetric
krb5ccname: verify_change_from_symmetric
- name: Retrieve data from asymmetric vault.
ipavault:
@@ -277,14 +277,14 @@
- name: Verify assymetric-only fields are not present.
shell: |
echo SomeADMINpassword | kinit -c {{ KRB5CCNAME }} admin
KRB5CCNAME={{ KRB5CCNAME }} ipa vault-show test_vault
kdestroy -A -q -c {{ KRB5CCNAME }}
echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
KRB5CCNAME={{ krb5ccname }} ipa vault-show test_vault
kdestroy -A -q -c {{ krb5ccname }}
register: result
failed_when: result.failed or "Public Key:" in result.stdout
vars:
KRB5CCNAME: verify_change_from_asymmetric
krb5ccname: verify_change_from_asymmetric
- name: Retrieve data from standard vault.
ipavault: