internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

Use ansible_facts variable

Browse Source 
Without this change the "Import variables specific to distribution"
tasks fail with "Could not find file on the Ansible Controller..."
on environments with inject facts disabled.

This changes the tests to run with ansible with
inject_facts_as_vars = false and fixes other roles and playbooks.
This commit is contained in:
Grzegorz Grasza
2021-03-15 14:22:13 +01:00
parent 3c666ccdaa
commit 7a23531047
42 changed files with 119 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
playbooks/vault/vault-is-present-with-password-file.yml
View File

@@ -7,7 +7,7 @@
tasks:
- copy:
src: "{{ playbook_dir }}/password.txt"
dest: "{{ ansible_env.HOME }}/password.txt"
dest: "{{ ansible_facts['env'].HOME }}/password.txt"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: 0600
@@ -16,7 +16,7 @@
name: symvault
username: admin
vault_type: symmetric
vault_password_file: "{{ ansible_env.HOME }}/password.txt"
vault_password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
- file:
path: "{{ ansible_env.HOME }}/password.txt"
path: "{{ ansible_facts['env'].HOME }}/password.txt"
state: absent

6
playbooks/vault/vault-is-present-with-public-key-file.yml
View File

@@ -12,7 +12,7 @@
tasks:
- copy:
src: "{{ playbook_dir }}/public.pem"
dest: "{{ ansible_env.HOME }}/public.pem"
dest: "{{ ansible_facts['env'].HOME }}/public.pem"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: 0600
@@ -21,7 +21,7 @@
name: asymvault
username: admin
vault_type: asymmetric
vault_public_key_file: "{{ ansible_env.HOME }}/public.pem"
vault_public_key_file: "{{ ansible_facts['env'].HOME }}/public.pem"
- file:
path: "{{ ansible_env.HOME }}/public.pem"
path: "{{ ansible_facts['env'].HOME }}/public.pem"
state: absent

2
roles/ipabackup/tasks/copy_backup_from_server.yml
View File

@@ -10,7 +10,7 @@
set_fact:
ipabackup_controller_dir:
"{{ ipabackup_controller_path | default(lookup('env','PWD')) }}/{{
ipabackup_name_prefix | default(ansible_fqdn) }}_{{
ipabackup_name_prefix | default(ansible_facts['fqdn']) }}_{{
ipabackup_item }}/"
- name: Stat backup on server

6
roles/ipabackup/tasks/restore.yml
View File

@@ -6,9 +6,9 @@
- name: Import variables specific to distribution
include_vars: "{{ item }}"
with_first_found:
- "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
- "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}.yml"
- "{{ role_path }}/vars/default.yml"
### GET SERVICES FROM BACKUP

2
roles/ipaclient/tasks/install.yml
View File

@@ -33,7 +33,7 @@
domain: "{{ ipaserver_domain | default(ipaclient_domain) | default(omit) }}"
servers: "{{ ipaclient_servers | default(omit) }}"
realm: "{{ ipaserver_realm | default(ipaclient_realm) | default(omit) }}"
hostname: "{{ ipaclient_hostname | default(ansible_fqdn) }}"
hostname: "{{ ipaclient_hostname | default(ansible_facts['fqdn']) }}"
ntp_servers: "{{ ipaclient_ntp_servers | default(omit) }}"
ntp_pool: "{{ ipaclient_ntp_pool | default(omit) }}"
no_ntp: "{{ ipaclient_no_ntp }}"

6
roles/ipaclient/tasks/main.yml
View File

@@ -4,9 +4,9 @@
- name: Import variables specific to distribution
include_vars: "{{ item }}"
with_first_found:
- "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
- "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
- "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}.yml"
- "{{ role_path }}/vars/default.yml"
- name: Install IPA client

2
roles/ipareplica/tasks/install.yml
View File

@@ -72,7 +72,7 @@
default(omit) }}"
servers: "{{ ipareplica_servers | default(omit) }}"
realm: "{{ ipareplica_realm | default(ipaserver_realm) |default(omit) }}"
hostname: "{{ ipareplica_hostname | default(ansible_fqdn) }}"
hostname: "{{ ipareplica_hostname | default(ansible_facts['fqdn']) }}"
ca_cert_files: "{{ ipareplica_ca_cert_files | default([]) }}"
hidden_replica: "{{ ipareplica_hidden_replica }}"
skip_mem_check: "{{ not ipareplica_mem_check }}"

6
roles/ipareplica/tasks/main.yml
View File

@@ -4,9 +4,9 @@
- name: Import variables specific to distribution
include_vars: "{{ item }}"
with_first_found:
- "vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
- "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "vars/{{ ansible_distribution }}.yml"
- "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
- "vars/{{ ansible_facts['distribution'] }}.yml"
- "vars/default.yml"
- name: Install IPA replica

2
roles/ipareplica/tasks/uninstall.yml
View File

@@ -25,7 +25,7 @@
# command: >
# /usr/sbin/ipa-replica-manage
# del
# {{ ipareplica_hostname | default(ansible_fqdn) }}
# {{ ipareplica_hostname | default(ansible_facts['fqdn']) }}
# --force
# --password={{ ipadm_password }}
# failed_when: False

2
roles/ipaserver/tasks/install.yml
View File

@@ -65,7 +65,7 @@
master_password: "{{ ipaserver_master_password | default(omit) }}"
domain: "{{ ipaserver_domain | default(omit) }}"
realm: "{{ ipaserver_realm | default(omit) }}"
hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
hostname: "{{ ipaserver_hostname | default(ansible_facts['fqdn']) }}"
ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
no_host_dns: "{{ ipaserver_no_host_dns }}"
pki_config_override: "{{ ipaserver_pki_config_override | default(omit) }}"

6
roles/ipaserver/tasks/main.yml
View File

@@ -4,9 +4,9 @@
- name: Import variables specific to distribution
include_vars: "{{ item }}"
with_first_found:
- "vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
- "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "vars/{{ ansible_distribution }}.yml"
- "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
- "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
- "vars/{{ ansible_facts['distribution'] }}.yml"
- "vars/default.yml"
- name: Install IPA server

1
tests/ansible.cfg
View File

@@ -3,3 +3,4 @@ roles_path = ../roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/rol
library = ../plugins/modules:~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
module_utils = ../plugins/module_utils:~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
host_key_checking = false
inject_facts_as_vars = false

4
tests/dnsrecord/env_vars.yml
View File

@@ -2,9 +2,9 @@
# Set common vars and facts for test.
- name: Set IPv4 address prefix.
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
join('.') }}"
ipv4_reverse_sufix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_reverse_sufix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
reverse |
join('.') }}"

2
tests/dnsrecord/test_dnsrecord.yml
View File

@@ -564,7 +564,7 @@
ipaadmin_password: SomeADMINpassword
name: iron01
zone_name: "{{ safezone }}"
ip_address: "{{ ansible_default_ipv4.address }}"
ip_address: "{{ ansible_facts['default_ipv4'].address }}"
register: result
failed_when: not result.changed

2
tests/hbacrule/test_hbacrule.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
# CLEANUP TEST ITEMS

2
tests/host/certificate/test_host_certificate.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Generate self-signed certificates.

2
tests/host/certificate/test_hosts_certificate.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Host test absent

4
tests/host/test_host.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host6_fqdn
@@ -33,7 +33,7 @@
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
join('.') }}"
- name: Host "{{ host1_fqdn }}" present

4
tests/host/test_host_allow_create_keytab.yml
View File

@@ -6,12 +6,12 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get Realm from server name
set_fact:
ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
when: ipaserver_realm is not defined
- name: Set host1_fqdn .. host3_fqdn

4
tests/host/test_host_allow_retrieve_keytab.yml
View File

@@ -6,12 +6,12 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get Realm from server name
set_fact:
ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
when: ipaserver_realm is not defined
- name: Set host1_fqdn .. host3_fqdn

2
tests/host/test_host_bool_params.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host6_fqdn

4
tests/host/test_host_ipaddresses.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host6_fqdn
@@ -17,7 +17,7 @@
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
join('.') }}"
- name: Host absent

18
tests/host/test_host_managedby_host.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host2_fqdn
@@ -55,39 +55,39 @@
register: result
failed_when: result.changed
- name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}"
- name: Host "{{ host1_fqdn }}" managed by "{{ ansible_facts['fqdn'] }}"
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ host1_fqdn }}"
managedby_host: "{{ ansible_fqdn }}"
managedby_host: "{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: not result.changed
- name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}" again
- name: Host "{{ host1_fqdn }}" managed by "{{ ansible_facts['fqdn'] }}" again
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ host1_fqdn }}"
managedby_host: "{{ ansible_fqdn }}"
managedby_host: "{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: result.changed
- name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}"
- name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_facts['fqdn'] }}"
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ host1_fqdn }}"
managedby_host: "{{ ansible_fqdn }}"
managedby_host: "{{ ansible_facts['fqdn'] }}"
action: member
state: absent
register: result
failed_when: not result.changed
- name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}" again
- name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_facts['fqdn'] }}" again
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ host1_fqdn }}"
managedby_host: "{{ ansible_fqdn }}"
managedby_host: "{{ ansible_facts['fqdn'] }}"
action: member
state: absent
register: result

4
tests/host/test_host_principal.yml
View File

@@ -6,12 +6,12 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get Realm from server name
set_fact:
ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
when: ipaserver_realm is not defined
- name: Set host1_fqdn

8
tests/host/test_host_random.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn and host2_fqdn
@@ -77,11 +77,11 @@
debug:
var: ipahost.host["{{host2_fqdn }}"].randompassword
- name: Enrolled host "{{ ansible_fqdn }}" fails to set random password with update_password always
- name: Enrolled host "{{ ansible_facts['fqdn'] }}" fails to set random password with update_password always
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ ansible_fqdn }}"
- name: "{{ ansible_facts['fqdn'] }}"
random: yes
update_password: always
register: ipahost
@@ -89,7 +89,7 @@
- assert:
that:
- ipahost.host["{{ ansible_fqdn }}"].randompassword is
- ipahost.host["{{ ansible_facts['fqdn'] }}"].randompassword is
not defined
- "'Password cannot be set on enrolled host' in ipahost.msg"

4
tests/host/test_host_reverse.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn
@@ -23,7 +23,7 @@
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
join('.') }}"
- name: Set zone prefixes.

2
tests/host/test_hosts.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host6_fqdn

2
tests/host/test_hosts_managedby_host.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1_fqdn .. host5_fqdn

4
tests/host/test_hosts_principal.yml
View File

@@ -6,12 +6,12 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get Realm from server name
set_fact:
ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
when: ipaserver_realm is not defined
- name: Set host1_fqdn .. host2_fqdn

2
tests/hostgroup/test_hostgroup.yml
View File

@@ -7,7 +7,7 @@
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Ensure host-group databases, mysql-server and oracle-server are absent

2
tests/role/env_facts.yml
View File

@@ -1,7 +1,7 @@
---
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set fact for realm name

4
tests/service/certificate/test_service_certificate.yml
View File

@@ -29,12 +29,12 @@
# setup
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
join('.') }}"
- name: Set test host FQDN

4
tests/service/env_vars.yml
View File

@@ -1,7 +1,7 @@
---
- name: Get Domain from server name
set_fact:
test_domain: "{{ ansible_fqdn.split('.')[1:] | join('.') }}"
test_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join('.') }}"
- name: Set host1, host2 and svc hosts fqdn
set_fact:
@@ -12,4 +12,4 @@
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] | join('.') }}"
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] | join('.') }}"

24
tests/service/test_service_disable.yml
View File

@@ -19,13 +19,13 @@
- name: Ensure service is absent
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
state: absent
- name: Ensure service is present
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
certificate:
- MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
force: no
@@ -33,51 +33,51 @@
failed_when: not result.changed
- name: Obtain keytab
shell: ipa-getkeytab -s "{{ ansible_fqdn }}" -p "mysvc1/{{ ansible_fqdn }}" -k mysvc1.keytab
shell: ipa-getkeytab -s "{{ ansible_facts['fqdn'] }}" -p "mysvc1/{{ ansible_facts['fqdn'] }}" -k mysvc1.keytab
- name: Verify keytab
shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
- name: Ensure service is disabled
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
state: disabled
register: result
failed_when: not result.changed
- name: Verify keytab
shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
- name: Obtain keytab
shell: ipa-getkeytab -s "{{ ansible_fqdn }}" -p "mysvc1/{{ ansible_fqdn }}" -k mysvc1.keytab
shell: ipa-getkeytab -s "{{ ansible_facts['fqdn'] }}" -p "mysvc1/{{ ansible_facts['fqdn'] }}" -k mysvc1.keytab
- name: Verify keytab
shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
- name: Ensure service is disabled
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
state: disabled
register: result
failed_when: not result.changed
- name: Verify keytab
shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
- name: Ensure service is disabled, with no keytab.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
state: disabled
register: result
failed_when: result.changed
@@ -85,7 +85,7 @@
- name: Ensure service is absent
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
name: "mysvc1/{{ ansible_facts['fqdn'] }}"
- name: Destroy Kerberos tickets.
shell: kdestroy -A -q -c ${KRB5CCNAME}

10
tests/sudorule/test_sudorule.yml
View File

@@ -43,7 +43,7 @@
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: cluster
host: "{{ ansible_fqdn }}"
host: "{{ ansible_facts['fqdn'] }}"
- name: Ensure some sudocmds are available
ipasudocmd:
@@ -500,20 +500,20 @@
register: result
failed_when: result.changed
- name: Ensure host "{{ ansible_fqdn }}" is present in sudorule.
- name: Ensure host "{{ ansible_facts['fqdn'] }}" is present in sudorule.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: testrule1
host: "{{ ansible_fqdn }}"
host: "{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: not result.changed
- name: Ensure host "{{ ansible_fqdn }}" is present in sudorule, again.
- name: Ensure host "{{ ansible_facts['fqdn'] }}" is present in sudorule, again.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: testrule1
host: "{{ ansible_fqdn }}"
host: "{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: result.changed

2
tests/sudorule/test_sudorule_categories.yml
View File

@@ -7,7 +7,7 @@
tasks:
- name: Get Domain from the server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
- name: Ensure sudorules are absent
ipasudorule:

2
tests/vault/env_cleanup.yml
View File

@@ -40,7 +40,7 @@
- name: Remove files from target host.
file:
path: "{{ ansible_env.HOME }}/{{ item }}"
path: "{{ ansible_facts['env'].HOME }}/{{ item }}"
state: absent
with_items:
- A_private.pem

2
tests/vault/env_setup.yml
View File

@@ -19,7 +19,7 @@
- name: Copy files to target host.
copy:
src: "{{ playbook_dir }}/{{ item }}"
dest: "{{ ansible_env.HOME }}/{{ item }}"
dest: "{{ ansible_facts['env'].HOME }}/{{ item }}"
with_items:
- A_private.pem
- A_public.pem

16
tests/vault/tasks_vault_members.yml
View File

@@ -151,7 +151,7 @@
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_fqdn }}"
services: "HTTP/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: not result.changed
@@ -160,7 +160,7 @@
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_fqdn }}"
services: "HTTP/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.changed
@@ -169,7 +169,7 @@
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_fqdn }}"
services: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
register: result
failed_when: not result.changed
@@ -179,7 +179,7 @@
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_fqdn }}"
services: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
register: result
failed_when: result.changed
@@ -264,7 +264,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_fqdn }}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: not result.changed
@@ -273,7 +273,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_fqdn }}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: result.changed
@@ -282,7 +282,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_fqdn }}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
action: member
register: result
@@ -292,7 +292,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_fqdn }}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
action: member
register: result

26
tests/vault/test_vault_asymmetric.yml
View File

@@ -68,7 +68,7 @@
ipaadmin_password: SomeADMINpassword
name: asymvault
vault_type: asymmetric
public_key_file: "{{ ansible_env.HOME }}/A_public.pem"
public_key_file: "{{ ansible_facts['env'].HOME }}/A_public.pem"
private_key: "{{ lookup('file', 'B_private.b64') }}"
register: result
failed_when: result.failed or not result.changed
@@ -77,7 +77,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
state: retrieved
register: result
failed_when: result.failed or result.changed or result.vault.data != 'SomeValue'
@@ -87,8 +87,8 @@
ipaadmin_password: SomeADMINpassword
name: asymvault
vault_type: asymmetric
public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
register: result
failed_when: result.failed or not result.changed
@@ -115,8 +115,8 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
register: result
failed_when: result.failed or not result.changed
@@ -154,11 +154,11 @@
register: result
failed_when: result.vault.data != 'Hello World.' or result.changed
- name: Retrieve data from asymmetric vault into file {{ ansible_env.HOME }}/data.txt.
- name: Retrieve data from asymmetric vault into file {{ ansible_facts['env'].HOME }}/data.txt.
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
out: "{{ ansible_env.HOME }}/data.txt"
out: "{{ ansible_facts['env'].HOME }}/data.txt"
private_key: "{{ lookup('file', 'B_private.b64') }}"
state: retrieved
register: result
@@ -166,7 +166,7 @@
- name: Verify retrieved data.
slurp:
src: "{{ ansible_env.HOME }}/data.txt"
src: "{{ ansible_facts['env'].HOME }}/data.txt"
register: slurpfile
failed_when: slurpfile['content'] | b64decode != 'Hello World.'
@@ -192,7 +192,7 @@
ipaadmin_password: SomeADMINpassword
name: asymvault
vault_type: asymmetric
in: "{{ ansible_env.HOME }}/in.txt"
in: "{{ ansible_facts['env'].HOME }}/in.txt"
register: result
failed_when: not result.changed
@@ -242,7 +242,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
vault_type: asymmetric
register: result
failed_when: not result.changed
@@ -251,7 +251,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
vault_type: asymmetric
register: result
failed_when: result.changed
@@ -277,7 +277,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: asymvault
private_key_file: "{{ ansible_env.HOME }}/B_private.pem"
private_key_file: "{{ ansible_facts['env'].HOME }}/B_private.pem"
state: retrieved
register: result
failed_when: result.vault.data != 'Hello World.' or result.changed

8
tests/vault/test_vault_standard.yml
View File

@@ -57,18 +57,18 @@
register: result
failed_when: result.vault.data != 'Hello World.' or result.changed
- name: Retrieve data from standard vault into file {{ ansible_env.HOME }}/data.txt.
- name: Retrieve data from standard vault into file {{ ansible_facts['env'].HOME }}/data.txt.
ipavault:
ipaadmin_password: SomeADMINpassword
name: stdvault
out: "{{ ansible_env.HOME }}/data.txt"
out: "{{ ansible_facts['env'].HOME }}/data.txt"
state: retrieved
register: result
failed_when: result.changed or result.failed or (result.vault.data | default(false))
- name: Verify retrieved data.
slurp:
src: "{{ ansible_env.HOME }}/data.txt"
src: "{{ ansible_facts['env'].HOME }}/data.txt"
register: slurpfile
failed_when: slurpfile['content'] | b64decode != 'Hello World.'
@@ -93,7 +93,7 @@
ipaadmin_password: SomeADMINpassword
name: stdvault
vault_type: standard
in: "{{ ansible_env.HOME }}/in.txt"
in: "{{ ansible_facts['env'].HOME }}/in.txt"
register: result
failed_when: not result.changed

16
tests/vault/test_vault_symmetric.yml
View File

@@ -63,19 +63,19 @@
register: result
failed_when: result.changed or result.failed or result.vault.data != 'Hello World.'
- name: Retrieve data from symmetric vault into file {{ ansible_env.HOME }}/data.txt.
- name: Retrieve data from symmetric vault into file {{ ansible_facts['env'].HOME }}/data.txt.
ipavault:
ipaadmin_password: SomeADMINpassword
name: symvault
password: SomeVAULTpassword
out: "{{ ansible_env.HOME }}/data.txt"
out: "{{ ansible_facts['env'].HOME }}/data.txt"
state: retrieved
register: result
failed_when: result.changed or result.failed or (result.vault.data | default(false))
- name: Verify retrieved data.
slurp:
src: "{{ ansible_env.HOME }}/data.txt"
src: "{{ ansible_facts['env'].HOME }}/data.txt"
register: slurpfile
failed_when: slurpfile['content'] | b64decode != 'Hello World.'
@@ -101,7 +101,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: symvault
in: "{{ ansible_env.HOME }}/in.txt"
in: "{{ ansible_facts['env'].HOME }}/in.txt"
password: SomeVAULTpassword
register: result
failed_when: result.failed or not result.changed
@@ -154,7 +154,7 @@
ipaadmin_password: SomeADMINpassword
name: symvault
username: user01
password_file: "{{ ansible_env.HOME }}/password.txt"
password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
vault_type: symmetric
register: result
failed_when: result.failed or not result.changed
@@ -164,7 +164,7 @@
ipaadmin_password: SomeADMINpassword
name: symvault
username: user01
password_file: "{{ ansible_env.HOME }}/password.txt"
password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
vault_type: symmetric
register: result
failed_when: result.failed or result.changed
@@ -191,7 +191,7 @@
ipavault:
ipaadmin_password: SomeADMINpassword
name: symvault
password_file: "{{ ansible_env.HOME }}/password.txt"
password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
state: retrieved
register: result
failed_when: result.failed or result.changed or result.vault.data != 'Hello World.'
@@ -328,7 +328,7 @@
ipaadmin_password: SomeADMINpassword
name: symvault
password: APasswordToChange
new_password_file: "{{ ansible_env.HOME }}/password.txt"
new_password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
vault_type: symmetric
register: result
failed_when: not result.changed or result.failed