internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-07 13:53:23 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #345 from rjeffman/fix_ipaservice_allow_create_keytab_host

Browse Source 
Fix `allow_create_keytab_host` in service module.
This commit is contained in:
Sergio Oliveira
2020-08-17 13:16:19 -03:00
committed by GitHub
parent f013f98a0f 3ab575bcac
commit 9a3f08b6c9
7 changed files with 563 additions and 306 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/modules/ipaservice.py
View File

@@ -460,7 +460,7 @@ def main():
allow_retrieve_keytab_group = module_params_get(
ansible_module, "allow_retrieve_keytab_group")
allow_retrieve_keytab_host = module_params_get(
ansible_module, "allow_create_keytab_host")
ansible_module, "allow_retrieve_keytab_host")
allow_retrieve_keytab_hostgroup = module_params_get(
ansible_module, "allow_retrieve_keytab_hostgroup")
delete_continue = module_params_get(ansible_module, "delete_continue")
@@ -727,7 +727,7 @@ def main():
# Allow retrieve keytab
if len(allow_retrieve_keytab_user_add) > 0 or \
len(allow_retrieve_keytab_group_add) > 0 or \
len(allow_retrieve_keytab_hostgroup_add) > 0 or \
len(allow_retrieve_keytab_host_add) > 0 or \
len(allow_retrieve_keytab_hostgroup_add) > 0:
commands.append(
[name, "service_allow_retrieve_keytab",

68
tests/service/env_cleanup.yml Normal file
View File

@@ -0,0 +1,68 @@
---
# Cleanup tasks for the service module tests.
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.local
- "cifs/{{ host1_fqdn }}"
state: absent
- name: Ensure host "{{ svc_fqdn }}" is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ svc_fqdn }}"
update_dns: yes
state: absent
- name: Ensure host is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ nohost_fqdn }}"
- svc.ihavenodns.info
update_dns: no
state: absent
- name: Ensure testing users are absent.
ipauser:
ipaadmin_password: SomeADMINpassword
name:
- user01
- user02
state: absent
- name: Ensure testing groups are absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- group01
- group02
state: absent
- name: Ensure testing hostgroup hostgroup01 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup01
state: absent
- name: Ensure testing hostgroup hostgroup02 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup02
state: absent
- name: Remove IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ test_domain }}."
name: nohost
del_all: yes
state: absent

73
tests/service/env_setup.yml Normal file
View File

@@ -0,0 +1,73 @@
# Setup environment for service module tests.
---
- name: Setup variables and facts.
include_tasks: env_vars.yml
# Cleanup before setup.
- name: Cleanup test environment.
include_tasks: env_cleanup.yml
- name: Add IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ test_domain }}."
name: nohost
a_ip_address: "{{ ipv4_prefix + '.100' }}"
- name: Add hosts for tests.
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ host1_fqdn }}"
ip_address: "{{ ipv4_prefix + '.101' }}"
- name: "{{ host2_fqdn }}"
ip_address: "{{ ipv4_prefix + '.102' }}"
- name: "{{ svc_fqdn }}"
ip_address: "{{ ipv4_prefix + '.201' }}"
- name: svc.ihavenodns.info
force: yes
update_dns: yes
- name: Ensure testing user user01 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user01
first: user01
last: last
- name: Ensure testing user user02 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user02
first: user02
last: last
- name: Ensure testing group group01 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group01
- name: Ensure testing group group02 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group02
- name: Ensure testing hostgroup hostgroup01 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup01
- name: Ensure testing hostgroup hostgroup02 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup02
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.info
state: absent

15
tests/service/env_vars.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Get Domain from server name
set_fact:
test_domain: "{{ ansible_fqdn.split('.')[1:] | join('.') }}"
- name: Set host1, host2 and svc hosts fqdn
set_fact:
host1_fqdn: "{{ 'host1.' + test_domain }}"
host2_fqdn: "{{ 'host2.' + test_domain }}"
svc_fqdn: "{{ 'svc.' + test_domain }}"
nohost_fqdn: "{{ 'nohost.' + test_domain }}"
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] | join('.') }}"

175
tests/service/test_service.yml
View File

@@ -17,109 +17,8 @@
tasks:
# setup
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1, host2 and svc hosts fqdn
set_fact:
host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
svc_fqdn: "{{ 'svc.' + ipaserver_domain }}"
nohost_fqdn: "{{ 'nohost.' + ipaserver_domain }}"
- name: Remove IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
del_all: yes
state: absent
- name: Host absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- "{{ nohost_fqdn }}"
- no.idontexist.info
- svc.ihavenodns.info
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ svc_fqdn }}"
update_dns: no
state: absent
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
join('.') }}"
- name: Add IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
a_ip_address: "{{ ipv4_prefix + '.100' }}"
- name: Add hosts for tests.
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ host1_fqdn }}"
ip_address: "{{ ipv4_prefix + '.101' }}"
- name: "{{ host2_fqdn }}"
ip_address: "{{ ipv4_prefix + '.102' }}"
force: yes
- name: "{{ svc_fqdn }}"
ip_address: "{{ ipv4_prefix + '.201' }}"
- name: svc.ihavenodns.info
force: yes
update_dns: yes
- name: Ensure testing user user01 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user01
first: user01
last: last
- name: Ensure testing user user02 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user02
first: user02
last: last
- name: Ensure testing group group01 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group01
- name: Ensure testing group group02 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group02
- name: Ensure testing hostgroup hostgroup01 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup01
- name: Ensure testing hostgroup hostgroup02 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup02
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.info
state: absent
- name: Setup test environment
include_tasks: env_setup.yml
# tests
- name: Ensure service is present
@@ -476,7 +375,6 @@
register: result
failed_when: result.changed
#
- name: Ensure service is absent
ipaservice:
ipaadmin_password: SomeADMINpassword
@@ -594,70 +492,5 @@
failed_when: result.changed
# cleanup
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.local
- "cifs/{{ host1_fqdn }}"
state: absent
- name: Ensure host "{{ svc_fqdn }}" is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ svc_fqdn }}"
update_dns: yes
state: absent
- name: Ensure host is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ nohost_fqdn }}"
- svc.ihavenodns.info
update_dns: no
state: absent
- name: Ensure testing users are absent.
ipauser:
ipaadmin_password: SomeADMINpassword
name:
- user01
- user02
state: absent
- name: Ensure testing groups are absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- group01
- group02
state: absent
- name: Ensure testing hostgroup hostgroup01 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup01
state: absent
- name: Ensure testing hostgroup hostgroup02 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup02
state: absent
- name: Remove IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
del_all: yes
state: absent
- name: Cleanup test environment
include_tasks: env_cleanup.yml

397
tests/service/test_service_keytab.yml Normal file
View File

@@ -0,0 +1,397 @@
---
- name: Test service
hosts: ipaserver
become: yes
tasks:
# setup
- name: Setup test envirnoment.
include_tasks: env_setup.yml
# Add service to test keytab create/retrieve attributes.
- name: Ensure test service is present
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
pac_type:
- MS-PAC
- PAD
auth_ind: otp
force: yes
requires_pre_auth: yes
ok_as_delegate: no
ok_to_auth_as_delegate: no
# tests
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for users.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_user:
- user01
- user02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for users, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_user:
- user01
- user02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for users.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_user:
- user01
- user02
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for users, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_user:
- user01
- user02
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for group.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_group:
- group01
- group02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for group, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_group:
- group01
- group02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for group.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_group:
- group01
- group02
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for group, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_group:
- group01
- group02
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for host.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for host, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for host.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for host, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for hostgroup.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for hostgroup, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for hostgroup.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup01
- hostgroup02
state: absent
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for hostgroup, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for users.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_user:
- user01
- user02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for users, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_user:
- user01
- user02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for users.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_user:
- user01
- user02
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for users, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_user:
- user01
- user02
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for group.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_group:
- group01
- group02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for group, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_group:
- group01
- group02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for group.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_group:
- group01
- group02
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for group, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_group:
- group01
- group02
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for host.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for host, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for host.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for host, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_host:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
action: member
state: absent
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for hostgroup.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for hostgroup, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
register: result
failed_when: result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for hostgroup.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
state: absent
register: result
failed_when: not result.changed
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for hostgroup, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "HTTP/{{ svc_fqdn }}"
allow_retrieve_keytab_hostgroup:
- hostgroup01
- hostgroup02
action: member
state: absent
register: result
failed_when: result.changed
# cleanup
- name: Clean-up envirnoment.
include_tasks: env_cleanup.yml

137
tests/service/test_service_without_skip_host_check.yml
View File

@@ -5,91 +5,8 @@
tasks:
# setup
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Set host1, host2 and svc hosts fqdn
set_fact:
host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
svc_fqdn: "{{ 'svc.' + ipaserver_domain }}"
- name: Host absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- svc.ihavenodns.info
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ svc_fqdn }}"
update_dns: yes
state: absent
- name: Get IPv4 address prefix from server node
set_fact:
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
join('.') }}"
- name: Add hosts for tests.
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ host1_fqdn }}"
ip_address: "{{ ipv4_prefix + '.201' }}"
update_dns: yes
- name: "{{ host2_fqdn }}"
ip_address: "{{ ipv4_prefix + '.202' }}"
update_dns: yes
- name: "{{ svc_fqdn }}"
ip_address: "{{ ipv4_prefix + '.203' }}"
update_dns: yes
- name: svc.ihavenodns.info
update_dns: no
force: yes
- name: Ensure testing user user01 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user01
first: user01
last: last
- name: Ensure testing user user02 is present.
ipauser:
ipaadmin_password: SomeADMINpassword
name: user02
first: user02
last: last
- name: Ensure testing group group01 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group01
- name: Ensure testing group group02 is present.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: group02
- name: Ensure testing hostgroup hostgroup01 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup01
- name: Ensure testing hostgroup hostgroup02 is present.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: hostgroup02
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/svc.ihavenodns.info
state: absent
- name: Setup test environment
include_tasks: env_setup.yml
# tests
- name: Ensure service is present
@@ -426,51 +343,5 @@
failed_when: result.changed
# cleanup
- name: Ensure services are absent.
ipaservice:
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/svc.ihavenodns.info
state: absent
- name: Ensure host is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- "{{ svc_fqdn }}"
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- svc.ihavenodns.info
state: absent
- name: Ensure testing users are absent.
ipauser:
ipaadmin_password: SomeADMINpassword
name:
- user01
- user02
state: absent
- name: Ensure testing groups are absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- group01
- group02
state: absent
- name: Ensure testing hostgroup hostgroup01 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup01
state: absent
- name: Ensure testing hostgroup hostgroup02 is absent.
ipagroup:
ipaadmin_password: SomeADMINpassword
name:
- hostgroup02
state: absent
- name: Cleanup test environment
include_tasks: env_cleanup.yml