internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-06 13:23:14 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #675 from rjeffman/automember_idempotence_issue

Browse Source 
automember: Fix behavior of unused parameters.
This commit is contained in:
Thomas Woerner
2021-11-25 13:50:04 +01:00
committed by GitHub
parent 77b72af1a2 17bba27abf
commit d615d3d4ed
2 changed files with 91 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
plugins/modules/ipaautomember.py
View File

@@ -309,15 +309,21 @@ def main():
commands.append([name, 'automember_add', args])
res_find = {}
inclusive_add, inclusive_del = gen_add_del_lists(
transform_conditions(inclusive or []),
res_find.get("automemberinclusiveregex", [])
)
if inclusive is not None:
inclusive_add, inclusive_del = gen_add_del_lists(
transform_conditions(inclusive),
res_find.get("automemberinclusiveregex", [])
)
else:
inclusive_add, inclusive_del = [], []
exclusive_add, exclusive_del = gen_add_del_lists(
transform_conditions(exclusive or []),
res_find.get("automemberexclusiveregex", [])
)
if exclusive is not None:
exclusive_add, exclusive_del = gen_add_del_lists(
transform_conditions(exclusive),
res_find.get("automemberexclusiveregex", [])
)
else:
exclusive_add, exclusive_del = [], []
elif action == "member":
if res_find is None:

77
tests/automember/test_automember.yml
View File

@@ -367,6 +367,83 @@
failed_when: result.changed or not result.failed or
"Invalid automember condition key 'cns'" not in result.msg
# Tests for issue https://bugzilla.redhat.com/show_bug.cgi?id=1976922
- name: Ensure group testgroup is absent
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
state: absent
automember_type: group
register: result
failed_when: not result.changed or result.failed
- name: Ensure group testgroup is present
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
description: Automember rule.
automember_type: group
inclusive:
- key: cn
expression: "@1"
exclusive:
- key: cn
expression: s
register: result
failed_when: not result.changed or result.failed
- name: Ensure group testgroup is present with updated description
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
description: New automember rule.
automember_type: group
register: result
failed_when: not result.changed or result.failed
- name: Ensure group testgroup is present with updated description, again
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
description: New automember rule.
automember_type: group
register: result
failed_when: result.changed or result.failed
- name: Verify inclusive and exclusive rules have not changed
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
automember_type: group
inclusive:
- key: cn
expression: "@1"
exclusive:
- key: cn
expression: s
register: result
failed_when: result.changed or result.failed
- name: Verify no other rules existed.
ipaautomember:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: testgroup
automember_type: group
inclusive: []
exclusive: []
action: member
state: absent
register: result
failed_when: result.changed or result.failed
# End of ests for issue https://bugzilla.redhat.com/show_bug.cgi?id=1976922
# CLEANUP TEST ITEMS
- name: Ensure group testgroup is absent