internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #326 from rjeffman/fix_service_tests

Browse Source 
Fix service tests.
This commit is contained in:
Sergio Oliveira
2020-07-31 09:07:05 -03:00
committed by GitHub
parent 3633ba5a3d 70e3e1a544
commit da5dc0c472
18 changed files with 57 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
playbooks/service/service-host-is-absent.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure management host is absent.
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
host: "{{ groups.ipaserver[0] }}"
action: member

2
playbooks/service/service-host-is-present.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure management host is present.
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
host: "{{ groups.ipaserver[0] }}"
action: member

2
playbooks/service/service-is-absent.yml
View File

@@ -7,6 +7,6 @@
tasks:
# Ensure service is absent
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
state: absent

2
playbooks/service/service-is-disabled.yml
View File

@@ -7,6 +7,6 @@
tasks:
# Ensure service is disabled
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
state: disabled

2
playbooks/service/service-is-present-with-all-attributes.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure service is present
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
certificate:
- MIICBjCCAW8CFHnm32VcXaUDGfEGdDL/erPSijUAMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAwMTIzMDA1NjQ2WhcNMjEwMTIyMDA1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYrdVmsr7iT3f67DM5bb1osSEe5/c91UUMEIcFq5wrgBhzVfs8iIMDVC1yiUGTsDLJNJc4nb1tUxeR9K5fh25E6n/eWDBP75NStotjAXRU4Ahi3FNRhWFOKesds5xNqgDk5/dY8UekJv2yUblQuZzeF8b2XFrmHuCaYuFctzPfWwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACF+5RS8Ce0HRixGPu4Xd51i+Kzblg++lx8fDJ8GW5G16/Z1AsB72Hc7etJL2PksHlue/xCq6SA9fIfHc4TBNCiWjPSP1NhHJeYyoPiSkcYsqXuxWyoyRLbnAhBVvhoiqZbUt3u3tGB0uMMA0yJvj07mP7Nea2KdBYVH8X1pM0V+

2
playbooks/service/service-is-present-with-host-force.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure service is present
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/ihavenodns.info
force: yes
# state: absent

2
playbooks/service/service-is-present-without-host-object.yml
View File

@@ -7,6 +7,6 @@
tasks:
# Ensure service is present
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.ansible.com
skip_host_check: yes

2
playbooks/service/service-is-present.yml
View File

@@ -7,5 +7,5 @@
tasks:
# Ensure service is present
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com

2
playbooks/service/service-member-allow_create_keytab-absent.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.example.com members allow_create_keytab absent for users, groups, hosts and hostgroups
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
allow_create_keytab_user:
- user01

2
playbooks/service/service-member-allow_create_keytab-present.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.example.com members allow_create_keytab present for users, groups, hosts and hostgroups
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
allow_create_keytab_user:
- user01

2
playbooks/service/service-member-allow_retrieve_keytab-absent.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.example.com members allow_retrieve_keytab absent for users, groups, hosts and hostgroups
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
allow_retrieve_keytab_user:
- user01

2
playbooks/service/service-member-allow_retrieve_keytab-present.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.example.com members allow_retrieve_keytab present for users, groups, hosts and hostgroups
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
allow_retrieve_keytab_user:
- user01

2
playbooks/service/service-member-certificate-absent.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure service certificate is absent
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
certificate:

2
playbooks/service/service-member-certificate-present.yml
View File

@@ -7,7 +7,7 @@
tasks:
# Ensure service certificate is present
- ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
certificate:
- MIICBjCCAW8CFHnm32VcXaUDGfEGdDL/erPSijUAMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAwMTIzMDA1NjQ2WhcNMjEwMTIyMDA1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYrdVmsr7iT3f67DM5bb1osSEe5/c91UUMEIcFq5wrgBhzVfs8iIMDVC1yiUGTsDLJNJc4nb1tUxeR9K5fh25E6n/eWDBP75NStotjAXRU4Ahi3FNRhWFOKesds5xNqgDk5/dY8UekJv2yUblQuZzeF8b2XFrmHuCaYuFctzPfWwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACF+5RS8Ce0HRixGPu4Xd51i+Kzblg++lx8fDJ8GW5G16/Z1AsB72Hc7etJL2PksHlue/xCq6SA9fIfHc4TBNCiWjPSP1NhHJeYyoPiSkcYsqXuxWyoyRLbnAhBVvhoiqZbUt3u3tGB0uMMA0yJvj07mP7Nea2KdBYVH8X1pM0V+

2
playbooks/service/service-member-principal-absent.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.exmaple.com member principals host/test.exmaple.com absent
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
principal:
- host/test.exmaple.com

2
playbooks/service/service-member-principal-present.yml
View File

@@ -6,7 +6,7 @@
tasks:
- name: Service HTTP/www.exmaple.com member principals host/test.exmaple.com present
ipaservice:
ipaadmin_password: MyPassword123
ipaadmin_password: SomeADMINpassword
name: HTTP/www.example.com
principal:
- host/test.exmaple.com

43
tests/service/test_service.yml
View File

@@ -4,7 +4,7 @@
# To test against earlier versions, use test_without_skip_host_check.yml.
#
# This test define 6 hosts:
# - www.ansible.com: a host with a DNS setup (external), not present in IPA
# - nohost_fqdn: a host with a DNS setup, not enrolled as a host in IPA.
# - no.idontexist.info: a host without DNS and not present in IPA.
# - svc.ihavenodns.inf: a host without DNS, but present in IPA.
# - svc_fqdn: a host with DNS and present in IPA.
@@ -27,12 +27,21 @@
host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
svc_fqdn: "{{ 'svc.' + ipaserver_domain }}"
nohost_fqdn: "{{ 'nohost.' + ipaserver_domain }}"
- name: Remove IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
del_all: yes
state: absent
- name: Host absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- www.ansible.com
- "{{ nohost_fqdn }}"
- no.idontexist.info
- svc.ihavenodns.info
- "{{ host1_fqdn }}"
@@ -46,13 +55,19 @@
ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
join('.') }}"
- name: Add IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
a_ip_address: "{{ ipv4_prefix + '.100' }}"
- name: Add hosts for tests.
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "{{ host1_fqdn }}"
ip_address: "{{ ipv4_prefix + '.101' }}"
force: yes
- name: "{{ host2_fqdn }}"
ip_address: "{{ ipv4_prefix + '.102' }}"
force: yes
@@ -101,7 +116,7 @@
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/www.ansible.com
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.info
state: absent
@@ -162,7 +177,7 @@
- name: Ensure service is present, without host object.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: HTTP/www.ansible.com
name: "HTTP/{{ nohost_fqdn }}"
skip_host_check: yes
register: result
failed_when: not result.changed
@@ -170,7 +185,7 @@
- name: Ensure service is present, without host object, again.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: HTTP/www.ansible.com
name: "HTTP/{{ nohost_fqdn }}"
skip_host_check: yes
register: result
failed_when: result.changed
@@ -523,7 +538,7 @@
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/www.ansible.com
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.local
continue: yes
@@ -536,7 +551,7 @@
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/www.ansible.com
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.local
continue: yes
@@ -585,7 +600,7 @@
ipaadmin_password: SomeADMINpassword
name:
- "HTTP/{{ svc_fqdn }}"
- HTTP/www.ansible.com
- "HTTP/{{ nohost_fqdn }}"
- HTTP/svc.ihavenodns.info
- HTTP/no.idontexist.local
- "cifs/{{ host1_fqdn }}"
@@ -604,7 +619,7 @@
name:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- www.ansible.com
- "{{ nohost_fqdn }}"
- svc.ihavenodns.info
update_dns: no
state: absent
@@ -638,3 +653,11 @@
name:
- hostgroup02
state: absent
- name: Remove IP address for "nohost" host.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ ipaserver_domain }}"
name: nohost
del_all: yes
state: absent

8
tests/service/test_service_disable.yml
View File

@@ -74,6 +74,14 @@
register: result
failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
- name: Ensure service is disabled, with no keytab.
ipaservice:
ipaadmin_password: SomeADMINpassword
name: "mysvc1/{{ ansible_fqdn }}"
state: disabled
register: result
failed_when: result.changed
- name: Ensure service is absent
ipaservice:
ipaadmin_password: SomeADMINpassword