Split vault tests in different files.

This change split vault tests in several files, organized by vault
type and operation (vault vs. member) so that it is easier to add
new tests for issues and verify if tests are missing.

tests/vault/tasks_vault_members.yml

@@ -0,0 +1,318 @@
+---
+# Tasks to test member management for Vault module.
+  - name: Setup testing environment.
+    import_tasks: env_setup.yml
+
+  - name: Ensure vault is present
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      vault_type: "{{vault.vault_type}}"
+    register: result
+    failed_when: not result.changed
+    when: vault.vault_type == 'standard'
+
+  - name: Ensure vault is present
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      vault_password: SomeVAULTpassword
+      vault_type: "{{vault.vault_type}}"
+    register: result
+    failed_when: not result.changed
+    when: vault.vault_type == 'symmetric'
+
+  - name: Ensure vault is present
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      vault_type: "{{vault.vault_type}}"
+      public_key: "{{lookup('file', 'private.pem') | b64encode}}"
+    register: result
+    failed_when: not result.changed
+    when: vault.vault_type == 'asymmetric'
+
+  - name: Ensure vault member user is present.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - user02
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member user is present, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - user02
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure more vault member users are present.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - admin
+      - user02
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member user is still present.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - user02
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault users are absent.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - admin
+      - user02
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault users are absent, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - admin
+      - user02
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault user is absent, once more.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      users:
+      - admin
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault member group is present.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      groups: vaultgroup
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member group is present, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      groups: vaultgroup
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault member group is absent.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      groups: vaultgroup
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member group is absent, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      groups: vaultgroup
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault member service is present.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      services: "HTTP/{{ groups.ipaserver[0] }}"
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member service is present, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      services: "HTTP/{{ groups.ipaserver[0] }}"
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vault member service is absent.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      services: "HTTP/{{ groups.ipaserver[0] }}"
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vault member service is absent, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      action: member
+      services: "HTTP/{{ groups.ipaserver[0] }}"
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure user03 is an owner of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      owners: user03
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure user03 is an owner of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      owners: user03
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure user03 is not owner of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      owners: user03
+      state: absent
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure user03 is not owner of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      owners: user03
+      state: absent
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vaultgroup is an ownergroup of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownergroups: vaultgroup
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vaultgroup is an ownergroup of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownergroups: vaultgroup
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure vaultgroup is not ownergroup of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownergroups: vaultgroup
+      state: absent
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure vaultgroup is not ownergroup of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownergroups: vaultgroup
+      state: absent
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure service is an owner of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure service is an owner of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure service is not owner of vault.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
+      state: absent
+      action: member
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure service is not owner of vault, again.
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      ownerservices: "HTTP/{{ groups.ipaserver[0] }}"
+      state: absent
+      action: member
+    register: result
+    failed_when: result.changed
+
+  - name: Ensure {{vault.vault_type}} vault is absent
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      state: absent
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure {{vault.vault_type}} vault is absent, again
+    ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: "{{vault.name}}"
+      state: absent
+    register: result
+    failed_when: result.changed
+
+  - name: Cleanup testing environment.
+    import_tasks: env_cleanup.yml