internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-08 22:34:26 +00:00
Code Issues Projects Releases Wiki Activity

ipadnsrecord: fix record modification behavior.

Browse Source 
When modifying a record, depending on how the playbook tasks were
arranged, it was possible to end with more records than expected.

This behavior was fixed by modifying the way records are searched
when a modification is requested. This change also allows less calls
find_dnsrecord.

Tests were modified to reflect the changes, and a new test playbook
was added:

    tests/dnsrecord/test_dnsrecord_modify_record.yml
This commit is contained in:
Rafael Guterres Jeffman
2020-11-13 10:42:29 -03:00
parent 93cf008429
commit fd84728820
3 changed files with 273 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
tests/dnsrecord/test_dnsrecord.yml
View File

@@ -624,7 +624,7 @@
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 1
afsdb_hostname: host04."{{ testzone }}"
afsdb_hostname: "host04.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -634,7 +634,7 @@
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 1
afsdb_hostname: host04."{{ testzone }}"
afsdb_hostname: "host04.{{ testzone }}"
register: result
failed_when: result.changed
@@ -644,7 +644,7 @@
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 2
afsdb_rec: 1 host04."{{ testzone }}"
afsdb_rec: "1 host04.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -654,7 +654,7 @@
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 2
afsdb_rec: 1 host04."{{ testzone }}"
afsdb_rec: "1 host04.{{ testzone }}"
register: result
failed_when: result.changed
@@ -663,7 +663,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_rec: 2 host04."{{ testzone }}"
afsdb_rec: "2 host04.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
@@ -673,7 +673,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_rec: 2 host04."{{ testzone }}"
afsdb_rec: "2 host04.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
@@ -728,7 +728,7 @@
zone_name: "{{ testzone }}"
name: host04
kx_preference: 10
kx_exchanger: keyex."{{ testzone }}"
kx_exchanger: "keyex.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -738,7 +738,7 @@
zone_name: "{{ testzone }}"
name: host04
kx_preference: 10
kx_exchanger: keyex."{{ testzone }}"
kx_exchanger: "keyex.{{ testzone }}"
register: result
failed_when: result.changed
@@ -748,7 +748,7 @@
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: 10 keyex."{{ testzone }}"
kx_rec: "10 keyex.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -758,7 +758,7 @@
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: 10 keyex."{{ testzone }}"
kx_rec: "10 keyex.{{ testzone }}"
register: result
failed_when: result.changed
@@ -768,7 +768,7 @@
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: 20 keyex."{{ testzone }}"
kx_rec: "20 keyex.{{ testzone }}"
register: result
failed_when: result.changed
@@ -777,7 +777,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_rec: 20 keyex."{{ testzone }}"
kx_rec: "20 keyex.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
@@ -787,7 +787,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_rec: 20 keyex."{{ testzone }}"
kx_rec: "20 keyex.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
@@ -798,7 +798,7 @@
zone_name: "{{ testzone }}"
name: host04
mx_preference: 10
mx_exchanger: mail."{{ testzone }}"
mx_exchanger: "mail.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -808,7 +808,7 @@
zone_name: "{{ testzone }}"
name: host04
mx_preference: 10
mx_exchanger: mail."{{ testzone }}"
mx_exchanger: "mail.{{ testzone }}"
register: result
failed_when: result.changed
@@ -818,7 +818,7 @@
zone_name: "{{ testzone }}"
name: host04
mx_preference: 20
mx_rec: 10 mail."{{ testzone }}"
mx_rec: "10 mail.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -827,7 +827,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_rec: 20 mail."{{ testzone }}"
mx_rec: "20 mail.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
@@ -837,7 +837,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_rec: 20 mail."{{ testzone }}"
mx_rec: "20 mail.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
@@ -899,7 +899,7 @@
zone_name: "{{ testzone }}"
name: host04
loc_size: 1.00
loc_rec: 52 22 23 N 4 53 32 E -2 0 10000 10
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 0.00 10000.00 10.00
register: result
failed_when: not result.changed
@@ -908,7 +908,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000 10
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000.00 10.00
state: absent
register: result
failed_when: not result.changed
@@ -918,7 +918,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000 10
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000.00 10.00
state: absent
register: result
failed_when: result.changed
@@ -991,7 +991,7 @@
srv_priority: 10
srv_weight: 10
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -1003,7 +1003,7 @@
srv_priority: 10
srv_weight: 10
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: result.changed
@@ -1015,8 +1015,8 @@
srv_priority: 4
srv_weight: 10
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_rec: 10 10 5060 sip-server."{{ testzone }}"
srv_target: "sip-server.{{ testzone }}"
srv_rec: "10 10 5060 sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -1029,7 +1029,7 @@
srv_weight: 10
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_rec: 10 10 5060 sip-server."{{ testzone }}"
srv_rec: "10 10 5060 sip-server.{{ testzone }}"
register: result
failed_when: result.changed
@@ -1041,7 +1041,7 @@
srv_priority: 2
srv_weight: 20
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
@@ -1053,7 +1053,7 @@
srv_priority: 2
srv_weight: 20
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: result.changed
@@ -1062,7 +1062,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_record: 2 20 5060 sip-server."{{ testzone }}"
srv_record: "2 20 5060 sip-server.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
@@ -1072,7 +1072,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_record: 2 20 5060 sip-server."{{ testzone }}"
srv_record: "2 20 5060 sip-server.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
@@ -1283,7 +1283,7 @@
name: _ftp._tcp
uri_priority: 10
uri_weight: 1
uri_target: ftp://ftp.host04."{{ testzone }}"/public
uri_target: ftp://ftp.host04.{{ testzone }}/public
register: result
failed_when: not result.changed
@@ -1294,7 +1294,7 @@
name: _ftp._tcp
uri_priority: 10
uri_weight: 1
uri_target: ftp://ftp.host04."{{ testzone }}"/public
uri_target: ftp://ftp.host04.{{ testzone }}/public
register: result
failed_when: result.changed
@@ -1305,13 +1305,13 @@
name: _ftp._tcp
uri_priority: 5
uri_weight: 3
uri_rec: 10 1 ftp://ftp.host04."{{ testzone }}"/public
uri_rec: 10 1 "ftp://ftp.host04.{{ testzone }}/public"
register: result
failed_when: not result.changed
- name: Verify if modification worked.
ipadnsrecord:
uri_rec: 10 1 ftp://ftp.host04."{{ testzone }}"/public
uri_rec: 10 1 ftp://ftp.host04.{{ testzone }}/public
state: absent
register: result
failed_when: result.changed
@@ -1324,7 +1324,7 @@
name: _ftp._tcp
uri_priority: 5
uri_weight: 3
uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
register: result
failed_when: result.changed
@@ -1333,7 +1333,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
state: absent
register: result
failed_when: not result.changed
@@ -1343,7 +1343,7 @@
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
state: absent
register: result
failed_when: result.changed

180
tests/dnsrecord/test_dnsrecord_modify_record.yml Normal file
View File

@@ -0,0 +1,180 @@
---
- name: Playbook to ensure
hosts: ipaserver
become: no
gather_facts: yes
tasks:
- name: Setup testing environment.
include_tasks: env_setup.yml
- name: Add test host.
ipahost:
ipaadmin_password: SomeADMINpassword
name: "iron01.{{ safezone }}"
ip_address: 192.168.1.253
force: yes
- name: Cleanup test records.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ns_rec: iron01
ds_record:
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec222
- 5555 5 5 84763786e4213cca9a6938dba5dacd64f87ec222
cert_record:
- 1 1234 3 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
- 2 567 4 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
state: absent
- name: Add NS records to test.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ns_rec: iron01
register: result
failed_when: result.failed or not result.changed
- name: Add DS records to test.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_record:
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec222
register: result
failed_when: result.failed or not result.changed
- name: Add CERT records to test.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: host01
cert_record:
- 1 1234 3 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
- 5 555 4 AwIBAgIUb14+Oug2nPMIIBdTCCAAS+g
register: result
failed_when: result.failed or not result.changed
- name: Modify CERT record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
name: host01
cert_type: 2
cert_key_tag: 567
cert_algorithm: 4
cert_rec: 1 1234 3 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
register: result
failed_when: result.failed or not result.changed
- name: Verify modified CERT records exists.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: host01
cert_record: 2 567 4 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
register: result
failed_when: result.failed or result.changed
- name: Verify if old CERT record does not exist.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: host01
cert_record: 1 1234 3 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
state: absent
register: result
failed_when: result.failed or result.changed
- name: Verify if unmodified CERT record does exist.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: host01
cert_record: 5 555 4 AwIBAgIUb14+Oug2nPMIIBdTCCAAS+g
register: result
failed_when: result.failed or result.changed
- name: Try to modify the same DS record twice.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_key_tag: 5555
ds_algorithm: 5
ds_digest_type: 5
ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec222
ds_record: 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
- name: iron01
ds_key_tag: 5555
ds_algorithm: 5
ds_digest_type: 5
ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec222
ds_record: 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
register: result
failed_when: not result.failed or "DS record does not contain" not in result.msg
- name: Verify if unmodified DS record still exists.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_record: 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec222
register: result
failed_when: result.failed or result.changed
- name: Verify DS record was modified
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_record: 5555 5 5 84763786e4213cca9a6938dba5dacd64f87ec222
register: result
failed_when: result.failed or result.changed
- name: Verify if modified DS record was not created.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_record: 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
state: absent
register: result
failed_when: result.failed or result.changed
- name: Cleanup test records.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: safezone.test
records:
- name: iron01
ds_record:
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec216
- 1234 3 3 84763786e4213cca9a6938dba5dacd64f87ec222
- 5555 5 5 84763786e4213cca9a6938dba5dacd64f87ec222
- name: host01
cert_record:
- 1 1234 3 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
- 2 567 4 AwIBAgIUb14+Oug2nPMIIBdTCCAR+g
state: absent
# cleanup
- name: Cleanup test environment.
include_tasks: env_cleanup.yml