mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-06 13:23:14 +00:00
1fdf7a4359
Update group README file and add tests for executing plugin with
`ipaapi_context` set to `client`.
A new test playbook can be found at:
tests/group/test_group_client_context.yml
The new test file can be executed in a FreeIPA client host that is
not a server. In this case, it should be defined in the `ipaclients`
group, in the inventory file.
194 lines
5.4 KiB
YAML
194 lines
5.4 KiB
YAML
---
|
|
- name: Test group
|
|
hosts: "{{ ipa_test_host | default('ipaserver') }}"
|
|
become: true
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Ensure users user1, user2 and user3 are absent
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: user1,user2,user3
|
|
state: absent
|
|
|
|
- name: Ensure group group3, group2 and group1 are absent
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group3,group2,group1
|
|
state: absent
|
|
|
|
- name: Ensure users user1..user3 are present
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
users:
|
|
- name: user1
|
|
first: user1
|
|
last: Last
|
|
- name: user2
|
|
first: user2
|
|
last: Last
|
|
- name: user3
|
|
first: user3
|
|
last: Last
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure group1 is present
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure group1 is present again
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure group2 is present
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group2
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure group2 is present again
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group2
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure group3 is present
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group3
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure group3 is present again
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group3
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure groups group2 and group3 are present in group group1
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
group:
|
|
- group2
|
|
- group3
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure groups group2 and group3 are present in group group1 again
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
group:
|
|
- group2
|
|
- group3
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure group3 ia present in group group1
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
group:
|
|
- group3
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure users user1, user2 and user3 are present in group group1
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
user:
|
|
- user1
|
|
- user2
|
|
- user3
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure users user1, user2 and user3 are present in group group1 again
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
user:
|
|
- user1
|
|
- user2
|
|
- user3
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
#- ipagroup:
|
|
# ipaadmin_password: SomeADMINpassword
|
|
# ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
# name: group1
|
|
# user:
|
|
# - user7
|
|
# action: member
|
|
|
|
- name: Ensure user user7 is absent in group group1
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group1
|
|
user:
|
|
- user7
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure group group4 is absent
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group4
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure group group3, group2 and group1 are absent
|
|
ipagroup:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: group3,group2,group1
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure users user1, user2 and user3 are absent
|
|
ipauser:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: user1,user2,user3
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|