mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-09 18:25:53 +00:00

Files

Rafael Guterres Jeffman 0bcb4eaf0f Add state retrieved to ipavault to retrieve vault stored data.

This patch adds support for retrieving data stored in an IPA vault by
adding a new valid state for ipavault: `retrieved`.

To allow the retrieval of data from assymetric vaults, the attributes
`private_key`, `private_key_files` and `out` were also added to the
module.

The private key files, `private.pem`, should be paired with the already
existing `public.pem` public key files.

Tests were updated to reflect changes and two new playbooks were added:

    playbooks/vault/retrive-data-asymmetric-vault.yml
    playbooks/vault/retrive-data-symmetric-vault.yml

2020-06-11 09:10:08 -03:00

dnsconfig

Add admin password to the ipadnsconfig module tests.

2020-03-25 17:42:24 -03:00

dnsforwardzone

add a module to manage dns forwarder zones in ipa

2020-03-10 16:14:54 +00:00

dnszone

New IPADNSZone module

2020-03-24 10:52:53 -03:00

external-signed-ca-with-automatic-copy

tests/external-signed-ca tests: Fix external-ca.sh to use proper serials

2019-09-27 15:25:26 +02:00

external-signed-ca-with-manual-copy

tests/external-signed-ca tests: Fix external-ca.sh to use proper serials

2019-09-27 15:25:26 +02:00

group

ipagroup: Add support for group membership management

2020-06-09 11:03:47 +02:00

hbacrule

Fixes removal of all from HBAC rule categories.

2020-04-09 17:43:28 -03:00

hbacsvc

tests: Unite admin passwords

2020-02-26 12:42:31 +01:00

hbacsvcgroup

tests: Unite admin passwords

2020-02-26 12:42:31 +01:00

host

Fixes host absent when DNS zone is not found.

2020-06-01 12:26:43 -03:00

hostgroup

ipahostgroup: Add support for group membership management

2020-06-11 09:10:08 -03:00

pwpolicy

tests: Unite admin passwords

2020-02-26 12:42:31 +01:00

service

Add support for service-add-smb.

2020-06-05 19:33:38 -03:00

sudocmd

tests: Unite admin passwords

2020-02-26 12:42:31 +01:00

sudocmdgroup

tests: Unite admin passwords

2020-02-26 12:42:31 +01:00

sudorule

Merge pull request #245 from rjeffman/fix_sudorule_categories

2020-05-12 13:06:18 +02:00

user

ipauser: Fix certmapdata, add missing certmapdata data option

2020-05-12 13:31:52 +02:00

vault

Add state retrieved to ipavault to retrieve vault stored data.

2020-06-11 09:10:08 -03:00

ansible.cfg

Added pytests as test entrypoint

2020-05-19 19:21:53 -03:00

README.md

Added pytests as test entrypoint

2020-05-19 19:21:53 -03:00

test_playbook_runs.py

Added pytests as test entrypoint

2020-05-19 19:21:53 -03:00

README.md

Running the tests

Before starting

In order to run ansible-freeipa tests you will need to have ansible and pytest installed on your machine. We'll call this local machine controller.

You will also need to have a remote host with freeipa server installed and configured. We'll call this remote host ipaserver.

Some other requirements:

The controller must be able to connect to ipaserver through ssh using keys.
ipaserver must be configured with DNS support. See ipaserver role.
IPA admin password must be SomeADMINpassword.
Directory Server admin password must be SomeDMpassword.

Running the tests

To run the tests run:

IPA_SERVER_HOST=<ipaserver_host_or_ip> pytest

If you need to run using a different user you can use ANSIBLE_REMOTE_USER environment variable. For example:

ANSIBLE_REMOTE_USER=root IPA_SERVER_HOST=<ipaserver_host_or_ip> pytest

To select which tests to run use the option -k. For example:

IPA_SERVER_HOST=<ipaserver_host_or_ip> pytest -k dnszone

To see the ansible output use the option --capture=sys. For example:

IPA_SERVER_HOST=<ipaserver_host_or_ip> pytest --capture=sys

To see why tests were skipped use -rs. For example:

IPA_SERVER_HOST=<ipaserver_host_or_ip> pytest -rs

For a complete list of options check pytest --help.

Upcoming/desired improvements:

A script to pre-config the complete test environment using virsh.
A test matrix to run tests against different distros in parallel (probably using tox).
Allow to connect to ipaserver using ssh and password.