internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-07 05:43:26 +00:00
Code Issues Projects Releases Wiki Activity
Files
141554bd3da78b62dbeeeec3116a9751ba8f0a6e
ansible-freeipa/tests/dnsrecord/test_dnsrecord.yml
Rafael Guterres Jeffman 962148b109 ipadnsrecord: fix record update when multiple records exist. 
There was a failure when NAPTR or DLV records where updated,
if the record name had multiple entries. This patch fixes this
behavior, by using the requested record, not the retrieved one.

Tests have been updated to test for this issue on

    tests/dnsrecord/test_dnsrecord.yml
2020-11-20 18:13:01 -03:00

1419 lines
42 KiB
YAML
Raw Blame History

---
- name: Test dnsrecord
hosts: ipaserver
become: yes
gather_facts: yes
tasks:
- name: Setup testing environment.
include_tasks: env_setup.yml
- name: Generate self-signed certificates.
shell:
cmd: |
openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
base64 "cert{{ item }}.der" -w5000 > "cert{{ item }}.b64"
with_items: [1]
become: no
delegate_to: localhost
# tests
- name: Ensure that dns record 'host01' is present
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host01
zone_name: "{{ testzone }}"
record_type: AAAA
record_value: ::1
register: result
failed_when: not result.changed
- name: Ensure that dns record 'host01' is present, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host01
zone_name: "{{ testzone }}"
record_type: AAAA
record_value: ::1
register: result
failed_when: result.changed
- name: Ensure that dns record 'host02' is present
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host02
zone_name: "{{ testzone }}"
record_type: A
record_value: "{{ ipv4_prefix }}.102"
register: result
failed_when: not result.changed
- name: Ensure that dns record 'host02' is present, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host02
zone_name: "{{ testzone }}"
record_type: A
record_value: "{{ ipv4_prefix }}.102"
register: result
failed_when: result.changed
- name: Modify record 'host02' with multiple A and AAAA record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
records:
- name: host02
zone_name: "{{ testzone }}"
record_type: A
record_value:
- "{{ ipv4_prefix }}.112"
- "{{ ipv4_prefix }}.122"
- name: host02
zone_name: "{{ testzone }}"
record_type: AAAA
record_value: ::1
register: result
failed_when: not result.changed
- name: Modify record 'host02' with multiple A and AAAA record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
records:
- name: host02
zone_name: "{{ testzone }}"
record_type: A
record_value:
- "{{ ipv4_prefix }}.112"
- "{{ ipv4_prefix }}.122"
- name: host02
zone_name: "{{ testzone }}"
record_type: AAAA
record_value: ::1
register: result
failed_when: result.changed
- name: Ensure 'host02' A6 record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host02
a6_data: ::1
register: result
failed_when: not result.changed
- name: Ensure 'host02' A6 record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host02
a6_rec: ::1
register: result
failed_when: result.changed
- name: Ensure 'host02' A6 record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host02
a6_rec: ::1
state: absent
register: result
failed_when: not result.changed
- name: Ensure 'host02' A6 record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host02
a6_rec: ::1
state: absent
register: result
failed_when: result.changed
- name: Ensure that dns record 'host03' is present, with reverse record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host03
zone_name: "{{ testzone }}"
a_ip_address: "{{ ipv4_prefix }}.103"
a_create_reverse: yes
register: result
failed_when: not result.changed
- name: Ensure that dns record 'host03' is present, with reverse record, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host03
zone_name: "{{ testzone }}"
record_type: A
record_value: "{{ ipv4_prefix }}.103"
create_reverse: yes
register: result
failed_when: result.changed
- name: Delete all entries associated with host03
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host03
del_all: yes
state: absent
register: result
failed_when: not result.changed
- name: Delete all entries associated with host03, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host03
del_all: yes
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' has CNAME
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
record_type: CNAME
record_value: "host04.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has CNAME, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cname_hostname: "host04.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' CNAME is absent
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cname_rec: "host04.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' CNAME is absent, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
record_type: CNAME
record_value: "host04.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' and 'host03' have CNAME, with cname_hostname
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
records:
- name: host04
cname_hostname: "host04.{{ testzone }}"
- name: host03
cname_hostname: "host03.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has CNAME, with cname_hostname, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cname_hostname: "host04.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' CNAME is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cname_rec: "host04.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has A record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: "{{ ipv4_prefix }}.104"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has A record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: "{{ ipv4_prefix }}.104"
register: result
failed_when: result.changed
- name: Ensure that 'host04' has the same A record with reverse.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
a_rec: "{{ ipv4_prefix }}.104"
reverse: yes
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has the same A record with reverse, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
a_rec: "{{ ipv4_prefix }}.104"
reverse: yes
register: result
failed_when: result.changed
- name: Ensure that 'host04' has an A record with reverse, for NS record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: "{{ ipv4_prefix }}.114"
reverse: yes
- name: Ensure that 'host04' has an A record with reverse, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: "{{ ipv4_prefix }}.114"
reverse: yes
register: result
failed_when: result.changed
- name: Ensure that 'host04' has AAAA record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
aaaa_ip_address: fd00::0004
aaaa_create_reverse: yes
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has AAAA record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: fd00::0004
reverse: yes
register: result
failed_when: result.changed
- name: Ensure that 'host04' has AAAA record, without reverse.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: fd00::0014
register: result
failed_when: not result.changed
- name: Ensure that 'host04' previous AAAA record, now has a reverse record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
aaaa_rec: fd00::0014
reverse: yes
register: result
failed_when: not result.changed
- name: Ensure that 'host04' previous AAAA record, now has a reverse record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
aaaa_rec: fd00::0014
reverse: yes
register: result
failed_when: result.changed
- name: Ensure that 'host04' has PTR record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ zone_prefix_reverse_24 }}"
name: "124"
ptr_hostname: "host04.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has PTR record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ zone_prefix_reverse_24 }}"
name: "124"
ptr_hostname: "host04.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' has PTR record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ zone_prefix_reverse_24 }}"
name: "124"
ptr_rec: "host04.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has PTR record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ zone_prefix_reverse_24 }}"
name: "124"
ptr_rec: "host04.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' has DNAME record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dname_target: "ipa.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has DNAME record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dname_target: "ipa.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' DNAME record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dname_rec: "ipa.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' DNAME record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dname_rec: "ipa.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' has a A record with reverse, for NS record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ip_address: "{{ ipv4_prefix }}.114"
reverse: yes
- name: Ensure that 'host04' has NS record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ns_hostname: host04
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has NS record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ns_hostname: host04
register: result
failed_when: result.changed
- name: Ensure that 'host04' NS record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ns_rec: host04
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' NS record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
ns_rec: host04
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' DLV record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_key_tag: 12345
dlv_algorithm: 3
dlv_digest_type: 1
# digest is sha1sum of 'host04."{{ testzone }}"'
dlv_digest: 08ff468cb25ccd21642989294cc33570da5eb2ba
register: result
failed_when: result.failed or not result.changed
- name: Ensure that 'host04' DLV record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_key_tag: 12345
dlv_algorithm: 3
dlv_digest_type: 1
dlv_digest: 08ff468cb25ccd21642989294cc33570da5eb2ba
register: result
failed_when: result.failed or result.changed
- name: Ensure that 'host04' DLV record is present, with a different key tag.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_key_tag: 4321
dlv_record: 12345 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba
register: result
failed_when: result.failed or not result.changed
- name: Ensure that 'host04' DLV second record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_key_tag: 4321
dlv_algorithm: 2
dlv_digest_type: 2
# digest is sha1sum of 'second record'
dlv_digest: da39a3ee5e6b4b0d3255bfef95601890afd80709
register: result
failed_when: result.failed or not result.changed
- name: Ensure that 'host04' DLV record is changed, in presence of multiple records.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_key_tag: 54321
dlv_record: 4321 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba
register: result
failed_when: result.failed or not result.changed
- name: Ensure that 'host04' DLV record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_record: 54321 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba
state: absent
register: result
failed_when: result.failed or not result.changed
- name: Ensure that 'host04' DLV record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_record: 54321 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba
state: absent
register: result
failed_when: result.failed or result.changed
- name: Ensure that 'host04' DLV record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
dlv_record: 4321 2 2 da39a3ee5e6b4b0d3255bfef95601890afd80709
state: absent
register: result
failed_when: result.failed or not result.changed
- name: Ensure that dns record 'iron01' is present
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: iron01
zone_name: "{{ safezone }}"
ip_address: "{{ ansible_default_ipv4.address }}"
register: result
failed_when: not result.changed
- name: Ensure that NS record for "{{ safezone }}" is present
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: iron01
zone_name: "{{ safezone }}"
ns_hostname: iron01
register: result
failed_when: not result.changed
- name: Ensure that 'iron01' DS record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_key_tag: 12345
ds_algorithm: 3
ds_digest_type: 1
# digest is sha1sum of 'iron01."{{ safezone }}"'
ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec216
register: result
failed_when: not result.changed
- name: Ensure that 'iron01' DS record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_key_tag: 12345
ds_algorithm: 3
ds_digest_type: 1
ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec216
register: result
failed_when: result.changed
- name: Ensure that 'iron01' DS record is present, with a different key tag.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_key_tag: 54321
ds_rec: 12345 3 1 84763786e4213cca9a6938dba5dacd64f87ec216
register: result
failed_when: not result.changed
- name: Ensure that 'iron01' DS record is present, with a different key tag, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_key_tag: 54321
ds_rec: 12345 3 1 84763786e4213cca9a6938dba5dacd64f87ec216
register: result
failed_when: result.changed
- name: Ensure that 'iron01' DS record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_rec: 54321 3 1 84763786e4213cca9a6938dba5dacd64f87ec216
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'iron01' DS record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ safezone }}"
name: iron01
ds_rec: 54321 3 1 84763786e4213cca9a6938dba5dacd64f87ec216
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' AFSDB record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 1
afsdb_hostname: "host04.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' AFSDB record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 1
afsdb_hostname: "host04.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' AFSDB record subtype is 2.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 2
afsdb_rec: "1 host04.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' AFSDB record subtype is 2, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_subtype: 2
afsdb_rec: "1 host04.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' AFSDB record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_rec: "2 host04.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' AFSDB record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
afsdb_rec: "2 host04.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' CERT record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cert_type: 1
cert_key_tag: 1234
cert_algorithm: 3
cert_certificate_or_crl: "{{ lookup('file', 'cert1.b64') }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' CERT record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cert_type: 1
cert_key_tag: 1234
cert_algorithm: 3
cert_certificate_or_crl: "{{ lookup('file', 'cert1.b64') }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' CERT record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cert_rec: "1 1234 3 {{ lookup('file', 'cert1.b64') }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' CERT record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
cert_rec: 1 1234 3 "{{ lookup('file', 'cert1.b64') }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' KX record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_preference: 10
kx_exchanger: "keyex.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' KX record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_preference: 10
kx_exchanger: "keyex.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' KX record is present with preference set to 20.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: "10 keyex.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' KX record is present with preference set to 20, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: "10 keyex.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' KX record is present with preference set to 20, one more time.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_preference: 20
kx_rec: "20 keyex.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' KX record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_rec: "20 keyex.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' KX record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
kx_rec: "20 keyex.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' MX record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_preference: 10
mx_exchanger: "mail.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' MX record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_preference: 10
mx_exchanger: "mail.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that 'host04' MX record is present with preference set to 20.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_preference: 20
mx_rec: "10 mail.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that 'host04' MX record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_rec: "20 mail.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' MX record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
mx_rec: "20 mail.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' LOC record is present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_lat_deg: 52
loc_lat_min: 22
loc_lat_sec: 23.000
loc_lat_dir: N
loc_lon_deg: 4
loc_lon_min: 53
loc_lon_sec: 32.00
loc_lon_dir: E
loc_altitude: -2.00
loc_size: 0.00
loc_h_precision: 10000
loc_v_precision: 10
register: result
failed_when: not result.changed
- name: Ensure that 'host04' LOC record is present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_lat_deg: 52
loc_lat_min: 22
loc_lat_sec: 23.000
loc_lat_dir: N
loc_lon_deg: 4
loc_lon_min: 53
loc_lon_sec: 32.000
loc_lon_dir: E
loc_altitude: -2.00
loc_size: 0.00
loc_h_precision: 10000
loc_v_precision: 10
register: result
failed_when: result.changed
- name: Ensure that 'host04' LOC record is present, with loc_size 1.00.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_size: 1.00
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 0.00 10000.00 10.00
register: result
failed_when: not result.changed
- name: Ensure that 'host04' LOC record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000.00 10.00
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' LOC record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000.00 10.00
state: absent
register: result
failed_when: result.changed
- name: Ensure that '_sip._udp' service has NAPTR record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_order: 100
naptr_preference: 10
naptr_flags: "U"
naptr_service: "SIP+D2U"
naptr_regexp: "!^.*$!sip:info@example.com!"
naptr_replacement: "."
register: result
failed_when: result.failed or not result.changed
- name: Ensure that '_sip._udp' service has NAPTR record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_order: 100
naptr_preference: 10
naptr_flags: "U"
naptr_service: "SIP+D2U"
naptr_regexp: "!^.*$!sip:info@example.com!"
naptr_replacement: "."
register: result
failed_when: result.failed or result.changed
- name: Change '_sip._udp' service NAPTR record `preference` to 20.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_preference: 20
naptr_rec: '100 10 U SIP+D2U !^.*$!sip:info@example.com! .'
register: result
failed_when: result.failed or not result.changed
- name: Ensure that '_sip._udp' service has NAPTR record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_order: 101
naptr_preference: 11
naptr_flags: "U"
naptr_service: "SIP+D2U"
naptr_regexp: "!^.*$!sip:debug@example.com!"
naptr_replacement: "."
- name: Ensure that '_sip._udp' service has NAPTR record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_order: 102
naptr_preference: 12
naptr_flags: "U"
naptr_service: "SIP+D2U"
naptr_regexp: "!^.*$!sip:prio@example.com!"
naptr_replacement: "."
- name: Change '_sip._udp' service NAPTR record `preference` to 50, when multiple records are present. (BZ 1881436)
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
naptr_preference: 50
naptr_rec: '100 20 U SIP+D2U !^.*$!sip:info@example.com! .'
register: result
failed_when: result.failed or not result.changed
- name: Ensure that '_sip._udp' service has NAPTR record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
record_type: NAPTR
record_value: '100 50 U SIP+D2U !^.*$!sip:info@example.com! .'
state: absent
register: result
failed_when: result.failed or not result.changed
- name: Ensure that '_sip._udp' service has NAPTR record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
record_type: NAPTR
record_value: '100 50 U SIP+D2U !^.*$!sip:info@example.com! .'
state: absent
register: result
failed_when: result.failed or result.changed
- name: Clear NAPTR records.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
del_all: yes
state: absent
- name: Ensure that '_sip._udp' service has SRV record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 10
srv_weight: 10
srv_port: 5060
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure that '_sip._udp' service has SRV record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 10
srv_weight: 10
srv_port: 5060
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure '_sip._udp' SRV record has priority equals to 4.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 4
srv_weight: 10
srv_port: 5060
srv_target: "sip-server.{{ testzone }}"
srv_rec: "10 10 5060 sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensure '_sip._udp' SRV record has priority equals to 4, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 4
srv_weight: 10
srv_port: 5060
srv_target: sip-server."{{ testzone }}"
srv_rec: "10 10 5060 sip-server.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensurer '_sip._udp' SRV record has priority 2, weight 20
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 2
srv_weight: 20
srv_port: 5060
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: not result.changed
- name: Ensurer '_sip._udp' SRV record has priority 2, weight 20, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_priority: 2
srv_weight: 20
srv_port: 5060
srv_target: "sip-server.{{ testzone }}"
register: result
failed_when: result.changed
- name: Ensure that '_sip._udp' SRV record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_record: "2 20 5060 sip-server.{{ testzone }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that '_sip._udp' SRV record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _sip._udp
srv_record: "2 20 5060 sip-server.{{ testzone }}"
state: absent
register: result
failed_when: result.changed
# SSHFP fingerprint generated with `ssh-keygen -r host04."{{ testzone }}"`
- name: Ensure that 'host04' has SSHFP record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
sshfp_algorithm: 1
sshfp_fp_type: 1
sshfp_fingerprint: d21802c61733e055b8d16296cbce300efb8a167a
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has SSHFP record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
sshfp_algorithm: 1
sshfp_fp_type: 1
sshfp_fingerprint: d21802c61733e055b8d16296cbce300efb8a167a
register: result
failed_when: result.changed
- name: Ensure that 'host04' SSHFP record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
sshfp_rec: 1 1 d21802c61733e055b8d16296cbce300efb8a167a
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' SSHFP record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
sshfp_rec: 1 1 d21802c61733e055b8d16296cbce300efb8a167a
state: absent
register: result
failed_when: result.changed
# Data is sha356sum of 'Some Text to Test', it should be created from
# a real certificate.
- name: Ensure that 'host04' has TLSA record present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_cert_usage: 3
tlsa_selector: 1
tlsa_matching_type: 1
tlsa_cert_association_data: 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
register: result
failed_when: not result.changed
- name: Ensure that 'host04' has TLSA record present, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_cert_usage: 3
tlsa_selector: 1
tlsa_matching_type: 1
tlsa_cert_association_data: 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
register: result
failed_when: result.changed
- name: Modify 'host04' has TLSA record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_matching_type: 0
tlsa_rec: 3 1 1 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
register: result
failed_when: not result.changed
- name: Modify 'host04' has TLSA record, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_matching_type: 0
tlsa_rec: 3 1 1 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
register: result
failed_when: result.changed
- name: Ensure that 'host04' TLSA record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_rec: 3 1 0 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' TLSA record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
tlsa_rec: 3 1 0 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' has TXT record present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_data: Some Text
register: result
failed_when: not result.changed
# - name: Ensure that 'host04' has TXT record present, again.
# ipadnsrecord:
# ipaadmin_password: SomeADMINpassword
# zone_name: "{{ testzone }}"
# name: host04
# txt_data: Some Text
# register: result
# failed_when: result.changed
- name: Change value of 'host04' TXT record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_data: Some new Text
txt_rec: Some Text
register: result
failed_when: not result.changed
- name: Add a second TXT record to 'host04'.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec: Some Other Text
register: result
failed_when: not result.changed
- name: Add a second TXT record to 'host04', again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec: Some Other Text
register: result
failed_when: result.changed
- name: Ensure that one of 'host04' TXT record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec: Some new Text
state: absent
register: result
failed_when: not result.changed
- name: Ensure that one of 'host04' TXT record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec: Some new Text
state: absent
register: result
failed_when: result.changed
- name: Ensure that 'host04' TXT record are all absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec:
- Some new Text
- Some Other Text
state: absent
register: result
failed_when: not result.changed
- name: Ensure that 'host04' TXT record are all absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: host04
txt_rec:
- Some new Text
- Some Other Text
state: absent
register: result
failed_when: result.changed
- name: Ensure that '_ftp._tcp' has URI record.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_priority: 10
uri_weight: 1
uri_target: ftp://ftp.host04.{{ testzone }}/public
register: result
failed_when: not result.changed
- name: Ensure that '_ftp._tcp' has URI record, again
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_priority: 10
uri_weight: 1
uri_target: ftp://ftp.host04.{{ testzone }}/public
register: result
failed_when: result.changed
- name: Change '_ftp._tcp' URI record weight to 3 and priority to 5.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_priority: 5
uri_weight: 3
uri_rec: 10 1 "ftp://ftp.host04.{{ testzone }}/public"
register: result
failed_when: not result.changed
- name: Verify if modification worked.
ipadnsrecord:
uri_rec: 10 1 ftp://ftp.host04.{{ testzone }}/public
state: absent
register: result
failed_when: result.changed
- name: Change '_ftp._tcp' URI record weight to 3 and priority to 5, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_priority: 5
uri_weight: 3
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
register: result
failed_when: result.changed
- name: Ensure that '_ftp._tcp' URI record is absent.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
state: absent
register: result
failed_when: not result.changed
- name: Ensure that '_ftp._tcp' URI record is absent, again.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
zone_name: "{{ testzone }}"
name: _ftp._tcp
uri_rec: 5 3 "ftp://ftp.host04.{{ testzone }}/public"
state: absent
register: result
failed_when: result.changed
# cleanup
- name: Cleanup test environment.
include_tasks: env_cleanup.yml
- name: Remove certificate files.
shell:
cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
with_items: [1]
become: no
delegate_to: localhost
args:
warn: no # suppres warning for not using the `file` module.
Reference in New Issue View Git Blame Copy Permalink