mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-07 05:43:26 +00:00
aa05e4a548
This patch enables test failure report when result.failed is set, and make tests more robust against environment differences.
398 lines
12 KiB
YAML
398 lines
12 KiB
YAML
---
|
|
- name: Test service
|
|
hosts: ipaserver
|
|
become: yes
|
|
|
|
tasks:
|
|
# setup
|
|
- name: Setup test envirnoment.
|
|
include_tasks: env_setup.yml
|
|
|
|
# Add service to test keytab create/retrieve attributes.
|
|
- name: Ensure test service is present
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
pac_type:
|
|
- MS-PAC
|
|
- PAD
|
|
auth_ind: otp
|
|
force: yes
|
|
requires_pre_auth: yes
|
|
ok_as_delegate: no
|
|
ok_to_auth_as_delegate: no
|
|
|
|
# tests
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for users.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for users, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for users.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for users, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for group.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for group, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for group.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for group, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for host.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for host, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for host.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for host, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for hostgroup.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab present for hostgroup, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for hostgroup.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
state: absent
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_create_keytab absent for hostgroup, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_create_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for users.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for users, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for users.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for users, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_user:
|
|
- user01
|
|
- user02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for group.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for group, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for group.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for group, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_group:
|
|
- group01
|
|
- group02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for host.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for host, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for host.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for host, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_host:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for hostgroup.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab present for hostgroup, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for hostgroup.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Service "HTTP/{{ svc_fqdn }}" members allow_retrieve_keytab absent for hostgroup, again.
|
|
ipaservice:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "HTTP/{{ svc_fqdn }}"
|
|
allow_retrieve_keytab_hostgroup:
|
|
- hostgroup01
|
|
- hostgroup02
|
|
action: member
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
# cleanup
|
|
- name: Clean-up envirnoment.
|
|
include_tasks: env_cleanup.yml
|