mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-04-16 05:40:55 +00:00
2c9ee7d842
With ansible-core 2.14.12 using jinja2 templating in conditional statements with ansible_facts['fqdn'] is marked as unsafe and results in a failure. The issues with using jinja2 templating in conditional statements for asserts have been solved and a new server_fqdn fact has been added for ansible_facts['fqdn'].
124 lines
3.6 KiB
YAML
124 lines
3.6 KiB
YAML
---
|
|
- name: Test ipahost random password generation
|
|
hosts: ipaserver
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Get Domain from server name
|
|
ansible.builtin.set_fact:
|
|
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join('.') }}"
|
|
when: ipaserver_domain is not defined
|
|
|
|
- name: Set host1_fqdn and host2_fqdn
|
|
ansible.builtin.set_fact:
|
|
host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
|
|
host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
|
|
server_fqdn: "{{ ansible_facts['fqdn'] }}"
|
|
|
|
- name: Test hosts absent
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
update_dns: yes
|
|
state: absent
|
|
|
|
- name: Host "{{ host1_fqdn }}" present with random password
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name: "{{ host1_fqdn }}"
|
|
random: yes
|
|
force: yes
|
|
update_password: on_create
|
|
register: ipahost
|
|
failed_when: not ipahost.changed or ipahost.failed
|
|
|
|
- name: Assert ipahost.host.randompassword is defined.
|
|
ansible.builtin.assert:
|
|
that:
|
|
- ipahost.host.randompassword is defined
|
|
|
|
- name: Print generated random password
|
|
ansible.builtin.debug:
|
|
var: ipahost.host.randompassword
|
|
|
|
- name: Host "{{ host1_fqdn }}" absent
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name:
|
|
- "{{ host1_fqdn }}"
|
|
state: absent
|
|
|
|
- name: Host "{{ host1_fqdn }}" is present with random password using hosts parameter
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
hosts:
|
|
- name: "{{ host1_fqdn }}"
|
|
random: yes
|
|
force: yes
|
|
update_password: on_create
|
|
register: ipahost
|
|
failed_when: not ipahost.changed or
|
|
ipahost.host[host1_fqdn].randompassword is not defined or
|
|
ipahost.failed
|
|
|
|
- name: Host "{{ host1_fqdn }}" absent
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name:
|
|
- "{{ host1_fqdn }}"
|
|
state: absent
|
|
|
|
- name: Hosts "{{ host1_fqdn }}" and "{{ host2_fqdn }}" present with random password
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
hosts:
|
|
- name: "{{ host1_fqdn }}"
|
|
random: yes
|
|
force: yes
|
|
- name: "{{ host2_fqdn }}"
|
|
random: yes
|
|
force: yes
|
|
update_password: on_create
|
|
register: ipahost
|
|
failed_when: not ipahost.changed or ipahost.failed
|
|
|
|
- name: Assert randompassword is defined for host1 and host2.
|
|
ansible.builtin.assert:
|
|
that:
|
|
- ipahost.host[host1_fqdn].randompassword is defined
|
|
- ipahost.host[host2_fqdn].randompassword is defined
|
|
|
|
- name: Print generated random password for "{{ host1_fqdn }}"
|
|
ansible.builtin.debug:
|
|
var: ipahost.host["{{ host1_fqdn }}"].randompassword
|
|
|
|
- name: Print generated random password for "{{ host2_fqdn }}"
|
|
ansible.builtin.debug:
|
|
var: ipahost.host["{{ host2_fqdn }}"].randompassword
|
|
|
|
- name: Enrolled host "{{ server_fqdn }}" fails to set random password with update_password always
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
hosts:
|
|
- name: "{{ server_fqdn }}"
|
|
random: yes
|
|
update_password: always
|
|
register: ipahost
|
|
failed_when: ipahost.changed or not ipahost.failed
|
|
|
|
- name: Assert randompassword is not defined for 'ansible_fqdn'.
|
|
ansible.builtin.assert:
|
|
that:
|
|
- ipahost.host[server_fqdn].randompassword is not defined
|
|
- "'Password cannot be set on enrolled host' in ipahost.msg"
|
|
|
|
- name: Hosts "{{ host1_fqdn }}" and "{{ host2_fqdn }}" absent
|
|
ipahost:
|
|
ipaadmin_password: SomeADMINpassword
|
|
name:
|
|
- "{{ host1_fqdn }}"
|
|
- "{{ host2_fqdn }}"
|
|
state: absent
|