internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-10 18:55:53 +00:00
Code Issues Projects Releases Wiki Activity
Files
cfc54e559fa48ec47cc418309aa31c23181f22a9
ansible-freeipa/tests/vault/tasks_vault_members.yml
Thomas Woerner 84bf1a6533 tasks_vault_members.yml: Use result.failed also for failed_when 
For failed_when result.failed should be used to make sure that
the task fails if there was an error.
2021-05-26 16:10:41 +02:00

319 lines
8.9 KiB
YAML
Raw Blame History

---
# Tasks to test member management for Vault module.
- name: Setup testing environment.
import_tasks: env_setup.yml
- name: Ensure vault is present
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
vault_type: "{{vault.vault_type}}"
register: result
failed_when: not result.changed or result.failed
when: vault.vault_type == 'standard'
- name: Ensure vault is present
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
vault_password: SomeVAULTpassword
vault_type: "{{vault.vault_type}}"
register: result
failed_when: not result.changed or result.failed
when: vault.vault_type == 'symmetric'
- name: Ensure vault is present
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{ vault.name }}"
vault_type: "{{ vault.vault_type }}"
public_key: "{{lookup('file', 'A_private.b64')}}"
register: result
failed_when: not result.changed or result.failed
when: vault.vault_type == 'asymmetric'
- name: Ensure vault member user is present.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- user02
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member user is present, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- user02
register: result
failed_when: result.changed or result.failed
- name: Ensure more vault member users are present.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- admin
- user02
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member user is still present.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- user02
register: result
failed_when: result.changed or result.failed
- name: Ensure vault users are absent.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- admin
- user02
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault users are absent, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- admin
- user02
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure vault user is absent, once more.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
users:
- admin
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure vault member group is present.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
groups: vaultgroup
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member group is present, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
groups: vaultgroup
register: result
failed_when: result.changed or result.failed
- name: Ensure vault member group is absent.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
groups: vaultgroup
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member group is absent, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
groups: vaultgroup
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure vault member service is present.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member service is present, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_facts['fqdn'] }}"
register: result
failed_when: result.changed or result.failed
- name: Ensure vault member service is absent.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure vault member service is absent, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
action: member
services: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure user03 is an owner of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
owners: user03
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure user03 is an owner of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
owners: user03
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure user03 is not owner of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
owners: user03
state: absent
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure user03 is not owner of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
owners: user03
state: absent
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure vaultgroup is an ownergroup of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownergroups: vaultgroup
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure vaultgroup is an ownergroup of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownergroups: vaultgroup
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure vaultgroup is not ownergroup of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownergroups: vaultgroup
state: absent
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure vaultgroup is not ownergroup of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownergroups: vaultgroup
state: absent
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure service is an owner of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure service is an owner of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure service is not owner of vault.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure service is not owner of vault, again.
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
state: absent
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure {{vault.vault_type}} vault is absent
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure {{vault.vault_type}} vault is absent, again
ipavault:
ipaadmin_password: SomeADMINpassword
name: "{{vault.name}}"
state: absent
register: result
failed_when: result.changed or result.failed
- name: Cleanup testing environment.
import_tasks: env_cleanup.yml
Reference in New Issue View Git Blame Copy Permalink