internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
d2f9fe6325f7a85c760bb5cf7d15f1e6a81cc176
ansible-freeipa/tests/sudocmdgroup/test_sudocmdgroup.yml
Thomas Woerner d2f9fe6325 Fix jinja2 white spaces issues reported by ansible-lint 
This replaces double spaces by single spaces, fixes spaces in slices,
adds spaces before brackets and fixes bracket placing in when clauses.
2023-01-17 12:38:51 +01:00

230 lines
6.9 KiB
YAML
Raw Blame History

---
- name: Test sudocmdgroup
hosts: "{{ ipa_test_host | default('ipaserver') }}"
become: true
gather_facts: false
tasks:
- name: Ensure sudocmds are present
ipasudocmd:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name:
- /usr/bin/su
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
- name: Ensure sudocmdgroup is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: absent
- name: Ensure sudocmdgroup is present
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: present
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudocmdgroup is present again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: present
register: result
failed_when: result.changed or result.failed
- name: Ensure sudocmdgroup is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudocmdgroup is absent again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure sudocmdgroup is present, with sudocmds.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudocmdgroup is present, with sudocmds, again.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: result.changed or result.failed
- name: Verify sudocmdgroup creation with sudocmds
ansible.builtin.shell: |
echo SomeADMINpassword | kinit -c verify_sudocmdgroup admin
KRB5CCNAME="verify_sudocmdgroup" ipa sudocmdgroup-show network --all
kdestroy -A -q -c verify_sudocmdgroup
register: result
failed_when: result.failed or not ("/usr/sbin/ifconfig" in result.stdout and "/usr/sbin/iwlist" in result.stdout)
- name: Ensure sudocmdgroup, with sudocmds, is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudocmdgroup, with sudocmds, is absent again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure testing sudocmdgroup is present
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
state: present
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudo commands are present in existing sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudo commands are present in existing sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure sudo commands are absent in existing sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure sudo commands are absent in existing sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure sudo commands are present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: present
register: result
failed_when: not result.changed or result.failed
- name: Ensure one sudo command is not present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
action: member
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure one sudo command is present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/ifconfig
action: member
state: present
register: result
failed_when: not result.changed or result.failed
- name: Ensure the other sudo command is not present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure the other sudo commandsis not present in sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: network
sudocmd:
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: result.changed or result.failed
Reference in New Issue View Git Blame Copy Permalink