internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
d580431832031f061deeedea3a38ac542e3aeb21
ansible-freeipa/tests/sudorule/test_sudorule_member_case_insensitive.yml
Rafael Guterres Jeffman 6c94fe9bd5 tests/sudorule: Don't become or gather_facts and use only true/false 
Unless there's a real need to use privileged access or to gather Ansible
facts upfront, we should always set "become: false" and
"gather_facts: false". In the case that only a few Ansible facts are
required, 'ansible.builtin.setup' with 'gather_subset' should be used.

As the YAML 1.2 standard dictates, boolean values should only use 'true'
or 'false' values.

This patch fixes these issues in the 'sudorule' test suite.
2024-11-18 11:59:51 -03:00

292 lines
8.6 KiB
YAML
Raw Blame History

---
- name: Test sudorule members should be case insensitive.
hosts: "{{ ipa_test_host | default('ipaserver') }}"
become: false
gather_facts: false
vars:
groups_present:
- eleMENT1
- Element2
- eLeMenT3
- ElemENT4
tasks:
- name: Test sudorule member case insensitive
block:
# SETUP
- name: Ensure domain name
ansible.builtin.set_fact:
ipa_domain: ipa.test
when: ipa_domain is not defined
- name: Ensure test groups exist.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
loop: "{{ groups_present }}"
- name: Ensure test hostgroups exist.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
loop: "{{ groups_present }}"
- name: Ensure test hosts exist.
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}.{{ ipa_domain }}"
force: true
loop: "{{ groups_present }}"
- name: Ensure test users exist.
ipauser:
ipaadmin_password: SomeADMINpassword
name: "user{{ item }}"
first: "{{ item }}"
last: "{{ item }}"
loop: "{{ groups_present }}"
- name: Ensure sudorule do not exist
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
state: absent
loop: "{{ groups_present }}"
# TESTS
- name: Start tests.
ansible.builtin.debug:
msg: "Tests are starting."
- name: Ensure sudorule exist with runasusers members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasuser: "user{{ item }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule exist with lowercase runasusers members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasuser: "user{{ item | lower }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with uppercase runasusers members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasuser: "user{{ item | upper }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with runasgroup members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasgroup: "{{ item }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule exist with lowercase runasgroup members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasgroup: "{{ item | lower }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with uppercase runasgroup members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
runasgroup: "{{ item | upper }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule do not exist
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
state: absent
loop: "{{ groups_present }}"
#####
- name: Ensure sudorule exist with members
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
hostgroup: "{{ item }}"
host: "{{ item }}.{{ ipa_domain }}"
group: "{{ item }}"
user: "user{{ item }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule exist with members, lowercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
hostgroup: "{{ item | lower }}"
host: "{{ item | lower }}.{{ ipa_domain }}"
group: "{{ item | lower }}"
user: "user{{ item | lower }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with members, uppercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
cmdcategory: all
hostgroup: "{{ item | upper }}"
host: "{{ item | upper }}.{{ ipa_domain }}"
group: "{{ item | upper }}"
user: "user{{ item | upper }}"
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule member is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item }}"
host: "{{ item }}.{{ ipa_domain }}"
group: "{{ item }}"
user: "user{{ item }}"
action: member
state: absent
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule member is absent, lowercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item | lower }}"
host: "{{ item | lower }}.{{ ipa_domain }}"
group: "{{ item | lower }}"
user: "user{{ item | lower }}"
action: member
state: absent
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule member is absent, upercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item | upper }}"
host: "{{ item | upper }}.{{ ipa_domain }}"
group: "{{ item | upper }}"
user: "user{{ item | upper }}"
action: member
state: absent
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule member is present, upercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item | upper }}"
host: "{{ item | upper }}.{{ ipa_domain }}"
group: "{{ item | upper }}"
user: "user{{ item | upper }}"
action: member
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule member is present, lowercase
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item | lower }}"
host: "{{ item | lower }}.{{ ipa_domain }}"
group: "{{ item | lower }}"
user: "user{{ item | lower }}"
action: member
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule member is present, mixed case
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
hostgroup: "{{ item }}"
host: "{{ item }}.{{ ipa_domain }}"
group: "{{ item }}"
user: "user{{ item }}"
action: member
loop: "{{ groups_present }}"
register: result
failed_when: result.failed or result.changed
- name: End tests.
ansible.builtin.debug:
msg: "All tests executed."
always:
# cleanup
- name: Ensure sudorule do not exist
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
state: absent
loop: "{{ groups_present }}"
- name: Ensure test groups do not exist.
ipagroup:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
state: absent
loop: "{{ groups_present }}"
- name: Ensure test hostgroups do not exist.
ipahostgroup:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}"
state: absent
loop: "{{ groups_present }}"
- name: Ensure test hosts do not exist.
ipahost:
ipaadmin_password: SomeADMINpassword
name: "{{ item }}.{{ ipa_domain }}"
state: absent
loop: "{{ groups_present }}"
- name: Ensure test users do not exist.
ipauser:
ipaadmin_password: SomeADMINpassword
name: "user{{ item }}"
state: absent
loop: "{{ groups_present }}"
Reference in New Issue View Git Blame Copy Permalink