internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
d580431832031f061deeedea3a38ac542e3aeb21
ansible-freeipa/tests/sudorule/test_sudorule_single_hostnames.yml
Rafael Guterres Jeffman 6c94fe9bd5 tests/sudorule: Don't become or gather_facts and use only true/false 
Unless there's a real need to use privileged access or to gather Ansible
facts upfront, we should always set "become: false" and
"gather_facts: false". In the case that only a few Ansible facts are
required, 'ansible.builtin.setup' with 'gather_subset' should be used.

As the YAML 1.2 standard dictates, boolean values should only use 'true'
or 'false' values.

This patch fixes these issues in the 'sudorule' test suite.
2024-11-18 11:59:51 -03:00

158 lines
4.7 KiB
YAML
Raw Blame History

---
- name: Test sudorule with single hostnames.
hosts: "{{ ipa_test_host | default('ipaserver') }}"
become: false
gather_facts: false
tasks:
- name: Test sudorule single hostnames
block:
# setup test environment
- name: Ensure ipaserver_domain is set
when: ipaserver_domain is not defined
block:
- name: Retrieve host information
ansible.builtin.setup:
gather_subset: dns
- name: Get Domain from the server name
ansible.builtin.set_fact:
ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join('.') }}"
- name: Ensure test sudo rule is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
state: absent
- name: Ensure test host exist
ipahost:
ipaadmin_password: SomeADMINpassword
hosts:
- name: "host01.{{ ipaserver_domain }}"
force: true
- name: "host02.{{ ipaserver_domain }}"
force: true
# start tests
- name: Ensure sudorule exist with host member using FQDN.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: "host01.{{ ipaserver_domain }}"
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule host member using short hostname.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: host01
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with another host using short name.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: host02
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule exist with another host member using FQDN.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: "host02.{{ ipaserver_domain }}"
register: result
failed_when: result.failed or result.changed
- name: Ensure sudorule exist with another host member using FQDN.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: "host02.{{ ipaserver_domain }}"
register: result
failed_when: result.failed or result.changed
# cleanup for member tests.
- name: Ensure test sudo rule is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
state: absent
- name: Ensure test sudo rule is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
state: absent
# member tests
- name: Ensure test sudo rule is present
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
- name: Ensure sudorule host member using FQDN.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: "host01.{{ ipaserver_domain }}"
action: member
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule host member using short hostname.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: host01
action: member
register: result
failed_when: result.failed or result.changed
- name: Ensure test sudo rule is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
state: absent
- name: Ensure test sudo rule is present
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
- name: Ensure sudorule host member using FQDN.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: "host01.{{ ipaserver_domain }}"
action: member
register: result
failed_when: result.failed or not result.changed
- name: Ensure sudorule host member using short hostname.
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
host: host01
action: member
register: result
failed_when: result.failed or result.changed
always:
# cleanup
- name: Ensure test sudo rule is absent
ipasudorule:
ipaadmin_password: SomeADMINpassword
name: sudorule_for_hosts
state: absent
- name: Ensure test host is absent
ipahost:
ipaadmin_password: SomeADMINpassword
name:
- "host01.{{ ipaserver_domain }}"
- "host02.{{ ipaserver_domain }}"
state: absent
Reference in New Issue View Git Blame Copy Permalink