mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-10 18:55:53 +00:00
ec777dab8f
Update hbacsvc README file and add tests for executing plugin with
`ipaapi_context` set to `client`.
A new test playbook can be found at:
tests/hbacsvc/test_hbacsvc_client_context.yml
The new test file can be executed in a FreeIPA client host that is
not a server. In this case, it should be defined in the `ipaclients`
group, in the inventory file.
66 lines
2.0 KiB
YAML
66 lines
2.0 KiB
YAML
---
|
|
- name: Test hbacsvc
|
|
hosts: "{{ ipa_test_host | default('ipaserver') }}"
|
|
become: true
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Ensure HBAC Service for http is absent
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: http,tftp
|
|
state: absent
|
|
|
|
- name: Ensure HBAC Service for http is present
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: http
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure HBAC Service for http is present again
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: http
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure HBAC Service for tftp is present
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: tftp
|
|
description: TFTP service
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure HBAC Service for tftp is present again
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: tftp
|
|
description: TFTP service
|
|
register: result
|
|
failed_when: result.changed or result.failed
|
|
|
|
- name: Ensure HBAC Services for http and tftp are absent
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: http,tftp
|
|
state: absent
|
|
register: result
|
|
failed_when: not result.changed or result.failed
|
|
|
|
- name: Ensure HBAC Services for http and tftp are absent again
|
|
ipahbacsvc:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
name: http,tftp
|
|
state: absent
|
|
register: result
|
|
failed_when: result.changed or result.failed
|