diff --git a/molecule/default/roles/openshift_adm_groups/tasks/activeDirectory.yml b/molecule/default/roles/openshift_adm_groups/tasks/activeDirectory.yml index 78131a8..04f3335 100644 --- a/molecule/default/roles/openshift_adm_groups/tasks/activeDirectory.yml +++ b/molecule/default/roles/openshift_adm_groups/tasks/activeDirectory.yml @@ -49,9 +49,9 @@ - result is changed - admins_group - devs_group - - '"jane.smith@ansible.org" in {{ admins_group.users }}' - - '"jim.adams@ansible.org" in {{ admins_group.users }}' - - '"jordanbulls@ansible.org" in {{ devs_group.users }}' + - '"jane.smith@ansible.org" in admins_group.users' + - '"jim.adams@ansible.org" in admins_group.users' + - '"jordanbulls@ansible.org" in devs_group.users' - admins_group.users | length == 2 - devs_group.users | length == 1 vars: @@ -79,8 +79,8 @@ assert: that: - result.resources | length == 1 - - '"jane.smith@ansible.org" in {{ result.resources.0.users }}' - - '"jim.adams@ansible.org" in {{ result.resources.0.users }}' + - '"jane.smith@ansible.org" in result.resources.0.users' + - '"jim.adams@ansible.org" in result.resources.0.users' - name: Read developers group kubernetes.core.k8s_info: @@ -93,7 +93,7 @@ assert: that: - result.resources | length == 1 - - '"jordanbulls@ansible.org" in {{ result.resources.0.users }}' + - '"jordanbulls@ansible.org" in result.resources.0.users' - name: Define user dn to delete set_fact: @@ -133,8 +133,8 @@ assert: that: - result.resources | length == 1 - - '"jane.smith@ansible.org" in {{ result.resources.0.users }}' - - '"jim.adams@ansible.org" in {{ result.resources.0.users }}' + - '"jane.smith@ansible.org" in result.resources.0.users' + - '"jim.adams@ansible.org" in result.resources.0.users' - name: Synchronize Openshift groups using deny_groups community.okd.openshift_adm_groups_sync: diff --git a/molecule/default/roles/openshift_adm_groups/tasks/augmentedActiveDirectory.yml b/molecule/default/roles/openshift_adm_groups/tasks/augmentedActiveDirectory.yml index f089b33..7de215f 100644 --- a/molecule/default/roles/openshift_adm_groups/tasks/augmentedActiveDirectory.yml +++ b/molecule/default/roles/openshift_adm_groups/tasks/augmentedActiveDirectory.yml @@ -49,9 +49,9 @@ - result is changed - banking_group - insurance_group - - '"james-allan@ansible.org" in {{ banking_group.users }}' - - '"gordon-kane@ansible.org" in {{ banking_group.users }}' - - '"alice-courtney@ansible.org" in {{ insurance_group.users }}' + - '"james-allan@ansible.org" in banking_group.users' + - '"gordon-kane@ansible.org" in banking_group.users' + - '"alice-courtney@ansible.org" in insurance_group.users' - banking_group.users | length == 2 - insurance_group.users | length == 1 vars: @@ -90,8 +90,8 @@ assert: that: - result.resources | length == 1 - - '"james-allan@ansible.org" in {{ result.resources.0.users }}' - - '"gordon-kane@ansible.org" in {{ result.resources.0.users }}' + - '"james-allan@ansible.org" in result.resources.0.users' + - '"gordon-kane@ansible.org" in result.resources.0.users' - name: Read 'insurance' openshift group kubernetes.core.k8s_info: @@ -170,4 +170,4 @@ name: "{{ item }}" with_items: - banking - - insurance \ No newline at end of file + - insurance diff --git a/molecule/default/roles/openshift_adm_groups/tasks/rfc2307.yml b/molecule/default/roles/openshift_adm_groups/tasks/rfc2307.yml index 749dfda..6f5ecf8 100644 --- a/molecule/default/roles/openshift_adm_groups/tasks/rfc2307.yml +++ b/molecule/default/roles/openshift_adm_groups/tasks/rfc2307.yml @@ -70,9 +70,9 @@ - result is changed - admins_group - devs_group - - '"jane.smith@ansible.org" in {{ admins_group.users }}' - - '"jim.adams@ansible.org" in {{ devs_group.users }}' - - '"jordanbulls@ansible.org" in {{ devs_group.users }}' + - '"jane.smith@ansible.org" in admins_group.users' + - '"jim.adams@ansible.org" in devs_group.users' + - '"jordanbulls@ansible.org" in devs_group.users' - admins_group.users | length == 1 - devs_group.users | length == 2 vars: @@ -91,9 +91,9 @@ - result is changed - admins_group - devs_group - - '"jane.smith@ansible.org" in {{ admins_group.users }}' - - '"jim.adams@ansible.org" in {{ devs_group.users }}' - - '"jordanbulls@ansible.org" in {{ devs_group.users }}' + - '"jane.smith@ansible.org" in admins_group.users' + - '"jim.adams@ansible.org" in devs_group.users' + - '"jordanbulls@ansible.org" in devs_group.users' - admins_group.users | length == 1 - devs_group.users | length == 2 vars: @@ -112,9 +112,9 @@ - result is changed - admins_group - devs_group - - '"cn=Jane,ou=people,ou=rfc2307,{{ ldap_root }}" in {{ admins_group.users }}' - - '"cn=Jim,ou=people,ou=rfc2307,{{ ldap_root }}" in {{ devs_group.users }}' - - '"cn=Jordan,ou=people,ou=rfc2307,{{ ldap_root }}" in {{ devs_group.users }}' + - '"cn=Jane,ou=people,ou=rfc2307,"+ldap_root in admins_group.users' + - '"cn=Jim,ou=people,ou=rfc2307,"+ldap_root in devs_group.users' + - '"cn=Jordan,ou=people,ou=rfc2307,"+ldap_root in devs_group.users' - admins_group.users | length == 1 - devs_group.users | length == 2 vars: @@ -133,9 +133,9 @@ - result is changed - admins_group - devs_group - - '"jane.smith@ansible.org" in {{ admins_group.users }}' - - '"jim.adams@ansible.org" in {{ devs_group.users }}' - - '"jordanbulls@ansible.org" in {{ devs_group.users }}' + - '"jane.smith@ansible.org" in admins_group.users' + - '"jim.adams@ansible.org" in devs_group.users' + - '"jordanbulls@ansible.org" in devs_group.users' - admins_group.users | length == 1 - devs_group.users | length == 2 vars: @@ -162,7 +162,7 @@ assert: that: - result is failed - - result.msg.startswith("Entry not found for base='cn=Matthew,ou=people,ou=outrfc2307,{{ ldap_root }}'") + - result.msg.startswith("Entry not found for base='cn=Matthew,ou=people,ou=outrfc2307,"+ldap_root+"'") - name: Define sync configuration with tolerateMemberNotFoundErrors set_fact: @@ -264,7 +264,7 @@ assert: that: - result.resources | length == 1 - - '"jane.smith@ansible.org" in {{ result.resources.0.users }}' + - '"jane.smith@ansible.org" in result.resources.0.users' - name: Read Groups kubernetes.core.k8s_info: @@ -277,8 +277,8 @@ assert: that: - result.resources | length == 1 - - '"jim.adams@ansible.org" in {{ result.resources.0.users }}' - - '"jordanbulls@ansible.org" in {{ result.resources.0.users }}' + - '"jim.adams@ansible.org" in result.resources.0.users' + - '"jordanbulls@ansible.org" in result.resources.0.users' - name: Set users to delete (no admins users anymore and only 1 developer kept) set_fact: @@ -335,7 +335,7 @@ assert: that: - result.resources | length == 1 - - '"jordanbulls@ansible.org" in {{ result.resources.0.users }}' + - '"jordanbulls@ansible.org" in result.resources.0.users' - name: Set group to delete set_fact: @@ -466,4 +466,4 @@ with_items: - admins - engineers - - developers \ No newline at end of file + - developers diff --git a/molecule/default/tasks/openshift_adm_prune_auth_clusterroles.yml b/molecule/default/tasks/openshift_adm_prune_auth_clusterroles.yml index edf0e17..bac18bf 100644 --- a/molecule/default/tasks/openshift_adm_prune_auth_clusterroles.yml +++ b/molecule/default/tasks/openshift_adm_prune_auth_clusterroles.yml @@ -223,8 +223,8 @@ - name: validate clusterrole binding candidates for prune assert: that: - - '"{{ item.name }}-binding" in check.cluster_role_binding' - - '"{{ test_ns }}/{{ cluster_roles[0].name }}-binding" in check.role_binding' + - 'item["name"]+"-binding" in check.cluster_role_binding' + - 'test_ns+"/"+cluster_roles[0].name+"-binding" in check.role_binding' with_items: "{{ cluster_roles }}" - name: Prune Cluster Role for managing Pod diff --git a/molecule/default/tasks/openshift_adm_prune_auth_roles.yml b/molecule/default/tasks/openshift_adm_prune_auth_roles.yml index 7b75a0c..652c423 100644 --- a/molecule/default/tasks/openshift_adm_prune_auth_roles.yml +++ b/molecule/default/tasks/openshift_adm_prune_auth_roles.yml @@ -177,7 +177,7 @@ - name: validate that list role binding are candidates for prune assert: - that: '"{{ test_ns }}/{{ item.name }}-bind" in check.role_binding' + that: 'test_ns+"/"+item["name"]+"-bind" in check.role_binding' with_items: "{{ role_definition }}" - name: Prune resource using label_selectors option @@ -192,7 +192,7 @@ assert: that: - prune is changed - - '"{{ test_ns }}/{{ role_definition[2].name }}-bind" in check.role_binding' + - 'test_ns+"/"+role_definition[2]["name"]+"-bind" in check.role_binding' - name: assert that user could not delete pod anymore kubernetes.core.k8s: @@ -262,7 +262,7 @@ assert: that: - prune is changed - - '"{{ test_ns }}/{{ role_definition[1].name }}-bind" in check.role_binding' + - 'test_ns+"/"+role_definition[1]["name"]+"-bind" in check.role_binding' - name: Create Pod (should failed) kubernetes.core.k8s: @@ -315,7 +315,7 @@ assert: that: - prune is changed - - '"{{ test_ns }}/{{ role_definition[0].name }}-bind" in check.role_binding' + - 'test_ns+"/"+role_definition[0]["name"]+"-bind" in check.role_binding' - name: List Pod kubernetes.core.k8s_info: diff --git a/molecule/default/tasks/openshift_adm_prune_deployments.yml b/molecule/default/tasks/openshift_adm_prune_deployments.yml index ca48f73..855635a 100644 --- a/molecule/default/tasks/openshift_adm_prune_deployments.yml +++ b/molecule/default/tasks/openshift_adm_prune_deployments.yml @@ -95,7 +95,7 @@ assert: that: - replications.resources | length == 1 - - 'replications.resources.0.metadata.name is match("{{ dc_name }}-*")' + - replications.resources.0.metadata.name is match(dc_name+"-*") - name: Assure that candidate ReplicationController was found for pruning assert: @@ -266,4 +266,4 @@ kind: Namespace name: "{{ deployment_ns_2 }}" ignore_errors: yes - when: deployment_ns_2 is defined \ No newline at end of file + when: deployment_ns_2 is defined diff --git a/molecule/default/tasks/openshift_builds.yml b/molecule/default/tasks/openshift_builds.yml index 2acbac4..2eaf9ca 100644 --- a/molecule/default/tasks/openshift_builds.yml +++ b/molecule/default/tasks/openshift_builds.yml @@ -55,7 +55,7 @@ assert: that: - new_build is changed - - new_build.builds.0.metadata.name == "{{ build_config }}-1" + - new_build.builds.0.metadata.name == build_config+"-1" - name: Start a new Build from previous Build community.okd.openshift_build: @@ -67,7 +67,7 @@ assert: that: - rerun_build is changed - - rerun_build.builds.0.metadata.name == "{{ build_config }}-2" + - rerun_build.builds.0.metadata.name == build_config+"-2" - name: Cancel first build created community.okd.openshift_build: @@ -82,8 +82,8 @@ that: - cancel is changed - cancel.builds | length == 1 - - cancel.builds.0.metadata.name == "{{ build_config }}-1" - - cancel.builds.0.metadata.namespace == "{{ build_ns }}" + - cancel.builds.0.metadata.name == build_config+"-1" + - cancel.builds.0.metadata.namespace == build_ns - '"cancelled" in cancel.builds.0.status' - cancel.builds.0.status.cancelled @@ -119,7 +119,7 @@ that: - restart is changed - restart.builds | length == 1 - - 'restart.builds.0.metadata.name == "{{ build_config }}-3"' + - restart.builds.0.metadata.name == build_config+"-3" - name: Get info for 2nd Build kubernetes.core.k8s_info: @@ -175,8 +175,8 @@ that: - prune_without_ns is changed - prune_without_ns.builds | length > 0 - - '"{{ build_config }}-1" in build_names' - - '"{{ build_config }}-2" in build_names' + - 'build_config+"-1" in build_names' + - 'build_config+"-2" in build_names' vars: build_names: '{{ prune_without_ns.builds | map(attribute="metadata") | flatten | map(attribute="name") | list }}' diff --git a/molecule/default/tasks/openshift_import_images.yml b/molecule/default/tasks/openshift_import_images.yml index 76c49f0..1396866 100644 --- a/molecule/default/tasks/openshift_import_images.yml +++ b/molecule/default/tasks/openshift_import_images.yml @@ -125,7 +125,7 @@ assert: that: - error_tag is failed - - 'error_tag.msg == "image stream {{ test_ns }}/local-is does not have tags pointing to external container images"' + - error_tag.msg == "image stream "+test_ns+"/local-is does not have tags pointing to external container images" - name: import all tags for container image ibmcom/pause and specific tag for redhat/ubi8-micro community.okd.openshift_import_image: