External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-28 23:04:41 -03:30
Code Issues Packages Projects Releases Wiki Activity
awx/awx_collection/tests/integration/targets/credential/tasks/main.yml

638 lines
14 KiB
YAML
Raw Blame History

---
- name: Generate a random string for test
set_fact:
test_id: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
when: test_id is not defined
- name: Generate names
set_fact:
ssh_cred_name1: "AWX-Collection-tests-credential-ssh-cred1-{{ test_id }}"
ssh_cred_name2: "AWX-Collection-tests-credential-ssh-cred2-{{ test_id }}"
ssh_cred_name3: "AWX-Collection-tests-credential-ssh-cred-lookup-source-{{ test_id }}"
ssh_cred_name4: "AWX-Collection-tests-credential-ssh-cred-file-source-{{ test_id }}"
vault_cred_name1: "AWX-Collection-tests-credential-vault-cred1-{{ test_id }}"
vault_cred_name2: "AWX-Collection-tests-credential-vault-ssh-cred1-{{ test_id }}"
net_cred_name1: "AWX-Collection-tests-credential-net-cred1-{{ test_id }}"
scm_cred_name1: "AWX-Collection-tests-credential-scm-cred1-{{ test_id }}"
aws_cred_name1: "AWX-Collection-tests-credential-aws-cred1-{{ test_id }}"
vmware_cred_name1: "AWX-Collection-tests-credential-vmware-cred1-{{ test_id }}"
sat6_cred_name1: "AWX-Collection-tests-credential-sat6-cred1-{{ test_id }}"
gce_cred_name1: "AWX-Collection-tests-credential-gce-cred1-{{ test_id }}"
azurerm_cred_name1: "AWX-Collection-tests-credential-azurerm-cred1-{{ test_id }}"
openstack_cred_name1: "AWX-Collection-tests-credential-openstack-cred1-{{ test_id }}"
rhv_cred_name1: "AWX-Collection-tests-credential-rhv-cred1-{{ test_id }}"
insights_cred_name1: "AWX-Collection-tests-credential-insights-cred1-{{ test_id }}"
tower_cred_name1: "AWX-Collection-tests-credential-tower-cred1-{{ test_id }}"
- name: create a tempdir for an SSH key
local_action: shell mktemp -d
register: tempdir
- name: Generate a local SSH key
local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'"
- name: Read the generated key
set_fact:
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
- name: Create an Org-specific credential with an ID
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
credential_type: Machine
state: present
register: result
- assert:
that:
- "result is changed"
- name: Delete a Org-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Create the User-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
user: admin
credential_type: 'Machine'
state: present
register: result
- assert:
that:
- "result is changed"
- name: Delete a User-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
user: admin
state: absent
credential_type: 'Machine'
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
inputs:
username: joe
password: secret
become_method: sudo
become_username: superuser
become_password: supersecret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- result is changed
- name: Create a valid SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
inputs:
username: joe
become_method: sudo
become_username: superuser
register: result
- assert:
that:
- result is changed
- name: Check for inputs idempotency (when "inputs" is blank)
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
register: result
- assert:
that:
- result is not changed
- name: Copy ssh Credential
credential:
name: "copy_{{ ssh_cred_name2 }}"
copy_from: "{{ ssh_cred_name2 }}"
credential_type: Machine
register: result
- assert:
that:
- result.copied
- name: Delete an SSH credential
credential:
name: "copy_{{ ssh_cred_name2 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SSH credential from lookup source
credential:
name: "{{ ssh_cred_name3 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential from lookup source
inputs:
username: joe
password: secret
become_method: sudo
become_username: superuser
become_password: supersecret
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- result is changed
- name: Create an invalid SSH credential (passphrase required)
credential:
name: SSH Credential
organization: Default
state: present
credential_type: Machine
inputs:
username: joe
ssh_key_data: "{{ ssh_key_data }}"
ignore_errors: true
register: result
- assert:
that:
- "result is failed"
- "'must be set when SSH key is encrypted' in result.msg"
- name: Create an invalid SSH credential (Organization not found)
credential:
name: SSH Credential
organization: Missing_Organization
state: present
credential_type: Machine
inputs:
username: joe
ignore_errors: true
register: result
- assert:
that:
- "result is failed"
- "result is not changed"
- "'Missing_Organization' in result.msg"
- "result.total_results == 0"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name3 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name4 }}"
organization: Default
state: absent
credential_type: Machine
register: result
# This one was never really created so it shouldn't be deleted
- assert:
that:
- "result is not changed"
- name: Create a valid Vault credential
credential:
name: "{{ vault_cred_name1 }}"
organization: Default
state: present
credential_type: Vault
description: An example Vault credential
inputs:
vault_id: bar
vault_password: secret-vault
register: result
- assert:
that:
- "result is changed"
- name: Delete a Vault credential
credential:
name: "{{ vault_cred_name1 }}"
organization: Default
state: absent
credential_type: Vault
register: result
- assert:
that:
- "result is changed"
- name: Delete a Vault credential
credential:
name: "{{ vault_cred_name2 }}"
organization: Default
state: absent
credential_type: Vault
register: result
# The creation of vault_cred_name2 never worked so we shouldn't actually need to delete it
- assert:
that:
- "result is not changed"
- name: Create a valid Network credential
credential:
name: "{{ net_cred_name1 }}"
organization: Default
state: present
credential_type: Network
inputs:
username: joe
password: secret
authorize: true
authorize_password: authorize-me
register: result
- assert:
that:
- "result is changed"
- name: Delete a Network credential
credential:
name: "{{ net_cred_name1 }}"
organization: Default
state: absent
credential_type: Network
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SCM credential
credential:
name: "{{ scm_cred_name1 }}"
organization: Default
state: present
credential_type: Source Control
inputs:
username: joe
password: secret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- "result is changed"
- name: Delete an SCM credential
credential:
name: "{{ scm_cred_name1 }}"
organization: Default
state: absent
credential_type: Source Control
register: result
- assert:
that:
- "result is changed"
- name: Create a valid AWS credential
credential:
name: "{{ aws_cred_name1 }}"
organization: Default
state: present
credential_type: Amazon Web Services
inputs:
username: joe
password: secret
security_token: aws-token
register: result
- assert:
that:
- "result is changed"
- name: Delete an AWS credential
credential:
name: "{{ aws_cred_name1 }}"
organization: Default
state: absent
credential_type: Amazon Web Services
register: result
- assert:
that:
- "result is changed"
- name: Create a valid VMWare credential
credential:
name: "{{ vmware_cred_name1 }}"
organization: Default
state: present
credential_type: VMware vCenter
inputs:
host: https://example.org
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete an VMWare credential
credential:
name: "{{ vmware_cred_name1 }}"
organization: Default
state: absent
credential_type: VMware vCenter
register: result
- assert:
that:
- "result is changed"
- name: Create a valid Satellite6 credential
credential:
name: "{{ sat6_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Satellite 6
inputs:
host: https://example.org
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete a Satellite6 credential
credential:
name: "{{ sat6_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Satellite 6
register: result
- assert:
that:
- "result is changed"
- name: Create a valid GCE credential
credential:
name: "{{ gce_cred_name1 }}"
organization: Default
state: present
credential_type: Google Compute Engine
inputs:
username: joe
project: ABC123
ssh_key_data: "{{ ssh_key_data }}"
register: result
- assert:
that:
- "result is changed"
- name: Delete a GCE credential
credential:
name: "{{ gce_cred_name1 }}"
organization: Default
state: absent
credential_type: Google Compute Engine
register: result
- assert:
that:
- "result is changed"
- name: Create a valid AzureRM credential
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: present
credential_type: Microsoft Azure Resource Manager
inputs:
username: joe
password: secret
subscription: some-subscription
register: result
- assert:
that:
- "result is changed"
- name: Create a valid AzureRM credential with a tenant
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: present
credential_type: Microsoft Azure Resource Manager
inputs:
client: some-client
secret: some-secret
tenant: some-tenant
subscription: some-subscription
register: result
- assert:
that:
- "result is changed"
- name: Delete an AzureRM credential
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: absent
credential_type: Microsoft Azure Resource Manager
register: result
- assert:
that:
- "result is changed"
- name: Create a valid OpenStack credential
credential:
name: "{{ openstack_cred_name1 }}"
organization: Default
state: present
credential_type: OpenStack
inputs:
host: https://keystone.example.org
username: joe
password: secret
project: tenant123
domain: some-domain
register: result
- assert:
that:
- "result is changed"
- name: Delete a OpenStack credential
credential:
name: "{{ openstack_cred_name1 }}"
organization: Default
state: absent
credential_type: OpenStack
register: result
- assert:
that:
- "result is changed"
- name: Create a valid RHV credential
credential:
name: "{{ rhv_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Virtualization
inputs:
host: https://example.org
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete an RHV credential
credential:
name: "{{ rhv_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Virtualization
register: result
- assert:
that:
- "result is changed"
- name: Create a valid Insights credential
credential:
name: "{{ insights_cred_name1 }}"
organization: Default
state: present
credential_type: Insights
inputs:
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete an Insights credential
credential:
name: "{{ insights_cred_name1 }}"
organization: Default
state: absent
credential_type: Insights
register: result
- assert:
that:
- "result is changed"
- name: Create a valid Tower-to-Tower credential
credential:
name: "{{ tower_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Ansible Automation Platform
inputs:
host: https://controller.example.org
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete a Tower-to-Tower credential
credential:
name: "{{ tower_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Ansible Automation Platform
register: result
- assert:
that:
- "result is changed"
- name: Check module fails with correct msg
credential:
name: test-credential
description: Credential Description
credential_type: Machine
organization: test-non-existing-org
state: present
register: result
ignore_errors: true
- assert:
that:
- "result is failed"
- "result is not changed"
- "'test-non-existing-org' in result.msg"
- "result.total_results == 0"
Reference in New Issue View Git Blame Copy Permalink