mirror of
https://github.com/ansible/awx.git
synced 2026-02-17 03:00:04 -03:30
735 lines
16 KiB
YAML
735 lines
16 KiB
YAML
---
|
|
- name: Generate a random string for test
|
|
set_fact:
|
|
test_id: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
|
|
when: test_id is not defined
|
|
|
|
- name: Generate names
|
|
set_fact:
|
|
ssh_cred_name1: "AWX-Collection-tests-credential-ssh-cred1-{{ test_id }}"
|
|
ssh_cred_name2: "AWX-Collection-tests-credential-ssh-cred2-{{ test_id }}"
|
|
ssh_cred_name3: "AWX-Collection-tests-credential-ssh-cred-lookup-source-{{ test_id }}"
|
|
ssh_cred_name4: "AWX-Collection-tests-credential-ssh-cred-file-source-{{ test_id }}"
|
|
vault_cred_name1: "AWX-Collection-tests-credential-vault-cred1-{{ test_id }}"
|
|
vault_cred_name2: "AWX-Collection-tests-credential-vault-ssh-cred1-{{ test_id }}"
|
|
net_cred_name1: "AWX-Collection-tests-credential-net-cred1-{{ test_id }}"
|
|
scm_cred_name1: "AWX-Collection-tests-credential-scm-cred1-{{ test_id }}"
|
|
aws_cred_name1: "AWX-Collection-tests-credential-aws-cred1-{{ test_id }}"
|
|
vmware_cred_name1: "AWX-Collection-tests-credential-vmware-cred1-{{ test_id }}"
|
|
sat6_cred_name1: "AWX-Collection-tests-credential-sat6-cred1-{{ test_id }}"
|
|
gce_cred_name1: "AWX-Collection-tests-credential-gce-cred1-{{ test_id }}"
|
|
azurerm_cred_name1: "AWX-Collection-tests-credential-azurerm-cred1-{{ test_id }}"
|
|
openstack_cred_name1: "AWX-Collection-tests-credential-openstack-cred1-{{ test_id }}"
|
|
rhv_cred_name1: "AWX-Collection-tests-credential-rhv-cred1-{{ test_id }}"
|
|
insights_cred_name1: "AWX-Collection-tests-credential-insights-cred1-{{ test_id }}"
|
|
tower_cred_name1: "AWX-Collection-tests-credential-tower-cred1-{{ test_id }}"
|
|
|
|
- name: create a tempdir for an SSH key
|
|
local_action: shell mktemp -d
|
|
register: tempdir
|
|
|
|
- name: Generate a local SSH key
|
|
local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'"
|
|
|
|
- name: Read the generated key
|
|
set_fact:
|
|
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
|
|
|
|
- name: Test deprecation warnings
|
|
credential:
|
|
name: "{{ ssh_cred_name1 }}"
|
|
organization: Default
|
|
kind: ssh
|
|
authorize: false
|
|
authorize_password: 'test'
|
|
client: 'test'
|
|
security_token: 'test'
|
|
secret: 'test'
|
|
tenant: 'test'
|
|
subscription: 'test'
|
|
domain: 'test'
|
|
become_method: 'test'
|
|
become_username: 'test'
|
|
become_password: 'test'
|
|
vault_password: 'test'
|
|
project: 'test'
|
|
host: 'test'
|
|
username: 'test'
|
|
password: 'test'
|
|
ssh_key_data: 'test'
|
|
vault_id: 'test'
|
|
ssh_key_unlock: 'test'
|
|
state: absent
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "'deprecations' in result"
|
|
# The 20 comes from the length of OLD_INPUT_NAMES + 1 for kind
|
|
- result['deprecations'] | length() == 20
|
|
|
|
- name: Create an Org-specific credential (old school)
|
|
credential:
|
|
name: "{{ ssh_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: ssh
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Re-create the Org-specific credential (new school) with an ID
|
|
credential:
|
|
name: "{{ result.id }}"
|
|
organization: Default
|
|
credential_type: 'Machine'
|
|
state: present
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is not changed"
|
|
|
|
- name: Delete a Org-specific credential
|
|
credential:
|
|
name: "{{ ssh_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: ssh
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create the User-specific credential
|
|
credential:
|
|
name: "{{ ssh_cred_name1 }}"
|
|
user: admin
|
|
credential_type: 'Machine'
|
|
state: present
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a User-specific credential
|
|
credential:
|
|
name: "{{ ssh_cred_name1 }}"
|
|
user: admin
|
|
state: absent
|
|
kind: ssh
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid SSH credential (old school)
|
|
credential:
|
|
name: "{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: ssh
|
|
description: An example SSH credential
|
|
username: joe
|
|
password: secret
|
|
become_method: sudo
|
|
become_username: superuser
|
|
become_password: supersecret
|
|
ssh_key_data: "{{ ssh_key_data }}"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid SSH credential (new school)
|
|
credential:
|
|
name: "{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: present
|
|
credential_type: Machine
|
|
description: An example SSH credential
|
|
inputs:
|
|
username: joe
|
|
password: secret
|
|
become_method: sudo
|
|
become_username: superuser
|
|
become_password: supersecret
|
|
ssh_key_data: "{{ ssh_key_data }}"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
|
|
# This will be changed because we are setting ssh_key_data and ssh_key_unlock.
|
|
# These will come out as $encrypted$ which will always compare false to the values.
|
|
- assert:
|
|
that:
|
|
- result is changed
|
|
|
|
- name: Create a valid SSH credential (new school)
|
|
credential:
|
|
name: "{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: present
|
|
credential_type: Machine
|
|
description: An example SSH credential
|
|
inputs:
|
|
username: joe
|
|
become_method: sudo
|
|
become_username: superuser
|
|
register: result
|
|
|
|
# This shows as "changed" because these listed inputs replace the existing inputs from the previous task
|
|
- assert:
|
|
that:
|
|
- result is changed
|
|
|
|
- name: Check for inputs idempotency (when "inputs" is blank)
|
|
credential:
|
|
name: "{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: present
|
|
credential_type: Machine
|
|
description: An example SSH credential
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- result is not changed
|
|
|
|
- name: Copy ssh Credential
|
|
credential:
|
|
name: "copy_{{ ssh_cred_name2 }}"
|
|
copy_from: "{{ ssh_cred_name2 }}"
|
|
credential_type: Machine
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- result.copied
|
|
|
|
- name: Delete an SSH credential
|
|
credential:
|
|
name: "copy_{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: absent
|
|
credential_type: Machine
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid SSH credential from lookup source (old school)
|
|
credential:
|
|
name: "{{ ssh_cred_name3 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: ssh
|
|
description: An example SSH credential from lookup source
|
|
username: joe
|
|
password: secret
|
|
become_method: sudo
|
|
become_username: superuser
|
|
become_password: supersecret
|
|
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid SSH credential from lookup source (new school)
|
|
credential:
|
|
name: "{{ ssh_cred_name3 }}"
|
|
organization: Default
|
|
state: present
|
|
credential_type: Machine
|
|
description: An example SSH credential from lookup source
|
|
inputs:
|
|
username: joe
|
|
password: secret
|
|
become_method: sudo
|
|
become_username: superuser
|
|
become_password: supersecret
|
|
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
|
|
# This will be changed because we are passing in ssh_key_data and password
|
|
- assert:
|
|
that:
|
|
- result is changed
|
|
|
|
- name: Fail to create an SSH credential from a file source (old school format)
|
|
credential:
|
|
name: "{{ ssh_cred_name4 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: ssh
|
|
description: An example SSH credential from file source
|
|
username: joe
|
|
password: secret
|
|
become_method: sudo
|
|
become_username: superuser
|
|
become_password: supersecret
|
|
ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
ignore_errors: true
|
|
|
|
- assert:
|
|
that:
|
|
- result is failed
|
|
- "'Unable to create credential {{ ssh_cred_name4 }}' in result.msg"
|
|
- "'Invalid certificate or key' in result.msg"
|
|
|
|
- name: Create an invalid SSH credential (passphrase required)
|
|
credential:
|
|
name: SSH Credential
|
|
organization: Default
|
|
state: present
|
|
kind: ssh
|
|
username: joe
|
|
ssh_key_data: "{{ ssh_key_data }}"
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is failed"
|
|
- "'must be set when SSH key is encrypted' in result.msg"
|
|
|
|
- name: Create an invalid SSH credential (Organization not found)
|
|
credential:
|
|
name: SSH Credential
|
|
organization: Missing_Organization
|
|
state: present
|
|
kind: ssh
|
|
username: joe
|
|
ignore_errors: true
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is failed"
|
|
- "result is not changed"
|
|
- "'Missing_Organization' in result.msg"
|
|
- "result.total_results == 0"
|
|
|
|
- name: Delete an SSH credential
|
|
credential:
|
|
name: "{{ ssh_cred_name2 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: ssh
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an SSH credential
|
|
credential:
|
|
name: "{{ ssh_cred_name3 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: ssh
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an SSH credential
|
|
credential:
|
|
name: "{{ ssh_cred_name4 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: ssh
|
|
register: result
|
|
|
|
# This one was never really created so it shouldn't be deleted
|
|
- assert:
|
|
that:
|
|
- "result is not changed"
|
|
|
|
- name: Create a valid Vault credential
|
|
credential:
|
|
name: "{{ vault_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: vault
|
|
description: An example Vault credential
|
|
vault_password: secret-vault
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a Vault credential
|
|
credential:
|
|
name: "{{ vault_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: vault
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a Vault credential
|
|
credential:
|
|
name: "{{ vault_cred_name2 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: vault
|
|
register: result
|
|
|
|
# The creation of vault_cred_name2 never worked so we shouldn't actually need to delete it
|
|
- assert:
|
|
that:
|
|
- "result is not changed"
|
|
|
|
- name: Create a valid Network credential
|
|
credential:
|
|
name: "{{ net_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: net
|
|
username: joe
|
|
password: secret
|
|
authorize: true
|
|
authorize_password: authorize-me
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a Network credential
|
|
credential:
|
|
name: "{{ net_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: net
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid SCM credential
|
|
credential:
|
|
name: "{{ scm_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: scm
|
|
username: joe
|
|
password: secret
|
|
ssh_key_data: "{{ ssh_key_data }}"
|
|
ssh_key_unlock: "passphrase"
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an SCM credential
|
|
credential:
|
|
name: "{{ scm_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: scm
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid AWS credential
|
|
credential:
|
|
name: "{{ aws_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: aws
|
|
username: joe
|
|
password: secret
|
|
security_token: aws-token
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an AWS credential
|
|
credential:
|
|
name: "{{ aws_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: aws
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid VMWare credential
|
|
credential:
|
|
name: "{{ vmware_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: vmware
|
|
host: https://example.org
|
|
username: joe
|
|
password: secret
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an VMWare credential
|
|
credential:
|
|
name: "{{ vmware_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: vmware
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid Satellite6 credential
|
|
credential:
|
|
name: "{{ sat6_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: satellite6
|
|
host: https://example.org
|
|
username: joe
|
|
password: secret
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a Satellite6 credential
|
|
credential:
|
|
name: "{{ sat6_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: satellite6
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid GCE credential
|
|
credential:
|
|
name: "{{ gce_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: gce
|
|
username: joe
|
|
project: ABC123
|
|
ssh_key_data: "{{ ssh_key_data }}"
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a GCE credential
|
|
credential:
|
|
name: "{{ gce_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: gce
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid AzureRM credential
|
|
credential:
|
|
name: "{{ azurerm_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: azure_rm
|
|
username: joe
|
|
password: secret
|
|
subscription: some-subscription
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid AzureRM credential with a tenant
|
|
credential:
|
|
name: "{{ azurerm_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: azure_rm
|
|
client: some-client
|
|
secret: some-secret
|
|
tenant: some-tenant
|
|
subscription: some-subscription
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an AzureRM credential
|
|
credential:
|
|
name: "{{ azurerm_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: azure_rm
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid OpenStack credential
|
|
credential:
|
|
name: "{{ openstack_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: openstack
|
|
host: https://keystone.example.org
|
|
username: joe
|
|
password: secret
|
|
project: tenant123
|
|
domain: some-domain
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a OpenStack credential
|
|
credential:
|
|
name: "{{ openstack_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: openstack
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid RHV credential
|
|
credential:
|
|
name: "{{ rhv_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: rhv
|
|
host: https://example.org
|
|
username: joe
|
|
password: secret
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an RHV credential
|
|
credential:
|
|
name: "{{ rhv_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: rhv
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid Insights credential
|
|
credential:
|
|
name: "{{ insights_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: insights
|
|
username: joe
|
|
password: secret
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete an Insights credential
|
|
credential:
|
|
name: "{{ insights_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: insights
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Create a valid Tower-to-Tower credential
|
|
credential:
|
|
name: "{{ tower_cred_name1 }}"
|
|
organization: Default
|
|
state: present
|
|
kind: tower
|
|
host: https://controller.example.org
|
|
username: joe
|
|
password: secret
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Delete a Tower-to-Tower credential
|
|
credential:
|
|
name: "{{ tower_cred_name1 }}"
|
|
organization: Default
|
|
state: absent
|
|
kind: tower
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result is changed"
|
|
|
|
- name: Check module fails with correct msg
|
|
credential:
|
|
name: test-credential
|
|
description: Credential Description
|
|
kind: ssh
|
|
organization: test-non-existing-org
|
|
state: present
|
|
register: result
|
|
ignore_errors: true
|
|
|
|
- assert:
|
|
that:
|
|
- "result is failed"
|
|
- "result is not changed"
|
|
- "'test-non-existing-org' in result.msg"
|
|
- "result.total_results == 0"
|