External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-13 07:54:42 -03:30
Code Issues Packages Projects Releases Wiki Activity
Files
e355df6cc68cc153a0d69f2c371ec00159d4a3bc
awx/awx_collection/tests/integration/targets/credential/tasks/main.yml
AlanCoding 55a7591f89 Resolve actions conflicts and delete unwatned files 
Bump migrations and delete some files

Resolve remaining conflicts

Fix requirements

Flake8 fixes

Prefer devel changes for schema

Use correct versions

Remove sso connected stuff

Update to modern actions and collection fixes

Remove unwated alias

Version problems in actions

Fix more versioning problems

Update warning string

Messed it up again

Shorten exception

More removals

Remove pbr license

Remove tests deleted in devel

Remove unexpected files

Remove some content missed in the rebase

Use sleep_task from devel

Restore devel live conftest file

Add in settings that got missed

Prefer devel version of collection test

Finish repairing .github path

Remove unintended test file duplication

Undo more unintended file additions
2025-09-17 10:23:19 -04:00

822 lines
19 KiB
YAML
Raw Blame History

---
- name: Generate a random string for test
set_fact:
test_id: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
when: test_id is not defined
- name: Generate names
set_fact:
ssh_cred_name1: "AWX-Collection-tests-credential-ssh-cred1-{{ test_id }}"
ssh_cred_name2: "AWX-Collection-tests-credential-ssh-cred2-{{ test_id }}"
ssh_cred_name3: "AWX-Collection-tests-credential-ssh-cred-lookup-source-{{ test_id }}"
ssh_cred_name4: "AWX-Collection-tests-credential-ssh-cred-file-source-{{ test_id }}"
vault_cred_name1: "AWX-Collection-tests-credential-vault-cred1-{{ test_id }}"
vault_cred_name2: "AWX-Collection-tests-credential-vault-ssh-cred1-{{ test_id }}"
net_cred_name1: "AWX-Collection-tests-credential-net-cred1-{{ test_id }}"
scm_cred_name1: "AWX-Collection-tests-credential-scm-cred1-{{ test_id }}"
aws_cred_name1: "AWX-Collection-tests-credential-aws-cred1-{{ test_id }}"
vmware_cred_name1: "AWX-Collection-tests-credential-vmware-cred1-{{ test_id }}"
sat6_cred_name1: "AWX-Collection-tests-credential-sat6-cred1-{{ test_id }}"
gce_cred_name1: "AWX-Collection-tests-credential-gce-cred1-{{ test_id }}"
azurerm_cred_name1: "AWX-Collection-tests-credential-azurerm-cred1-{{ test_id }}"
openstack_cred_name1: "AWX-Collection-tests-credential-openstack-cred1-{{ test_id }}"
rhv_cred_name1: "AWX-Collection-tests-credential-rhv-cred1-{{ test_id }}"
insights_cred_name1: "AWX-Collection-tests-credential-insights-cred1-{{ test_id }}"
insights_cred_name2: "AWX-Collection-tests-credential-insights-cred2-{{ test_id }}"
tower_cred_name1: "AWX-Collection-tests-credential-tower-cred1-{{ test_id }}"
- name: Get current Credential Types available
ansible.builtin.set_fact:
credentials: "{{ lookup('awx.awx.controller_api', 'credential_types') }}"
- name: Register Credentials found
set_fact:
aws_found: "{{ 'Amazon Web Services' in credentials | map(attribute='name') | list }}"
vmware_found: "{{ 'VMware vCenter' in credentials | map(attribute='name') | list }}"
azure_found: "{{ 'Microsoft Azure Resource Manager' in credentials | map(attribute='name') | list }}"
gce_found: "{{ 'Google Compute Engine' in credentials | map(attribute='name') | list }}"
insights_found: "{{ 'Red Hat Insights' in credentials | map(attribute='name') | list }}"
satellite_found: "{{ 'Red Hat Satellite 6' in credentials | map(attribute='name') | list }}"
openstack_found: "{{ 'OpenStack' in credentials | map(attribute='name') | list }}"
rhv_found: "{{ 'Red Hat Virtualization' in credentials | map(attribute='name') | list }}"
- name: create a tempdir for an SSH key
local_action: shell mktemp -d
register: tempdir
- name: Generate a local SSH key
local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'"
- name: Read the generated key
set_fact:
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
- name: Create an Org-specific credential with an ID
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
credential_type: Machine
state: present
register: result
- assert:
that:
- "result is changed"
- name: Create an Org-specific credential with an ID with exists
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
credential_type: Machine
state: exists
register: result
- assert:
that:
- "result is not changed"
- name: Delete an Org-specific credential with an ID
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
credential_type: Machine
state: absent
register: result
- assert:
that:
- "result is changed"
- name: Delete a credential without credential_type
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
state: absent
register: result
ignore_errors: yes
- assert:
that:
- "result is failed"
- name: Create an Org-specific credential with an ID with exists
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
credential_type: Machine
state: exists
register: result
- assert:
that:
- "result is changed"
- name: Delete a Org-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Create the User-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
user: admin
credential_type: 'Machine'
state: present
register: result
- assert:
that:
- "result is changed"
- name: Delete a User-specific credential
credential:
name: "{{ ssh_cred_name1 }}"
user: admin
state: absent
credential_type: 'Machine'
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
inputs:
username: joe
password: secret
become_method: sudo
become_username: superuser
become_password: supersecret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- result is changed
- name: Create a valid SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
inputs:
username: joe
become_method: sudo
become_username: superuser
register: result
- assert:
that:
- result is changed
- name: Check for inputs idempotency (when "inputs" is blank)
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential
register: result
- assert:
that:
- result is not changed
- name: Copy ssh Credential
credential:
name: "copy_{{ ssh_cred_name2 }}"
copy_from: "{{ ssh_cred_name2 }}"
credential_type: Machine
register: result
- assert:
that:
- result.copied
- name: Delete an SSH credential
credential:
name: "copy_{{ ssh_cred_name2 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SSH credential from lookup source
credential:
name: "{{ ssh_cred_name3 }}"
organization: Default
state: present
credential_type: Machine
description: An example SSH credential from lookup source
inputs:
username: joe
password: secret
become_method: sudo
become_username: superuser
become_password: supersecret
ssh_key_data: "{{ lookup('file', tempdir.stdout + '/id_rsa') }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- result is changed
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Ensure existence of SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: exists
credential_type: Machine
description: An example SSH awx.awx.credential
inputs:
username: joe
password: secret
become_method: sudo
become_username: superuser
become_password: supersecret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- result is changed
- name: Ensure existence of SSH credential, not updating any inputs
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: exists
credential_type: Machine
description: An example SSH awx.awx.credential
inputs:
username: joe
password: no-update-secret
become_method: sudo
become_username: some-other-superuser
become_password: some-other-secret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "another-pass-phrase"
register: result
- assert:
that:
- result is not changed
- name: Create an invalid SSH credential (passphrase required)
credential:
name: SSH Credential
organization: Default
state: present
credential_type: Machine
inputs:
username: joe
ssh_key_data: "{{ ssh_key_data }}"
ignore_errors: yes
register: result
- assert:
that:
- "result is failed"
- "'must be set when SSH key is encrypted' in result.msg"
- name: Create an invalid SSH credential (Organization not found)
credential:
name: SSH Credential
organization: Missing_Organization
state: present
credential_type: Machine
inputs:
username: joe
ignore_errors: yes
register: result
- assert:
that:
- "result is failed"
- "result is not changed"
- "'Missing_Organization' in result.msg"
- "result.total_results == 0"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name2 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name3 }}"
organization: Default
state: absent
credential_type: Machine
register: result
- assert:
that:
- "result is changed"
- name: Delete an SSH credential
credential:
name: "{{ ssh_cred_name4 }}"
organization: Default
state: absent
credential_type: Machine
register: result
# This one was never really created so it shouldn't be deleted
- assert:
that:
- "result is not changed"
- name: Create a valid Vault credential
credential:
name: "{{ vault_cred_name1 }}"
organization: Default
state: present
credential_type: Vault
description: An example Vault credential
inputs:
vault_id: bar
vault_password: secret-vault
register: result
- assert:
that:
- "result is changed"
- name: Delete a Vault credential
credential:
name: "{{ vault_cred_name1 }}"
organization: Default
state: absent
credential_type: Vault
register: result
- assert:
that:
- "result is changed"
- name: Delete a Vault credential
credential:
name: "{{ vault_cred_name2 }}"
organization: Default
state: absent
credential_type: Vault
register: result
# The creation of vault_cred_name2 never worked so we shouldn't actually need to delete it
- assert:
that:
- "result is not changed"
- name: Create a valid Network credential
credential:
name: "{{ net_cred_name1 }}"
organization: Default
state: present
credential_type: Network
inputs:
username: joe
password: secret
authorize: true
authorize_password: authorize-me
register: result
- assert:
that:
- "result is changed"
- name: Delete a Network credential
credential:
name: "{{ net_cred_name1 }}"
organization: Default
state: absent
credential_type: Network
register: result
- assert:
that:
- "result is changed"
- name: Create a valid SCM credential
credential:
name: "{{ scm_cred_name1 }}"
organization: Default
state: present
credential_type: Source Control
inputs:
username: joe
password: secret
ssh_key_data: "{{ ssh_key_data }}"
ssh_key_unlock: "passphrase"
register: result
- assert:
that:
- "result is changed"
- name: Delete an SCM credential
credential:
name: "{{ scm_cred_name1 }}"
organization: Default
state: absent
credential_type: Source Control
register: result
- assert:
that:
- "result is changed"
- name: Create a valid AWS credential
credential:
name: "{{ aws_cred_name1 }}"
organization: Default
state: present
credential_type: Amazon Web Services
inputs:
username: joe
password: secret
security_token: aws-token
register: result
when: aws_found
- assert:
that:
- "result is changed"
when: aws_found
- name: Delete an AWS credential
credential:
name: "{{ aws_cred_name1 }}"
organization: Default
state: absent
credential_type: Amazon Web Services
register: result
when: aws_found
- assert:
that:
- "result is changed"
when: aws_found
- name: Create a valid VMWare credential
credential:
name: "{{ vmware_cred_name1 }}"
organization: Default
state: present
credential_type: VMware vCenter
inputs:
host: https://example.org
username: joe
password: secret
register: result
when: vmware_found
- assert:
that:
- "result is changed"
when: vmware_found
- name: Delete an VMWare credential
credential:
name: "{{ vmware_cred_name1 }}"
organization: Default
state: absent
credential_type: VMware vCenter
register: result
when: vmware_found
- assert:
that:
- "result is changed"
when: vmware_found
- name: Create a valid Satellite6 credential
credential:
name: "{{ sat6_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Satellite 6
inputs:
host: https://example.org
username: joe
password: secret
register: result
when: satellite_found
- assert:
that:
- "result is changed"
when: satellite_found
- name: Delete a Satellite6 credential
credential:
name: "{{ sat6_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Satellite 6
register: result
when: satellite_found
- assert:
that:
- "result is changed"
when: satellite_found
- name: Create a valid GCE credential
credential:
name: "{{ gce_cred_name1 }}"
organization: Default
state: present
credential_type: Google Compute Engine
inputs:
username: joe
project: ABC123
ssh_key_data: "{{ ssh_key_data }}"
register: result
when: gce_found
- assert:
that:
- "result is changed"
when: gce_found
- name: Delete a GCE credential
credential:
name: "{{ gce_cred_name1 }}"
organization: Default
state: absent
credential_type: Google Compute Engine
register: result
when: gce_found
- assert:
that:
- "result is changed"
when: gce_found
- name: Create a valid AzureRM credential
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: present
credential_type: Microsoft Azure Resource Manager
inputs:
username: joe
password: secret
subscription: some-subscription
register: result
when: azure_found
- assert:
that:
- "result is changed"
when: azure_found
- name: Create a valid AzureRM credential with a tenant
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: present
credential_type: Microsoft Azure Resource Manager
inputs:
client: some-client
secret: some-secret
tenant: some-tenant
subscription: some-subscription
register: result
when: azure_found
- assert:
that:
- "result is changed"
when: azure_found
- name: Delete an AzureRM credential
credential:
name: "{{ azurerm_cred_name1 }}"
organization: Default
state: absent
credential_type: Microsoft Azure Resource Manager
register: result
when: azure_found
- assert:
that:
- "result is changed"
when: azure_found
- name: Create a valid OpenStack credential
credential:
name: "{{ openstack_cred_name1 }}"
organization: Default
state: present
credential_type: OpenStack
inputs:
host: https://keystone.example.org
username: joe
password: secret
project: tenant123
domain: some-domain
register: result
when: openstack_found
- assert:
that:
- "result is changed"
when: openstack_found
- name: Delete a OpenStack credential
credential:
name: "{{ openstack_cred_name1 }}"
organization: Default
state: absent
credential_type: OpenStack
register: result
when: openstack_found
- assert:
that:
- "result is changed"
when: openstack_found
- name: Create a valid RHV credential
credential:
name: "{{ rhv_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Virtualization
inputs:
host: https://example.org
username: joe
password: secret
register: result
when: rhv_found
- assert:
that:
- "result is changed"
when: rhv_found
- name: Delete an RHV credential
credential:
name: "{{ rhv_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Virtualization
register: result
when: rhv_found
- assert:
that:
- "result is changed"
when: rhv_found
- name: Create a valid Insights credential
credential:
name: "{{ insights_cred_name1 }}"
organization: Default
state: present
credential_type: Insights
inputs:
username: joe
password: secret
register: result
when: insights_found
- assert:
that:
- "result is changed"
when: insights_found
- name: Delete an Insights credential
credential:
name: "{{ insights_cred_name1 }}"
organization: Default
state: absent
credential_type: Insights
register: result
when: insights_found
- assert:
that:
- "result is changed"
when: insights_found
- name: Create a valid Insights token credential
credential:
name: "{{ insights_cred_name2 }}"
organization: Default
state: present
credential_type: Insights
inputs:
client_id: joe
client_secret: secret
register: result
when: insights_found
- assert:
that:
- "result is changed"
when: insights_found
- name: Delete an Insights token credential
credential:
name: "{{ insights_cred_name2 }}"
organization: Default
state: absent
credential_type: Insights
register: result
when: insights_found
- assert:
that:
- "result is changed"
when: insights_found
- name: Create a valid Tower-to-Tower credential
credential:
name: "{{ tower_cred_name1 }}"
organization: Default
state: present
credential_type: Red Hat Ansible Automation Platform
inputs:
host: https://controller.example.org
username: joe
password: secret
register: result
- assert:
that:
- "result is changed"
- name: Delete a Tower-to-Tower credential
credential:
name: "{{ tower_cred_name1 }}"
organization: Default
state: absent
credential_type: Red Hat Ansible Automation Platform
register: result
- assert:
that:
- "result is changed"
- name: Check module fails with correct msg
credential:
name: test-credential
description: Credential Description
credential_type: Machine
organization: test-non-existing-org
state: present
register: result
ignore_errors: yes
- assert:
that:
- "result is failed"
- "result is not changed"
- "'test-non-existing-org' in result.msg"
- "result.total_results == 0"
Reference in New Issue View Git Blame Copy Permalink