2023-07-12 19:27:23 +02:00
|
|
|
---
|
|
|
|
# Copyright (c) Ansible Project
|
|
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
|
|
|
|
- name: Create a policy with rules
|
|
|
|
consul_policy:
|
|
|
|
name: foo-access
|
|
|
|
rules: |
|
|
|
|
key "foo" {
|
|
|
|
policy = "read"
|
|
|
|
}
|
|
|
|
key "private/foo" {
|
|
|
|
policy = "deny"
|
|
|
|
}
|
|
|
|
register: result
|
|
|
|
|
|
|
|
- assert:
|
|
|
|
that:
|
|
|
|
- result is changed
|
2024-01-27 10:22:44 +01:00
|
|
|
- result.policy.Name == 'foo-access'
|
|
|
|
- result.operation == 'create'
|
|
|
|
|
2023-07-12 19:27:23 +02:00
|
|
|
- name: Update the rules associated to a policy
|
|
|
|
consul_policy:
|
|
|
|
name: foo-access
|
|
|
|
rules: |
|
|
|
|
key "foo" {
|
|
|
|
policy = "read"
|
|
|
|
}
|
|
|
|
key "private/foo" {
|
|
|
|
policy = "deny"
|
|
|
|
}
|
|
|
|
event "bbq" {
|
|
|
|
policy = "write"
|
|
|
|
}
|
|
|
|
register: result
|
2024-01-27 10:22:44 +01:00
|
|
|
|
2023-07-12 19:27:23 +02:00
|
|
|
- assert:
|
|
|
|
that:
|
|
|
|
- result is changed
|
2024-01-27 10:22:44 +01:00
|
|
|
- result.operation == 'update'
|
|
|
|
|
2023-07-12 19:27:23 +02:00
|
|
|
- name: Update reports not changed when updating again without changes
|
|
|
|
consul_policy:
|
|
|
|
name: foo-access
|
|
|
|
rules: |
|
|
|
|
key "foo" {
|
|
|
|
policy = "read"
|
|
|
|
}
|
|
|
|
key "private/foo" {
|
|
|
|
policy = "deny"
|
|
|
|
}
|
|
|
|
event "bbq" {
|
|
|
|
policy = "write"
|
|
|
|
}
|
|
|
|
register: result
|
2024-01-27 10:22:44 +01:00
|
|
|
|
2023-07-12 19:27:23 +02:00
|
|
|
- assert:
|
|
|
|
that:
|
|
|
|
- result is not changed
|
2024-01-27 10:22:44 +01:00
|
|
|
- result.operation is not defined
|
|
|
|
|
2023-07-12 19:27:23 +02:00
|
|
|
- name: Remove a policy
|
|
|
|
consul_policy:
|
|
|
|
name: foo-access
|
|
|
|
state: absent
|
|
|
|
register: result
|
|
|
|
- assert:
|
|
|
|
that:
|
2024-01-27 10:22:44 +01:00
|
|
|
- result is changed
|
|
|
|
- result.operation == 'remove'
|