From 60c9da76e7394ab645b6c4d3adbad5bc63ca1629 Mon Sep 17 00:00:00 2001 From: S Code Man <30977678+scodeman@users.noreply.github.com> Date: Mon, 21 Sep 2020 15:15:56 +0800 Subject: [PATCH] Create gitlab_group_variable.py (#786) * Create gitlab_group_variable.py * Create gitlab_group_variable.py * Create gitlab_group_variable.py * Create gitlab_group_variable tests * Fix test error E127: continuation line over-indented for visual indent * Update plugins/modules/gitlab_group_variable.py Co-authored-by: Felix Fontein * Create symlink for module * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Andrew Klychkov * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Andrew Klychkov * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Andrew Klychkov * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Andrew Klychkov * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Andrew Klychkov * Apply suggestions from code review Co-authored-by: Andrew Klychkov Co-authored-by: Felix Fontein * Apply suggestions from code review Co-authored-by: Andrew Klychkov * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Felix Fontein * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Felix Fontein * Validate all input before starting to do changes Validate all input before starting to do changes * Update gitlab_group_variable.py * Update gitlab_group_variable.py * Update plugins/modules/source_control/gitlab/gitlab_group_variable.py Co-authored-by: Felix Fontein Co-authored-by: Felix Fontein Co-authored-by: Andrew Klychkov --- plugins/modules/gitlab_group_variable.py | 1 + .../gitlab/gitlab_group_variable.py | 297 ++++++++++ .../targets/gitlab_group_variable/aliases | 1 + .../gitlab_group_variable/tasks/main.yml | 508 ++++++++++++++++++ 4 files changed, 807 insertions(+) create mode 120000 plugins/modules/gitlab_group_variable.py create mode 100644 plugins/modules/source_control/gitlab/gitlab_group_variable.py create mode 100644 tests/integration/targets/gitlab_group_variable/aliases create mode 100644 tests/integration/targets/gitlab_group_variable/tasks/main.yml diff --git a/plugins/modules/gitlab_group_variable.py b/plugins/modules/gitlab_group_variable.py new file mode 120000 index 0000000000..8fdfaea5f5 --- /dev/null +++ b/plugins/modules/gitlab_group_variable.py @@ -0,0 +1 @@ +source_control/gitlab/gitlab_group_variable.py \ No newline at end of file diff --git a/plugins/modules/source_control/gitlab/gitlab_group_variable.py b/plugins/modules/source_control/gitlab/gitlab_group_variable.py new file mode 100644 index 0000000000..74e9215e12 --- /dev/null +++ b/plugins/modules/source_control/gitlab/gitlab_group_variable.py @@ -0,0 +1,297 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2020, Florent Madiot (scodeman@scode.io) +# Based on code: +# Copyright: (c) 2019, Markus Bergholz (markuman@gmail.com) +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +DOCUMENTATION = r''' +module: gitlab_group_variable +short_description: Creates, updates, or deletes GitLab groups variables +version_added: 1.2.0 +description: + - Creates a group variable if it does not exist. + - When a group variable does exist, its value will be updated when the values are different. + - Variables which are untouched in the playbook, but are not untouched in the GitLab group, + they stay untouched (I(purge) is C(false)) or will be deleted (I(purge) is C(true)). +author: + - Florent Madiot (@scodeman) +requirements: + - python >= 2.7 + - python-gitlab python module +extends_documentation_fragment: + - community.general.auth_basic + +options: + state: + description: + - Create or delete group variable. + default: present + type: str + choices: ["present", "absent"] + api_token: + description: + - GitLab access token with API permissions. + required: true + type: str + group: + description: + - The path and name of the group. + required: true + type: str + purge: + description: + - When set to C(true), delete all variables which are not untouched in the task. + default: false + type: bool + vars: + description: + - When the list element is a simple key-value pair, set masked and protected to false. + - When the list element is a dict with the keys I(value), I(masked) and I(protected), the user can + have full control about whether a value should be masked, protected or both. + - Support for protected values requires GitLab >= 9.3. + - Support for masked values requires GitLab >= 11.10. + - A I(value) must be a string or a number. + - Field I(variable_type) must be a string with either C(env_var), which is the default, or C(file). + - When a value is masked, it must be in Base64 and have a length of at least 8 characters. + See GitLab documentation on acceptable values for a masked variable (U(https://docs.gitlab.com/ce/ci/variables/#masked-variables)). + default: {} + type: dict +notes: +- Supports I(check_mode). +''' + + +EXAMPLES = r''' +- name: Set or update some CI/CD variables + community.general.gitlab_group_variable: + api_url: https://gitlab.com + api_token: secret_access_token + group: scodeman/testgroup/ + purge: false + vars: + ACCESS_KEY_ID: abc123 + SECRET_ACCESS_KEY: 321cba + +- name: Set or update some CI/CD variables + community.general.gitlab_group_variable: + api_url: https://gitlab.com + api_token: secret_access_token + group: scodeman/testgroup/ + purge: false + vars: + ACCESS_KEY_ID: abc123 + SECRET_ACCESS_KEY: + value: 3214cbad + masked: true + protected: true + variable_type: env_var + +- name: Delete one variable + community.general.gitlab_group_variable: + api_url: https://gitlab.com + api_token: secret_access_token + group: scodeman/testgroup/ + state: absent + vars: + ACCESS_KEY_ID: abc123 +''' + +RETURN = r''' +group_variable: + description: Four lists of the variablenames which were added, updated, removed or exist. + returned: always + type: dict + contains: + added: + description: A list of variables which were created. + returned: always + type: list + sample: "['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY']" + untouched: + description: A list of variables which exist. + returned: always + type: list + sample: "['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY']" + removed: + description: A list of variables which were deleted. + returned: always + type: list + sample: "['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY']" + updated: + description: A list of variables whose values were changed. + returned: always + type: list + sample: "['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY']" +''' + +import traceback + +from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils.api import basic_auth_argument_spec +from ansible.module_utils.six import string_types +from ansible.module_utils.six import integer_types + + +GITLAB_IMP_ERR = None +try: + import gitlab + HAS_GITLAB_PACKAGE = True +except Exception: + GITLAB_IMP_ERR = traceback.format_exc() + HAS_GITLAB_PACKAGE = False + +from ansible_collections.community.general.plugins.module_utils.gitlab import gitlabAuthentication + + +class GitlabGroupVariables(object): + + def __init__(self, module, gitlab_instance): + self.repo = gitlab_instance + self.group = self.get_group(module.params['group']) + self._module = module + + def get_group(self, group_name): + return self.repo.groups.get(group_name) + + def list_all_group_variables(self): + return self.group.variables.list() + + def create_variable(self, key, value, masked, protected, variable_type): + if self._module.check_mode: + return + return self.group.variables.create({"key": key, "value": value, + "masked": masked, "protected": protected, + "variable_type": variable_type}) + + def update_variable(self, key, var, value, masked, protected, variable_type): + if var.value == value and var.protected == protected and var.masked == masked and var.variable_type == variable_type: + return False + + if self._module.check_mode: + return True + + if var.protected == protected and var.masked == masked and var.variable_type == variable_type: + var.value = value + var.save() + return True + + self.delete_variable(key) + self.create_variable(key, value, masked, protected, variable_type) + return True + + def delete_variable(self, key): + if self._module.check_mode: + return + return self.group.variables.delete(key) + + +def native_python_main(this_gitlab, purge, var_list, state, module): + + change = False + return_value = dict(added=list(), updated=list(), removed=list(), untouched=list()) + + gitlab_keys = this_gitlab.list_all_group_variables() + existing_variables = [x.get_id() for x in gitlab_keys] + + for key in var_list: + if not isinstance(var_list[key], (string_types, integer_types, float, dict)): + module.fail_json(msg="Value of %s variable must be of type string, integer, float or dict, passed %s" % (key, var_list[key].__class__.__name__)) + + for key in var_list: + + if isinstance(var_list[key], (string_types, integer_types, float)): + value = var_list[key] + masked = False + protected = False + variable_type = 'env_var' + elif isinstance(var_list[key], dict): + value = var_list[key].get('value') + masked = var_list[key].get('masked', False) + protected = var_list[key].get('protected', False) + variable_type = var_list[key].get('variable_type', 'env_var') + + if key in existing_variables: + index = existing_variables.index(key) + existing_variables[index] = None + + if state == 'present': + single_change = this_gitlab.update_variable(key, + gitlab_keys[index], + value, masked, + protected, + variable_type) + change = single_change or change + if single_change: + return_value['updated'].append(key) + else: + return_value['untouched'].append(key) + + elif state == 'absent': + this_gitlab.delete_variable(key) + change = True + return_value['removed'].append(key) + + elif key not in existing_variables and state == 'present': + this_gitlab.create_variable(key, value, masked, protected, variable_type) + change = True + return_value['added'].append(key) + + existing_variables = list(filter(None, existing_variables)) + if purge: + for item in existing_variables: + this_gitlab.delete_variable(item) + change = True + return_value['removed'].append(item) + else: + return_value['untouched'].extend(existing_variables) + + return change, return_value + + +def main(): + argument_spec = basic_auth_argument_spec() + argument_spec.update( + api_token=dict(type='str', required=True, no_log=True), + group=dict(type='str', required=True), + purge=dict(type='bool', required=False, default=False), + vars=dict(type='dict', required=False, default=dict(), no_log=True), + state=dict(type='str', default="present", choices=["absent", "present"]) + ) + + module = AnsibleModule( + argument_spec=argument_spec, + mutually_exclusive=[ + ['api_username', 'api_token'], + ['api_password', 'api_token'], + ], + required_together=[ + ['api_username', 'api_password'], + ], + required_one_of=[ + ['api_username', 'api_token'] + ], + supports_check_mode=True + ) + + purge = module.params['purge'] + var_list = module.params['vars'] + state = module.params['state'] + + if not HAS_GITLAB_PACKAGE: + module.fail_json(msg=missing_required_lib("python-gitlab"), exception=GITLAB_IMP_ERR) + + gitlab_instance = gitlabAuthentication(module) + + this_gitlab = GitlabGroupVariables(module=module, gitlab_instance=gitlab_instance) + + changed, return_value = native_python_main(this_gitlab, purge, var_list, state, module) + + module.exit_json(changed=changed, group_variable=return_value) + + +if __name__ == '__main__': + main() diff --git a/tests/integration/targets/gitlab_group_variable/aliases b/tests/integration/targets/gitlab_group_variable/aliases new file mode 100644 index 0000000000..ad7ccf7ada --- /dev/null +++ b/tests/integration/targets/gitlab_group_variable/aliases @@ -0,0 +1 @@ +unsupported diff --git a/tests/integration/targets/gitlab_group_variable/tasks/main.yml b/tests/integration/targets/gitlab_group_variable/tasks/main.yml new file mode 100644 index 0000000000..504ff1eb92 --- /dev/null +++ b/tests/integration/targets/gitlab_group_variable/tasks/main.yml @@ -0,0 +1,508 @@ +--- +- name: Install required libs + pip: + name: python-gitlab + state: present + +- name: purge all variables for check_mode test + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + purge: True + +- name: add a variable value in check_mode + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: checkmode + check_mode: yes + register: gitlab_group_variable_state + +- name: check_mode state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: apply add value from check_mode test + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: checkmode + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: test new format + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + register: gitlab_group_variable_state + +- name: state must be not changed + assert: + that: + - gitlab_group_variable_state is not changed + +- name: change protected attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + protected: True + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: revert protected attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + protected: False + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: change masked attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + masked: True + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: revert masked attribute by not mention it + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: revert again masked attribute by not mention it (idempotent) + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + register: gitlab_group_variable_state + +- name: state must be not changed + assert: + that: + - gitlab_group_variable_state is not changed + +- name: set both (masked and protected) attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + masked: True + protected: True + variable_type: env_var + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: set again both (masked and protected) attribute (idempotent) + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + masked: True + protected: True + variable_type: env_var + register: gitlab_group_variable_state + +- name: state must not be changed + assert: + that: + - gitlab_group_variable_state is not changed + +- name: revert both (masked and protected) attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: + value: checkmode + protected: False + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: change a variable value in check_mode again + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: checkmode + check_mode: yes + register: gitlab_group_variable_state + +- name: check_mode state must not be changed + assert: + that: + - gitlab_group_variable_state is not changed + +- name: apply again the value change from check_mode test + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: checkmode + register: gitlab_group_variable_state + +- name: state must not be changed + assert: + that: + - gitlab_group_variable_state is not changed + +- name: purge all variables at the beginning + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + purge: True + +- name: set two test variables + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: abc123 + SECRET_ACCESS_KEY: 321cba + register: gitlab_group_variable_state + +- name: set two test variables state must be changed + assert: + that: + - gitlab_group_variable_state is changed + - gitlab_group_variable_state.group_variable.added|length == 2 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + +- name: re-set two test variables + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: abc123 + SECRET_ACCESS_KEY: 321cba + register: gitlab_group_variable_state + +- name: re-set two test variables state must not be changed + assert: + that: + - gitlab_group_variable_state is not changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 2 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + +- name: edit one variable + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: changed + purge: False + register: gitlab_group_variable_state + +- name: edit one variable state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 1 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 1 + - gitlab_group_variable_state.group_variable.updated[0] == "ACCESS_KEY_ID" + +- name: append one variable + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + some: value + purge: False + register: gitlab_group_variable_state + +- name: append one variable state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 1 + - gitlab_group_variable_state.group_variable.untouched|length == 2 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + - gitlab_group_variable_state.group_variable.added[0] == "some" + +- name: re-set all variables + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + ACCESS_KEY_ID: changed + SECRET_ACCESS_KEY: 321cba + some: value + register: gitlab_group_variable_state + +- name: re-set all variables state must not be changed + assert: + that: + - not gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 3 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + +- name: set one variables and purge all others + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + some: value + purge: True + register: gitlab_group_variable_state + +- name: set one variables and purge all others state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 1 + - gitlab_group_variable_state.group_variable.removed|length == 2 + - gitlab_group_variable_state.group_variable.updated|length == 0 + +- name: only one variable is left + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + some: value + purge: False + register: gitlab_group_variable_state + +- name: only one variable is left state must not be changed + assert: + that: + - not gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 1 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + - gitlab_group_variable_state.group_variable.untouched[0] == "some" + +- name: test integer values + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + some: 42 + purge: False + register: gitlab_group_variable_state + +- name: only one variable is left state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 1 + +- name: test float values + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + some: 42.23 + purge: False + register: gitlab_group_variable_state + +- name: only one variable is left state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 1 + +- name: delete the last left variable + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + state: absent + vars: + some: value + register: gitlab_group_variable_state + +- name: no variable is left state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 1 + - gitlab_group_variable_state.group_variable.updated|length == 0 + - gitlab_group_variable_state.group_variable.removed[0] == "some" + +- name: add one variable with variable_type file + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + my_test_var: + value: my_test_value + variable_type: file + purge: False + register: gitlab_group_variable_state + +- name: append one variable state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 1 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0 + - gitlab_group_variable_state.group_variable.added[0] == "my_test_var" + +- name: change variable_type attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + my_test_var: + value: my_test_value + variable_type: env_var + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: revert variable_type attribute + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + vars: + my_test_var: + value: my_test_value + variable_type: file + register: gitlab_group_variable_state + +- name: state must be changed + assert: + that: + - gitlab_group_variable_state is changed + +- name: delete the variable_type file variable + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + state: absent + vars: + my_test_var: my_test_value + register: gitlab_group_variable_state + +- name: no variable is left state must be changed + assert: + that: + - gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 1 + - gitlab_group_variable_state.group_variable.updated|length == 0 + - gitlab_group_variable_state.group_variable.removed[0] == "my_test_var" + +- name: check that no variables are left + gitlab_group_variable: + api_url: "{{ gitlab_host }}" + api_token: "{{ gitlab_login_token }}" + group: "{{ gitlab_group_name }}" + purge: True + register: gitlab_group_variable_state + +- name: check that no variables are untoucheded state must be changed + assert: + that: + - not gitlab_group_variable_state.changed + - gitlab_group_variable_state.group_variable.added|length == 0 + - gitlab_group_variable_state.group_variable.untouched|length == 0 + - gitlab_group_variable_state.group_variable.removed|length == 0 + - gitlab_group_variable_state.group_variable.updated|length == 0