mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
d8ba8c03f3
This functionality was not considered when the module was written, but there's no reason why it shouldn't be supported. We had to rework the query string construction and object filtering. This new functionality allows to filter on arbitrary keys and supports None values. This PR fixes various issues with the existing framework, including querying specific objects using construct_url_4 (i.e. aci_epg_to_contract and aci_static_binding_to_epg)
142 lines
4.3 KiB
YAML
142 lines
4.3 KiB
YAML
# Test code for the ACI modules
|
|
# Copyright: (c) 2017, Dag Wieers (dagwieers) <dag@wieers.com>
|
|
#
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
- name: Test that we have an ACI APIC host, ACI username and ACI password
|
|
fail:
|
|
msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.'
|
|
when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined
|
|
|
|
|
|
# CLEAN ENVIRONMENT
|
|
- name: Remove any pre-existing certificate
|
|
aci_aaa_user_certificate: &cert_absent
|
|
host: '{{ aci_hostname }}'
|
|
username: '{{ aci_username }}'
|
|
password: '{{ aci_password }}'
|
|
validate_certs: '{{ aci_validate_certs | default(false) }}'
|
|
use_ssl: '{{ aci_use_ssl | default(true) }}'
|
|
use_proxy: '{{ aci_use_proxy | default(true) }}'
|
|
output_level: '{{ aci_output_level | default("info") }}'
|
|
aaa_user: admin
|
|
certificate_name: admin
|
|
state: absent
|
|
|
|
|
|
# ADD USER CERTIFICATE
|
|
- name: Add user certificate (check_mode)
|
|
aci_aaa_user_certificate: &cert_present
|
|
host: '{{ aci_hostname }}'
|
|
username: '{{ aci_username }}'
|
|
password: '{{ aci_password }}'
|
|
validate_certs: '{{ aci_validate_certs | default(false) }}'
|
|
use_ssl: '{{ aci_use_ssl | default(true) }}'
|
|
use_proxy: '{{ aci_use_proxy | default(true) }}'
|
|
output_level: '{{ aci_output_level | default("info") }}'
|
|
aaa_user: admin
|
|
certificate_name: admin
|
|
certificate: "{{ lookup('file', 'pki/admin.crt') }}"
|
|
state: present
|
|
check_mode: yes
|
|
register: cm_add_cert
|
|
|
|
- name: Add user certificate (normal mode)
|
|
aci_aaa_user_certificate: *cert_present
|
|
register: nm_add_cert
|
|
|
|
- name: Add user certificate again (check mode)
|
|
aci_aaa_user_certificate: *cert_present
|
|
check_mode: yes
|
|
register: cm_add_cert_again
|
|
|
|
- name: Add user certificate again (normal mode)
|
|
aci_aaa_user_certificate: *cert_present
|
|
register: nm_add_cert_again
|
|
|
|
- name: Verify add_cert
|
|
assert:
|
|
that:
|
|
- cm_add_cert is changed
|
|
- nm_add_cert is change
|
|
- cm_add_cert_again is not changed
|
|
- nm_add_cert_again is not changed
|
|
|
|
|
|
# QUERY ALL USER CERTIFICATES
|
|
- name: Query all user certificates using signature-based authentication (check_mode)
|
|
aci_aaa_user_certificate: &cert_query
|
|
host: '{{ aci_hostname }}'
|
|
username: '{{ aci_username }}'
|
|
#password: '{{ aci_password }}'
|
|
private_key: '{{ role_path }}/pki/admin.key'
|
|
validate_certs: '{{ aci_validate_certs | default(false) }}'
|
|
use_ssl: '{{ aci_use_ssl | default(true) }}'
|
|
use_proxy: '{{ aci_use_proxy | default(true) }}'
|
|
output_level: '{{ aci_output_level | default("info") }}'
|
|
aaa_user: admin
|
|
state: query
|
|
check_mode: yes
|
|
register: cm_query_all_certs
|
|
|
|
- name: Query all user certificates using signature-based authentication (normal mode)
|
|
aci_aaa_user_certificate: *cert_query
|
|
register: nm_query_all_certs
|
|
|
|
- name: Verify query_all_certs
|
|
assert:
|
|
that:
|
|
- cm_query_all_certs is not changed
|
|
- nm_query_all_certs is not changed
|
|
# NOTE: Order of certs is not stable between calls
|
|
#- cm_query_all_certs == nm_query_all_certs
|
|
|
|
|
|
# QUERY OUR USER CERTIFICATE
|
|
- name: Query our certificate using signature-based authentication (check_mode)
|
|
aci_aaa_user_certificate:
|
|
<<: *cert_query
|
|
certificate_name: admin
|
|
check_mode: yes
|
|
register: cm_query_cert
|
|
|
|
- name: Query our certificate using signature-based authentication (normal mode)
|
|
aci_aaa_user_certificate:
|
|
<<: *cert_query
|
|
certificate_name: admin
|
|
register: nm_query_cert
|
|
|
|
- name: Verify query_cert
|
|
assert:
|
|
that:
|
|
- cm_query_cert is not changed
|
|
- nm_query_cert is not changed
|
|
- cm_query_cert == nm_query_cert
|
|
|
|
|
|
# REMOVE CERTIFICATE
|
|
- name: Remove certificate (check_mode)
|
|
aci_aaa_user_certificate: *cert_absent
|
|
check_mode: yes
|
|
register: cm_remove_cert
|
|
|
|
- name: Remove certificate (normal mode)
|
|
aci_aaa_user_certificate: *cert_absent
|
|
register: nm_remove_cert
|
|
|
|
- name: Remove certificate again (check_mode)
|
|
aci_aaa_user_certificate: *cert_absent
|
|
check_mode: yes
|
|
register: cm_remove_cert_again
|
|
|
|
- name: Remove certificate again (normal mode)
|
|
aci_aaa_user_certificate: *cert_absent
|
|
register: nm_remove_cert_again
|
|
|
|
- name: Verify remove_cert
|
|
assert:
|
|
that:
|
|
- cm_remove_cert is changed
|
|
- nm_remove_cert is changed
|
|
- cm_remove_cert_again is not changed
|
|
- nm_remove_cert_again is not changed
|