1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test/integration/targets/aci_aaa_user_certificate/tasks/main.yml
Dag Wieers d8ba8c03f3
ACI: Make querying links and nodes possible (#43441)
This functionality was not considered when the module was written, but
there's no reason why it shouldn't be supported.

We had to rework the query string construction and object filtering.
This new functionality allows to filter on arbitrary keys and supports
None values.

This PR fixes various issues with the existing framework, including
querying specific objects using construct_url_4 (i.e.
aci_epg_to_contract and aci_static_binding_to_epg)
2018-08-07 23:54:54 +02:00

142 lines
4.3 KiB
YAML

# Test code for the ACI modules
# Copyright: (c) 2017, Dag Wieers (dagwieers) <dag@wieers.com>
#
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Test that we have an ACI APIC host, ACI username and ACI password
fail:
msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.'
when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined
# CLEAN ENVIRONMENT
- name: Remove any pre-existing certificate
aci_aaa_user_certificate: &cert_absent
host: '{{ aci_hostname }}'
username: '{{ aci_username }}'
password: '{{ aci_password }}'
validate_certs: '{{ aci_validate_certs | default(false) }}'
use_ssl: '{{ aci_use_ssl | default(true) }}'
use_proxy: '{{ aci_use_proxy | default(true) }}'
output_level: '{{ aci_output_level | default("info") }}'
aaa_user: admin
certificate_name: admin
state: absent
# ADD USER CERTIFICATE
- name: Add user certificate (check_mode)
aci_aaa_user_certificate: &cert_present
host: '{{ aci_hostname }}'
username: '{{ aci_username }}'
password: '{{ aci_password }}'
validate_certs: '{{ aci_validate_certs | default(false) }}'
use_ssl: '{{ aci_use_ssl | default(true) }}'
use_proxy: '{{ aci_use_proxy | default(true) }}'
output_level: '{{ aci_output_level | default("info") }}'
aaa_user: admin
certificate_name: admin
certificate: "{{ lookup('file', 'pki/admin.crt') }}"
state: present
check_mode: yes
register: cm_add_cert
- name: Add user certificate (normal mode)
aci_aaa_user_certificate: *cert_present
register: nm_add_cert
- name: Add user certificate again (check mode)
aci_aaa_user_certificate: *cert_present
check_mode: yes
register: cm_add_cert_again
- name: Add user certificate again (normal mode)
aci_aaa_user_certificate: *cert_present
register: nm_add_cert_again
- name: Verify add_cert
assert:
that:
- cm_add_cert is changed
- nm_add_cert is change
- cm_add_cert_again is not changed
- nm_add_cert_again is not changed
# QUERY ALL USER CERTIFICATES
- name: Query all user certificates using signature-based authentication (check_mode)
aci_aaa_user_certificate: &cert_query
host: '{{ aci_hostname }}'
username: '{{ aci_username }}'
#password: '{{ aci_password }}'
private_key: '{{ role_path }}/pki/admin.key'
validate_certs: '{{ aci_validate_certs | default(false) }}'
use_ssl: '{{ aci_use_ssl | default(true) }}'
use_proxy: '{{ aci_use_proxy | default(true) }}'
output_level: '{{ aci_output_level | default("info") }}'
aaa_user: admin
state: query
check_mode: yes
register: cm_query_all_certs
- name: Query all user certificates using signature-based authentication (normal mode)
aci_aaa_user_certificate: *cert_query
register: nm_query_all_certs
- name: Verify query_all_certs
assert:
that:
- cm_query_all_certs is not changed
- nm_query_all_certs is not changed
# NOTE: Order of certs is not stable between calls
#- cm_query_all_certs == nm_query_all_certs
# QUERY OUR USER CERTIFICATE
- name: Query our certificate using signature-based authentication (check_mode)
aci_aaa_user_certificate:
<<: *cert_query
certificate_name: admin
check_mode: yes
register: cm_query_cert
- name: Query our certificate using signature-based authentication (normal mode)
aci_aaa_user_certificate:
<<: *cert_query
certificate_name: admin
register: nm_query_cert
- name: Verify query_cert
assert:
that:
- cm_query_cert is not changed
- nm_query_cert is not changed
- cm_query_cert == nm_query_cert
# REMOVE CERTIFICATE
- name: Remove certificate (check_mode)
aci_aaa_user_certificate: *cert_absent
check_mode: yes
register: cm_remove_cert
- name: Remove certificate (normal mode)
aci_aaa_user_certificate: *cert_absent
register: nm_remove_cert
- name: Remove certificate again (check_mode)
aci_aaa_user_certificate: *cert_absent
check_mode: yes
register: cm_remove_cert_again
- name: Remove certificate again (normal mode)
aci_aaa_user_certificate: *cert_absent
register: nm_remove_cert_again
- name: Verify remove_cert
assert:
that:
- cm_remove_cert is changed
- nm_remove_cert is changed
- cm_remove_cert_again is not changed
- nm_remove_cert_again is not changed