1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test/integration/targets/azure_rm_keyvaultsecret/tasks/main.yml
Yunge Zhu 40fbee6369 Fix azure_rm_keyvaultkey/azure_rm_keyvaultsecret bugs (#41683)
* fix keyvault tests

* missing keyvault requirement

* fix keyvault auth bug

* apply fix in secret

* fix lint

* enable keyvault key and secret tests

* add azure service principal object_id lookup plugin

* fix lint

* add dependency in integration test

* fix bug

* put azure sp lookup plugin into test

* fix lint

* move lookup plugin

* repath lookup plugin

* repath lookup plugin

* repath files

* put az sp lookup plugin to lookup_plugins folder
2018-07-23 11:49:30 +08:00

79 lines
No EOL
2 KiB
YAML

- name: Prepare random number
set_fact:
rpfx: "{{ resource_group | hash('md5') | truncate(7, True, '') }}{{ 1000 | random }}"
tenant_id: "{{ lookup('env','AZURE_TENANT') }}"
run_once: yes
- name: set service principal info
set_fact:
azure_client_id: "{{ lookup('env','AZURE_CLIENT_ID') }}"
azure_secret: "{{ lookup('env','AZURE_SECRET') }}"
no_log: yes
- name: lookup service principal object id
set_fact:
object_id: "{{ lookup('azure_service_principal_attribute',
azure_client_id=azure_client_id,
azure_secret=azure_secret,
azure_tenant=tenant_id) }}"
register: object_id
- name: Create instance of Key Vault
azure_rm_keyvault:
resource_group: "{{ resource_group }}"
vault_name: "vault{{ rpfx }}"
enabled_for_deployment: yes
vault_tenant: "{{ tenant_id }}"
sku:
name: standard
family: A
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ object_id }}"
keys:
- get
- list
- update
- create
- import
- delete
- recover
- backup
- restore
secrets:
- get
- list
- set
- delete
- recover
- backup
- restore
register: output
- name: create a kevyault secret
block:
- azure_rm_keyvaultsecret:
keyvault_uri: https://vault{{ rpfx }}.vault.azure.net
secret_name: testsecret
secret_value: 'mysecret'
tags:
testing: test
delete: on-exit
register: output
- assert:
that: output.changed
rescue:
- azure_rm_keyvaultsecret:
keyvault_uri: https://vault{{ rpfx }}.vault.azure.net
state: absent
secret_name: testsecret
- name: delete a kevyault secret
azure_rm_keyvaultsecret:
keyvault_uri: https://vault{{ rpfx }}.vault.azure.net
state: absent
secret_name: testsecret
register: output
- assert:
that: output.changed