mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
c02f114967
Submission includes support for - creating and registering services and checks - reading, writing and lookup for values in consul's kv store - creating and manipulating sessions for distributed locking on values in the kv - creating and manipulating ACLs for restricting access to the kv store - inventory support that reads the Consul catalog and group nodes according to - datacenters - exposed services - service availability - arbitrary groupings from the kv store This submission makes extensive use of the python-consul library and this is required as a dependency and can be installed from pip. The tests were written to target a vagrant cluster which can be setup by following the instructions here http://github.com/sgargan/consul-vagrant
42 lines
970 B
YAML
42 lines
970 B
YAML
- name: create a new acl token
|
|
consul_acl:
|
|
mgmt_token: '{{mgmt_token}}'
|
|
host: '{{acl_host}}'
|
|
name: 'New ACL'
|
|
register: new_ruleless
|
|
|
|
- name: verify ruleless key created
|
|
assert:
|
|
that:
|
|
- new_ruleless.token | length == 36
|
|
- new_ruleless.name == 'New ACL'
|
|
|
|
- name: add rules to an acl token
|
|
consul_acl:
|
|
mgmt_token: '{{mgmt_token}}'
|
|
host: '{{acl_host}}'
|
|
name: 'With rule'
|
|
rules:
|
|
- key: 'foo'
|
|
policy: read
|
|
- key: 'private/foo'
|
|
policy: deny
|
|
register: with_rules
|
|
|
|
- name: verify rules created
|
|
assert:
|
|
that:
|
|
- with_rules.token | length == 36
|
|
- with_rules.name == 'With rule'
|
|
- with_rules.rules | match('.*"foo".*')
|
|
- with_rules.rules | match('.*"private/foo".*')
|
|
|
|
- name: clear up
|
|
consul_acl:
|
|
mgmt_token: '{{mgmt_token}}'
|
|
host: '{{acl_host}}'
|
|
token: '{{item}}'
|
|
state: absent
|
|
with_items:
|
|
- '{{new_ruleless.token}}'
|
|
- '{{with_rules.token}}'
|