1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/tests/integration/targets/keycloak_component_info/tasks/main.yml
patchback[bot] 3a946bf115
[PR #7694/e99b5086 backport][stable-8] Keycloak components info (#7787)
Keycloak components info (#7694)

* Before test

* first test

* test

* Sanity ok

* Fixe readme

* Refactor

* Sanity

* Fixe doc

* version added

* refactor

* Copyright

* Sanity

* Sanity

* Fixe text

* Encode providerType

* Test for failed ic

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_component_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Delete changelogs/fragments/7694-Keycloak-components-info.yml

---------

Co-authored-by: Andre Desrosiers <andre.desrosiers@ssss.gouv.qc.ca>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit e99b5086a8)

Co-authored-by: desand01 <desrosiers.a@hotmail.com>
2023-12-28 17:27:48 +00:00

266 lines
7.6 KiB
YAML

---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- name: Wait for Keycloak
uri:
url: "{{ url }}/admin/"
status_code: 200
validate_certs: no
register: result
until: result.status == 200
retries: 10
delay: 10
- name: Delete realm if exists
community.general.keycloak_realm:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
state: absent
- name: Create realm
community.general.keycloak_realm:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
id: "{{ realm }}"
realm: "{{ realm }}"
state: present
- name: Retrive ldap info when absent
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
name: "{{ federation }}"
provider_type: "org.keycloak.storage.UserStorageProvider"
realm: "{{ realm }}"
register: result
- name: Assert ldap is missing
assert:
that:
- result is not changed
- result.components | length == 0
- name: Create new user federation
community.general.keycloak_user_federation:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
name: "{{ federation }}"
state: present
provider_id: ldap
provider_type: org.keycloak.storage.UserStorageProvider
config:
enabled: true
priority: 0
fullSyncPeriod: -1
changedSyncPeriod: -1
cachePolicy: DEFAULT
batchSizeForSync: 1000
editMode: READ_ONLY
importEnabled: true
syncRegistrations: false
vendor: other
usernameLDAPAttribute: uid
rdnLDAPAttribute: uid
uuidLDAPAttribute: entryUUID
userObjectClasses: "inetOrgPerson, organizationalPerson"
connectionUrl: "ldap://ldap.example.com"
usersDn: "ou=Users,dc=example,dc=com"
authType: simple
bindDn: cn=directory reader
bindCredential: secret
searchScope: 1
validatePasswordPolicy: false
trustEmail: false
useTruststoreSpi: "ldapsOnly"
connectionPooling: true
pagination: true
allowKerberosAuthentication: false
useKerberosForPasswordAuthentication: false
debug: false
- name: Retrive ldap info
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
name: "{{ federation }}"
provider_type: "org.keycloak.storage.UserStorageProvider"
realm: "{{ realm }}"
register: result
- name: Assert ldap exists
assert:
that:
- result is not changed
- result.components | length == 1
- result.components[0].name == federation
- name: Save ldap id
set_fact:
myLdapId: "{{ result.components[0].id }}"
- name: Retrive ldap subcomponents info
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
parent_id: "{{ myLdapId }}"
register: result
- name: Assert components exists
assert:
that:
- result is not changed
- result.components | length > 0
- name: Retrive ldap subcomponents filter by name
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
parent_id: "{{ myLdapId }}"
name: "email"
register: result
- name: Assert sub component with name "email" exists
assert:
that:
- result is not changed
- result.components | length == 1
- result.components[0].name == "email"
- name: Retrive ldap subcomponents filter by type
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
parent_id: "{{ myLdapId }}"
provider_type: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
register: result
- name: Assert ldap sub components filter by type
assert:
that:
- result is not changed
- result.components | length > 0
- result.components[0].providerType == "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
- name: Retrive key info when absent
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
name: "{{ realm_key_name }}"
provider_type: "org.keycloak.keys.KeyProvider"
realm: "{{ realm }}"
register: result
- name: Assert key is missing
assert:
that:
- result is not changed
- result.components | length == 0
- name: Create custom realm key
community.general.keycloak_realm_key:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
name: "{{ realm_key_name }}"
state: present
parent_id: "{{ realm }}"
config:
private_key: "{{ realm_private_key }}"
certificate: ""
enabled: true
active: true
priority: 150
register: result
- name: Retrive key info
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
name: "{{ realm_key_name }}"
provider_type: "org.keycloak.keys.KeyProvider"
realm: "{{ realm }}"
register: result
- name: Assert key exists
assert:
that:
- result is not changed
- result.components | length == 1
- name: Retrive all realm components
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
register: result
- name: Assert key exists
assert:
that:
- result is not changed
- result.components | length > 0
- name: Retrive all ldap in realm
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
provider_type: "org.keycloak.storage.UserStorageProvider"
register: result
- name: Assert key exists
assert:
that:
- result is not changed
- result.components | length == 1
- result.components[0].providerType == "org.keycloak.storage.UserStorageProvider"
- result.components[0].name == "myldap"
- name: Retrive component by name only
community.general.keycloak_component_info:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
name: "{{ realm_key_name }}"
register: result
- name: Assert key exists
assert:
that:
- result is not changed
- result.components | length == 1
- result.components[0].providerType == "org.keycloak.keys.KeyProvider"
- result.components[0].name == realm_key_name