Merge pull request #41 from herve4m/herve4m/user-group-modules

Adding modules for user and group management
ansible · Sep 13, 2021 · 166cd41 · 166cd41
2 parents 9964753 + 7b41f69
commit 166cd41
Show file tree

Hide file tree

Showing 13 changed files with 3,702 additions and 0 deletions.
diff --git a/playbooks/testing_playbook_ee_namespace.yml b/playbooks/testing_playbook_ee_namespace.yml
@@ -0,0 +1,135 @@
+---
+- name: Test the execution environment (EE) namespace module
+  hosts: localhost
+  connection: local
+  become: false
+  gather_facts: false
+  collections:
+    - redhat_cop.ah_configuration
+  vars:
+    ah_host: hub.lab.example.com
+    ah_username: admin
+    ah_password: redhat
+    ah_path_prefix: galaxy
+    ah_validate_certs: false
+
+  tasks:
+    # Creating supporting groups
+    - name: Ensure group operators exists
+      ah_group:
+        name: operators
+        state: present
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure group administrators exists
+      ah_group:
+        name: administrators
+        state: present
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure group operators has some perms
+      ah_group_perm:
+        name: operators
+        state: present
+        perms:
+          - view_user
+          - view_group
+          - change_image_tag
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure group administrators has all perms
+      ah_group_perm:
+        name: administrators
+        state: present
+        perms: "*"
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    # Testing namespace creation
+    - name: Ensure namespace1 EE namespace exists
+      ah_ee_namespace:
+        name: namespace1
+        state: present
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    # Testing permissions assignment
+    - name: Ensure group administrators has perms on namespace1
+      ah_ee_namespace:
+        name: namespace1
+        state: present
+        groups:
+          - administrators
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure group operators has also perms on namespace1
+      ah_ee_namespace:
+        name: namespace1
+        state: present
+        groups:
+          - operators
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure only group operators has perms on namespace1
+      ah_ee_namespace:
+        name: namespace1
+        state: present
+        append: false
+        groups:
+          - operators
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    # Testing namespace deletion
+    - name: Ensure namespace1 EE namespace does not exist
+      ah_ee_namespace:
+        name: namespace1
+        state: absent
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure the groups are deleted
+      ah_group:
+        name: "{{ item }}"
+        state: absent
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+      loop:
+        - administrators
+        - operators
+...
diff --git a/playbooks/testing_playbook_ee_repository.yml b/playbooks/testing_playbook_ee_repository.yml
@@ -0,0 +1,160 @@
+---
+- name: Test the execution environment (EE) repository module
+  hosts: localhost
+  connection: local
+  become: false
+  gather_facts: false
+  collections:
+    - redhat_cop.ah_configuration
+  vars:
+    ah_host: hub.lab.example.com
+    ah_username: admin
+    ah_password: redhat
+    ah_path_prefix: galaxy
+    ah_validate_certs: false
+    repository: ansible-automation-platform-20-early-access/ee-minimal-rhel8
+    tag: latest
+    fake_image: quay.io/ansible/http-test-container:latest
+
+  tasks:
+    # Preparing an image:
+    # - Pulling a small image from Quay (does not matter what image it is)
+    # - Tagging it so that it can be pushed to private automation hub
+    # - Pushing the image
+    # - Deleting the images from the local system
+    # The tasks do not use the podman collection because it may not be
+    # available on the testing system.
+    - name: Ensure a small container image is available
+      command:
+        cmd: "podman pull {{ fake_image }}"
+      changed_when: true
+
+    - name: Ensure the image has the correct tag
+      command:
+        cmd: "podman tag {{ fake_image }} {{ ah_host }}/{{ repository }}:{{ tag }}"
+      changed_when: true
+
+    - name: Ensure the image is pushed in private automation hub
+      command:
+        cmd: "podman push --tls-verify=false --remove-signatures
+              --creds={{ ah_username }}:{{ ah_password }}
+              {{ ah_host }}/{{ repository }}:{{ tag }}"
+      changed_when: true
+
+    - name: Ensure the images are removed
+      command:
+        cmd: "podman rmi {{ fake_image }} {{ ah_host }}/{{ repository }}:{{ tag }}"
+      changed_when: true
+
+    # Adding a description and a README file to the repository
+    - name: Ensure the repository has a description and a README file
+      ah_ee_repository:
+        name: "{{ repository }}"
+        # Testing with UTF-8 characters
+        description: To jest jakiś opis
+        readme: |
+          # Min avrättningsmiljö
+
+          * bullet 1
+          * bullet 2
+        state: updated
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    # Preparing a README file
+    - name: Ensure a temporary file exists
+      tempfile:
+      register: tempfile
+
+    - name: Ensure some contents are stored in the temporary file
+      copy:
+        dest: "{{ tempfile['path'] }}"
+        mode: 0600
+        content: |
+          # Mi entorno de ejecución
+
+          * bullet 1
+          * bullet 2
+
+    # Testing updating the repository README file from a local file
+    - name: Ensure the repository README file it set from a local file
+      ah_ee_repository:
+        name: "{{ repository }}"
+        readme_file: "{{ tempfile['path'] }}"
+        state: updated
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure the temporary file is removed
+      file:
+        path: "{{ tempfile['path'] }}"
+        state: absent
+
+    # Testing adding tags to the image
+    - name: Ensure the repository image has the additionnal required tags
+      ah_ee_image:
+        name: "{{ repository }}:{{ tag }}"
+        state: updated
+        tags:
+          - v2
+          - "2.0"
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure the repository image has a defined set of tags
+      ah_ee_image:
+        name: "{{ repository }}:{{ tag }}"
+        state: updated
+        append: false
+        tags:
+          - prod2
+          - prod2.0
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Reset the original tag
+      ah_ee_image:
+        name: "{{ repository }}:prod2"
+        state: updated
+        append: false
+        tags: "{{ tag }}"
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+    - name: Ensure the image does not exist
+      ah_ee_image:
+        name: "{{ repository }}:{{ tag }}"
+        state: absent
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+
+
+    # Testing repository deletion
+    - name: Ensure the repository does not exist
+      ah_ee_repository:
+        name: "{{ repository }}"
+        state: absent
+        ah_host: "{{ ah_host }}"
+        ah_username: "{{ ah_username }}"
+        ah_password: "{{ ah_password }}"
+        ah_path_prefix: "{{ ah_path_prefix }}"
+        validate_certs: "{{ ah_validate_certs }}"
+...