Files
@ 064760bdc9d5
Branch filter:
Location: majic-ansible-roles/roles/bootstrap/playbook.yml - annotation
064760bdc9d5
1.3 KiB
text/x-yaml
MAR-26: Implemented tests and fixes ldap_server role:
- Use static network configuration in order to make it easier to test
connectivity from dedicated client.
- Added client machine for testing firewall.
- Added missing LDAP client configuration on instance used for testing of
mandatory options.
- Fixed name of server for backup testing purposes.
- Expanded a bit the cipher configuration for LDAP server for testing optional
parameters.
- Fixed wrongly populated Debian selections setting for LDAP organisation.
- Use templates for deploying LDAP TLS keys and certificates in order to avoid
Ansible munching the TAB characters.
- Implemented tests covering fully functionality of the role.
- Use static network configuration in order to make it easier to test
connectivity from dedicated client.
- Added client machine for testing firewall.
- Added missing LDAP client configuration on instance used for testing of
mandatory options.
- Fixed name of server for backup testing purposes.
- Expanded a bit the cipher configuration for LDAP server for testing optional
parameters.
- Fixed wrongly populated Debian selections setting for LDAP organisation.
- Use templates for deploying LDAP TLS keys and certificates in order to avoid
Ansible munching the TAB characters.
- Implemented tests covering fully functionality of the role.
0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca 0388df2571ca | ---
# Put Ansible key into root's authorized_keys to test its removal, but don't
# touch the file if it does not exist in order to properly test for idempotence.
- hosts: parameters-mandatory
tasks:
- name: Check if authorized_keys exists already
stat:
path: "/root/.ssh/authorized_keys"
register: "authorized_keys"
- name: Deploy authorized_keys to mimic set-up via preseed file
authorized_key:
user: root
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
when: "not authorized_keys.stat.exists"
# Put Ansible key into root's authorized_keys to test its removal, but don't
# touch the file if it does not exist in order to properly test for idempotence.
- hosts: parameters-optional
tasks:
- name: Check if authorized_keys exists already
stat:
path: "/root/.ssh/authorized_keys"
register: "authorized_keys"
- name: Deploy authorized_keys to mimic set-up via preseed file
authorized_key:
user: root
key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"
when: "not authorized_keys.stat.exists"
- hosts: parameters-mandatory
roles:
- role: bootstrap
- hosts: parameters-optional
roles:
- role: bootstrap
ansible_key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"
|