cloudstack: integration tests

This commit is contained in:
Rene Moser 2015-05-03 16:06:30 +02:00
parent 8cf4452d48
commit 0588a0fdd9
25 changed files with 945 additions and 0 deletions

View file

@ -144,6 +144,11 @@ rackspace: $(CREDENTIALS_FILE)
CLOUD_RESOURCE_PREFIX="$(CLOUD_RESOURCE_PREFIX)" make rackspace_cleanup ; \
exit $$RC;
cloudstack:
ansible-playbook cloudstack.yml -i $(INVENTORY) -e @$(VARS_FILE) -e "resource_prefix=$(CLOUD_RESOURCE_PREFIX)" -v $(TEST_FLAGS) ; \
RC=$$? ; \
exit $$RC;
$(CONSUL_RUNNING):
consul:

View file

@ -0,0 +1,13 @@
---
- hosts: localhost
connection: local
gather_facts: no
tags:
- cloudstack
roles:
- { role: test_cs_sshkeypair, tags: test_cs_sshkeypair }
- { role: test_cs_affinitygroup, tags: test_cs_affinitygroup }
- { role: test_cs_securitygroup, tags: test_cs_securitygroup }
- { role: test_cs_securitygroup_rule, tags: test_cs_securitygroup_rule }
- { role: test_cs_instance, tags: test_cs_instance }
- { role: test_cs_instancegroup, tags: test_cs_instancegroup }

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,58 @@
---
- name: setup
cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent
register: ag
- name: verify setup
assert:
that:
- ag|success
- name: test fail if missing name
action: cs_affinitygroup
register: ag
ignore_errors: true
- name: verify results of fail if missing name
assert:
that:
- ag|failed
- ag.msg == "missing required arguments: name"
- name: test present affinity group
cs_affinitygroup: name={{ cs_resource_prefix }}_ag
register: ag
- name: verify results of create affinity group
assert:
that:
- ag|success
- ag|changed
- ag.name == "{{ cs_resource_prefix }}_ag"
- name: test present affinity group is idempotence
cs_affinitygroup: name={{ cs_resource_prefix }}_ag
register: ag
- name: verify results present affinity group is idempotence
assert:
that:
- ag|success
- not ag|changed
- ag.name == "{{ cs_resource_prefix }}_ag"
- name: test absent affinity group
cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent
register: ag
- name: verify results of absent affinity group
assert:
that:
- ag|success
- ag|changed
- ag.name == "{{ cs_resource_prefix }}_ag"
- name: test absent affinity group is idempotence
cs_affinitygroup: name={{ cs_resource_prefix }}_ag state=absent
register: ag
- name: verify results of absent affinity group is idempotence
assert:
that:
- ag|success
- not ag|changed
- ag.name is undefined

View file

@ -0,0 +1,2 @@
---
cs_resource_prefix: cloudstack

View file

@ -0,0 +1,2 @@
---
instance_number: 1

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,23 @@
---
- name: test destroy instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: absent
register: instance
- name: verify destroy instance
assert:
that:
- instance|success
- instance|changed
- instance.state == "Destroyed"
- name: test destroy instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: absent
register: instance
- name: verify destroy instance idempotence
assert:
that:
- instance|success
- not instance|changed

View file

@ -0,0 +1,36 @@
---
- name: cleanup ssh key
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent
register: sshkey
- name: verify cleanup ssh key
assert:
that:
- sshkey|success
- name: cleanup affinity group
cs_affinitygroup: name={{ cs_resource_prefix }}-ag state=absent
register: ag
until: ag|success
retries: 20
delay: 5
- name: verify cleanup affinity group
assert:
that:
- ag|success
- name: cleanup security group ...take a while unless instance is expunged
cs_securitygroup: name={{ cs_resource_prefix }}-sg state=absent
register: sg
until: sg|success
retries: 100
delay: 10
- name: verify cleanup security group
assert:
that:
- sg|success
# force expunge, only works with admin permissions
- cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: expunged
failed_when: false

View file

@ -0,0 +1,11 @@
---
- include: setup.yml
tags: any
- include: present.yml
tags: test_cs_instance_present
#- include: tags.yml
# tags: test_cs_instance_tags
- include: absent.yml
tags: test_cs_instance_absent
- include: cleanup.yml
tags: test_cs_instance_cleanup

View file

@ -0,0 +1,168 @@
---
- name: test create instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
template: Linux Debian 7 64-bit
service_offering: Tiny
affinity_group: "{{ cs_resource_prefix }}-ag"
security_group: "{{ cs_resource_prefix }}-sg"
ssh_key: "{{ cs_resource_prefix }}-sshkey"
tags: []
register: instance
- name: verify create instance
assert:
that:
- instance|success
- instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Running"
- instance.ssh_key == "{{ cs_resource_prefix }}-sshkey"
- not instance.tags
- name: test create instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
template: Linux Debian 7 64-bit
service_offering: Tiny
affinity_group: "{{ cs_resource_prefix }}-ag"
security_group: "{{ cs_resource_prefix }}-sg"
ssh_key: "{{ cs_resource_prefix }}-sshkey"
tags: []
register: instance
- name: verify create instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Running"
- instance.ssh_key == "{{ cs_resource_prefix }}-sshkey"
- not instance.tags
- name: test running instance not updated
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
service_offering: Micro
register: instance
- name: verify running instance not updated
assert:
that:
- instance|success
- not instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Running"
- name: test stopping instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: stopped
register: instance
- name: verify stopping instance
assert:
that:
- instance|success
- instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Stopped"
- name: test stopping instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: stopped
register: instance
- name: verify stopping instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.state == "Stopped"
- name: test updating stopped instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
display_name: "{{ cs_resource_prefix }}-display-{{ instance_number }}"
service_offering: Micro
register: instance
- name: verify updating stopped instance
assert:
that:
- instance|success
- instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-display-{{ instance_number }}"
- instance.service_offering == "Micro"
- instance.state == "Stopped"
- name: test starting instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: started
register: instance
- name: verify starting instance
assert:
that:
- instance|success
- instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-display-{{ instance_number }}"
- instance.service_offering == "Micro"
- instance.state == "Running"
- name: test starting instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
state: started
register: instance
- name: verify starting instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.state == "Running"
- name: test force update running instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
service_offering: Tiny
force: true
register: instance
- name: verify force update running instance
assert:
that:
- instance|success
- instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Running"
- name: test force update running instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
service_offering: Tiny
force: true
register: instance
- name: verify force update running instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.display_name == "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
- instance.service_offering == "Tiny"
- instance.state == "Running"

View file

@ -0,0 +1,32 @@
---
- name: setup ssh key
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey
register: sshkey
- name: verify setup ssh key
assert:
that:
- sshkey|success
- name: setup affinity group
cs_affinitygroup: name={{ cs_resource_prefix }}-ag
register: ag
- name: verify setup affinity group
assert:
that:
- ag|success
- name: setup security group
cs_securitygroup: name={{ cs_resource_prefix }}-sg
register: sg
- name: verify setup security group
assert:
that:
- sg|success
- name: setup instance to be absent
cs_instance: name={{ cs_resource_prefix }}-vm-{{ instance_number }} state=absent
register: instance
- name: verify instance to be absent
assert:
that:
- instance|success

View file

@ -0,0 +1,82 @@
---
- name: test add tags to instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
tags:
- { key: "{{ cs_resource_prefix }}-tag1", value: "{{ cs_resource_prefix }}-value1" }
- { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" }
register: instance
- name: verify add tags to instance
assert:
that:
- instance|success
- instance|changed
- instance.tags|length == 2
- instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1"
- instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag2"
- instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1"
- instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value2"
- name: test tags to instance idempotence
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
tags:
- { key: "{{ cs_resource_prefix }}-tag1", value: "{{ cs_resource_prefix }}-value1" }
- { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" }
register: instance
- name: verify tags to instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.tags|length == 2
- instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1"
- instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag2"
- instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1"
- instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value2"
- name: test change tags of instance
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
tags:
- { key: "{{ cs_resource_prefix }}-tag2", value: "{{ cs_resource_prefix }}-value2" }
- { key: "{{ cs_resource_prefix }}-tag3", value: "{{ cs_resource_prefix }}-value3" }
register: instance
- name: verify tags to instance idempotence
assert:
that:
- instance|success
- not instance|changed
- instance.tags|length == 2
- instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1"
- instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag3"
- instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1"
- instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value3"
- name: test not touch tags of instance if no param tags
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
register: instance
- name: verify not touch tags of instance if no param tags
assert:
that:
- instance|success
- not instance|changed
- instance.tags|length == 2
- instance.tags[0]['key'] == "{{ cs_resource_prefix }}-tag1"
- instance.tags[1]['key'] == "{{ cs_resource_prefix }}-tag3"
- instance.tags[0]['value'] == "{{ cs_resource_prefix }}-value1"
- instance.tags[1]['value'] == "{{ cs_resource_prefix }}-value3"
- name: test remove tags
cs_instance:
name: "{{ cs_resource_prefix }}-vm-{{ instance_number }}"
tags: []
register: instance
- name: verify remove tags
assert:
that:
- instance|success
- not instance|changed
- instance.tags|length == 0

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,58 @@
---
- name: setup
cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent
register: ig
- name: verify setup
assert:
that:
- ig|success
- name: test fail if missing name
action: cs_instancegroup
register: ig
ignore_errors: true
- name: verify results of fail if missing name
assert:
that:
- ig|failed
- ig.msg == "missing required arguments: name"
- name: test present instance group
cs_instancegroup: name={{ cs_resource_prefix }}_ig
register: ig
- name: verify results of create instance group
assert:
that:
- ig|success
- ig|changed
- ig.name == "{{ cs_resource_prefix }}_ig"
- name: test present instance group is idempotence
cs_instancegroup: name={{ cs_resource_prefix }}_ig
register: ig
- name: verify results present instance group is idempotence
assert:
that:
- ig|success
- not ig|changed
- ig.name == "{{ cs_resource_prefix }}_ig"
- name: test absent instance group
cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent
register: ig
- name: verify results of absent instance group
assert:
that:
- ig|success
- ig|changed
- ig.name == "{{ cs_resource_prefix }}_ig"
- name: test absent instance group is idempotence
cs_instancegroup: name={{ cs_resource_prefix }}_ig state=absent
register: ig
- name: verify results of absent instance group is idempotence
assert:
that:
- ig|success
- not ig|changed
- ig.name is undefined

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,58 @@
---
- name: setup
cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent
register: sg
- name: verify setup
assert:
that:
- sg|success
- name: test fail if missing name
action: cs_securitygroup
register: sg
ignore_errors: true
- name: verify results of fail if missing name
assert:
that:
- sg|failed
- sg.msg == "missing required arguments: name"
- name: test present security group
cs_securitygroup: name={{ cs_resource_prefix }}_sg
register: sg
- name: verify results of create security group
assert:
that:
- sg|success
- sg|changed
- sg.name == "{{ cs_resource_prefix }}_sg"
- name: test present security group is idempotence
cs_securitygroup: name={{ cs_resource_prefix }}_sg
register: sg
- name: verify results present security group is idempotence
assert:
that:
- sg|success
- not sg|changed
- sg.name == "{{ cs_resource_prefix }}_sg"
- name: test absent security group
cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent
register: sg
- name: verify results of absent security group
assert:
that:
- sg|success
- sg|changed
- sg.name == "{{ cs_resource_prefix }}_sg"
- name: test absent security group is idempotence
cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent
register: sg
- name: verify results of absent security group is idempotence
assert:
that:
- sg|success
- not sg|changed
- sg.name is undefined

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,105 @@
- name: test remove http range rule
cs_securitygroup_rule:
security_group: default
start_port: 8000
end_port: 8888
cidr: 1.2.3.4/32
state: absent
register: sg_rule
- name: verify create http range rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'tcp'
- sg_rule.start_port == 8000
- sg_rule.end_port == 8888
- sg_rule.cidr == '1.2.3.4/32'
- name: test remove http range rule idempotence
cs_securitygroup_rule:
security_group: default
start_port: 8000
end_port: 8888
cidr: 1.2.3.4/32
state: absent
register: sg_rule
- name: verify create http range rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed
- name: test remove single port udp rule
cs_securitygroup_rule:
security_group: default
port: 5353
protocol: udp
type: egress
user_security_group: '{{ cs_resource_prefix }}_sg'
state: absent
register: sg_rule
- name: verify remove single port udp rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'egress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'udp'
- sg_rule.start_port == 5353
- sg_rule.end_port == 5353
- sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'
- name: test remove single port udp rule idempotence
cs_securitygroup_rule:
security_group: default
port: 5353
protocol: udp
type: egress
user_security_group: '{{ cs_resource_prefix }}_sg'
state: absent
register: sg_rule
- name: verify remove single port udp rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed
- name: test remove icmp rule
cs_securitygroup_rule:
security_group: default
protocol: icmp
type: ingress
icmp_type: -1
icmp_code: -1
state: absent
register: sg_rule
- name: verify icmp rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.cidr == '0.0.0.0/0'
- sg_rule.protocol == 'icmp'
- sg_rule.icmp_code == -1
- sg_rule.icmp_type == -1
- name: test remove icmp rule idempotence
cs_securitygroup_rule:
security_group: default
protocol: icmp
type: ingress
icmp_type: -1
icmp_code: -1
state: absent
register: sg_rule
- name: verify icmp rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed

View file

@ -0,0 +1,7 @@
- name: cleanup custom security group
cs_securitygroup: name={{ cs_resource_prefix }}_sg state=absent
register: sg
- name: verify setup
assert:
that:
- sg|success

View file

@ -0,0 +1,4 @@
- include: setup.yml
- include: present.yml
- include: absent.yml
- include: cleanup.yml

View file

@ -0,0 +1,118 @@
- name: test create http range rule
cs_securitygroup_rule:
security_group: default
start_port: 8000
end_port: 8888
cidr: 1.2.3.4/32
register: sg_rule
- name: verify create http range rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'tcp'
- sg_rule.start_port == 8000
- sg_rule.end_port == 8888
- sg_rule.cidr == '1.2.3.4/32'
- name: test create http range rule idempotence
cs_securitygroup_rule:
security_group: default
start_port: 8000
end_port: 8888
cidr: 1.2.3.4/32
register: sg_rule
- name: verify create http range rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'tcp'
- sg_rule.start_port == 8000
- sg_rule.end_port == 8888
- sg_rule.cidr == '1.2.3.4/32'
- name: test create single port udp rule
cs_securitygroup_rule:
security_group: default
port: 5353
protocol: udp
type: egress
user_security_group: '{{ cs_resource_prefix }}_sg'
register: sg_rule
- name: verify create single port udp rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'egress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'udp'
- sg_rule.start_port == 5353
- sg_rule.end_port == 5353
- sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'
- name: test single port udp rule idempotence
cs_securitygroup_rule:
security_group: default
port: 5353
protocol: udp
type: egress
user_security_group: '{{ cs_resource_prefix }}_sg'
register: sg_rule
- name: verify single port udp rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed
- sg_rule.type == 'egress'
- sg_rule.security_group == 'default'
- sg_rule.protocol == 'udp'
- sg_rule.start_port == 5353
- sg_rule.end_port == 5353
- sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'
- name: test icmp rule
cs_securitygroup_rule:
security_group: default
protocol: icmp
type: ingress
icmp_type: -1
icmp_code: -1
register: sg_rule
- name: verify icmp rule
assert:
that:
- sg_rule|success
- sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.cidr == '0.0.0.0/0'
- sg_rule.protocol == 'icmp'
- sg_rule.icmp_code == -1
- sg_rule.icmp_type == -1
- name: test icmp rule idempotence
cs_securitygroup_rule:
security_group: default
protocol: icmp
type: ingress
icmp_type: -1
icmp_code: -1
register: sg_rule
- name: verify icmp rule idempotence
assert:
that:
- sg_rule|success
- not sg_rule|changed
- sg_rule.type == 'ingress'
- sg_rule.security_group == 'default'
- sg_rule.cidr == '0.0.0.0/0'
- sg_rule.protocol == 'icmp'
- sg_rule.icmp_code == -1
- sg_rule.icmp_type == -1

View file

@ -0,0 +1,56 @@
- name: setup custom security group
cs_securitygroup: name={{ cs_resource_prefix }}_sg
register: sg
- name: verify setup
assert:
that:
- sg|success
- name: setup default security group
cs_securitygroup: name=default
register: sg
- name: verify setup
assert:
that:
- sg|success
- name: setup remove icmp rule
cs_securitygroup_rule:
security_group: default
protocol: icmp
type: ingress
icmp_type: -1
icmp_code: -1
state: absent
register: sg_rule
- name: verify remove icmp rule
assert:
that:
- sg_rule|success
- name: setup remove http range rule
cs_securitygroup_rule:
security_group: default
start_port: 8000
end_port: 8888
cidr: 1.2.3.4/32
state: absent
register: sg_rule
- name: verify remove http range rule
assert:
that:
- sg_rule|success
- name: setup remove single port udp rule
cs_securitygroup_rule:
security_group: default
port: 5353
protocol: udp
type: egress
user_security_group: '{{ cs_resource_prefix }}-user-sg'
state: absent
register: sg_rule
- name: verify remove single port udp rule
assert:
that:
- sg_rule|success

View file

@ -0,0 +1,3 @@
---
dependencies:
- test_cs_common

View file

@ -0,0 +1,89 @@
---
- name: setup cleanup
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent
- name: test fail on missing name
action: cs_sshkeypair
ignore_errors: true
register: sshkey
- name: verify results of fail on missing name
assert:
that:
- sshkey|failed
- sshkey.msg == "missing required arguments: name"
- name: test ssh key creation
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey
register: sshkey
- name: verify results of ssh key creation
assert:
that:
- sshkey|success
- sshkey|changed
- sshkey.fingerprint is defined and sshkey.fingerprint != ""
- sshkey.private_key is defined and sshkey.private_key != ""
- sshkey.name == "{{ cs_resource_prefix }}-sshkey"
- name: test ssh key creation idempotence
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey
register: sshkey2
- name: verify results of ssh key creation idempotence
assert:
that:
- sshkey2|success
- not sshkey2|changed
- sshkey2.fingerprint is defined and sshkey2.fingerprint == sshkey.fingerprint
- sshkey2.private_key is not defined
- sshkey2.name == "{{ cs_resource_prefix }}-sshkey"
- name: test replace ssh public key
cs_sshkeypair: |
name={{ cs_resource_prefix }}-sshkey
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsTI7KJZ8tz/CwQIrSol41c6s3vzkGYCMI8o7P9Et48UG9eRoGaMaGYaTvBTj/VQrD7cfurI6Bn0HTT3FLK3OHOweyelm9rIiQ2hjkSl+2lIKWHu992GO58E5Gcy9yYW4sHGgGLNZkPBKrrj0w7lhmiHjPtVnf+2+7Ix1WOO2/HXPcAHhsX/AlyItDewIL4mr/BT83vq0202sPCiM2cFQJl+5WGwS1wYYK8d167cspsmdyX7OyAFCUB0vueuqjE8MFqJvyIJR9y8Lj9Ny71pSV5/QWrXUgELxMYOKSby3gHkxcIXgYBMFLl4DipRTO74OWQlRRaOlqXlOOQbikcY4T rene.moser@swisstxt.ch"
register: sshkey3
- name: verify results of replace ssh public key
assert:
that:
- sshkey3|success
- sshkey3|changed
- sshkey3.fingerprint is defined and sshkey3.fingerprint != sshkey2.fingerprint
- sshkey3.private_key is not defined
- sshkey3.name == "{{ cs_resource_prefix }}-sshkey"
- name: test replace ssh public key idempotence
cs_sshkeypair: |
name={{ cs_resource_prefix }}-sshkey
public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsTI7KJZ8tz/CwQIrSol41c6s3vzkGYCMI8o7P9Et48UG9eRoGaMaGYaTvBTj/VQrD7cfurI6Bn0HTT3FLK3OHOweyelm9rIiQ2hjkSl+2lIKWHu992GO58E5Gcy9yYW4sHGgGLNZkPBKrrj0w7lhmiHjPtVnf+2+7Ix1WOO2/HXPcAHhsX/AlyItDewIL4mr/BT83vq0202sPCiM2cFQJl+5WGwS1wYYK8d167cspsmdyX7OyAFCUB0vueuqjE8MFqJvyIJR9y8Lj9Ny71pSV5/QWrXUgELxMYOKSby3gHkxcIXgYBMFLl4DipRTO74OWQlRRaOlqXlOOQbikcY4T rene.moser@swisstxt.ch"
register: sshkey4
- name: verify results of ssh public key idempotence
assert:
that:
- sshkey4|success
- not sshkey4|changed
- sshkey4.fingerprint is defined and sshkey4.fingerprint == sshkey3.fingerprint
- sshkey4.private_key is not defined
- sshkey4.name == "{{ cs_resource_prefix }}-sshkey"
- name: test ssh key absent
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent
register: sshkey5
- name: verify result of key absent
assert:
that:
- sshkey5|success
- sshkey5|changed
- sshkey5.fingerprint is defined and sshkey5.fingerprint == sshkey3.fingerprint
- sshkey5.private_key is not defined
- sshkey5.name == "{{ cs_resource_prefix }}-sshkey"
- name: test ssh key absent idempotence
cs_sshkeypair: name={{ cs_resource_prefix }}-sshkey state=absent
register: sshkey6
- name: verify result of ssh key absent idempotence
assert:
that:
- sshkey6|success
- not sshkey6|changed
- sshkey6.fingerprint is not defined
- sshkey6.private_key is not defined
- sshkey6.name is not defined