From 7f800b4a9c18734ece33eca065b0e65b4e5b7346 Mon Sep 17 00:00:00 2001 From: Bram Verschueren Date: Mon, 3 Feb 2020 18:59:19 +0100 Subject: [PATCH] Add tests for os_user_role in multidomain context This adds test for assignment of keystone roles to a group/user in a multidomain context. Related: https://review.opendev.org/#/c/703930/ Change-Id: I6422f823e8fb8a0757941e8bd692d3d8c0abbf88 --- ci/roles/user_role/defaults/main.yaml | 4 ++ ci/roles/user_role/tasks/main.yaml | 96 +++++++++++++++++++++++++++ ci/run-collection.yml | 1 + 3 files changed, 101 insertions(+) create mode 100644 ci/roles/user_role/defaults/main.yaml create mode 100644 ci/roles/user_role/tasks/main.yaml diff --git a/ci/roles/user_role/defaults/main.yaml b/ci/roles/user_role/defaults/main.yaml new file mode 100644 index 00000000..0c09cb7f --- /dev/null +++ b/ci/roles/user_role/defaults/main.yaml @@ -0,0 +1,4 @@ +domain_name: ansible_domain +user_name: ansible_user +group_name: ansible_group +keystone_role_name: anotherrole diff --git a/ci/roles/user_role/tasks/main.yaml b/ci/roles/user_role/tasks/main.yaml new file mode 100644 index 00000000..406e2bb2 --- /dev/null +++ b/ci/roles/user_role/tasks/main.yaml @@ -0,0 +1,96 @@ +- name: Create domain + openstack.cloud.os_keystone_domain: + cloud: "{{ cloud }}" + state: present + name: "{{ domain_name }}" + register: domain + +- name: Create group in default domain + openstack.cloud.os_group: + cloud: "{{ cloud }}" + state: present + name: "{{ group_name }}" + domain_id: default + +- name: Create group in specific domain + openstack.cloud.os_group: + cloud: "{{ cloud }}" + state: present + name: "{{ group_name }}" + domain_id: "{{ domain.id }}" + +- name: Create user in default domain + openstack.cloud.os_user: + cloud: "{{ cloud }}" + state: present + name: "{{ user_name }}" + domain: default + +- name: Create user in specific domain + openstack.cloud.os_user: + cloud: "{{ cloud }}" + state: present + name: "{{ user_name }}" + domain: "{{ domain.id }}" + +- name: Assign role to group in default domain + openstack.cloud.os_user_role: + cloud: "{{ cloud }}" + role: "{{ keystone_role_name }}" + group: "{{ group_name }}" + domain: default + +- name: Assign role to group in specific domain + openstack.cloud.os_user_role: + cloud: "{{ cloud }}" + role: "{{ keystone_role_name }}" + group: "{{ group_name }}" + domain: "{{ domain.id }}" + +- name: Assign role to user in default domain + openstack.cloud.os_user_role: + cloud: "{{ cloud }}" + role: "{{ keystone_role_name }}" + user: "{{ user_name }}" + domain: default + +- name: Assign role to user in specific domain + openstack.cloud.os_user_role: + cloud: "{{ cloud }}" + role: "{{ keystone_role_name }}" + user: "{{ user_name }}" + domain: "{{ domain.id }}" + +- name: Delete group in default domain + openstack.cloud.os_group: + cloud: "{{ cloud }}" + state: absent + name: "{{ group_name }}" + domain_id: default + +- name: Delete group in specific domain + openstack.cloud.os_group: + cloud: "{{ cloud }}" + state: absent + name: "{{ group_name }}" + domain_id: "{{ domain.id }}" + +- name: Delete user in default domain + openstack.cloud.os_user: + cloud: "{{ cloud }}" + state: absent + name: "{{ user_name }}" + domain: default + +- name: Delete user in specific domain + openstack.cloud.os_user: + cloud: "{{ cloud }}" + state: absent + name: "{{ user_name }}" + domain: "{{ domain.id }}" + +- name: Delete domain + openstack.cloud.os_keystone_domain: + cloud: "{{ cloud }}" + state: absent + name: "{{ domain_name }}" diff --git a/ci/run-collection.yml b/ci/run-collection.yml index 9340ccd0..78e10412 100644 --- a/ci/run-collection.yml +++ b/ci/run-collection.yml @@ -23,4 +23,5 @@ - { role: subnet, tags: subnet } - { role: user, tags: user } - { role: user_group, tags: user_group } + - { role: user_role, tags: user_role } - { role: volume, tags: volume }