Update identity_role to work with latest sdk

Also renames the test role to match the module name

Change-Id: Ie59da441d39fe2d0e49430662d853bc9628181e0
This commit is contained in:
Rafael Castillo 2022-04-13 15:36:40 -07:00 committed by Jakob Meng
parent 4a7330364e
commit cc1b5ecae8
7 changed files with 113 additions and 50 deletions

View File

@ -63,13 +63,13 @@
dns_zone_info
floating_ip_info
group
identity_role
image
keypair
keystone_domain
keystone_federation_protocol
keystone_idp
keystone_mapping
keystone_role
loadbalancer
nova_flavor
nova_services

View File

@ -0,0 +1,7 @@
role_name: ansible_keystone_role
expected_fields:
- description
- domain_id
- id
- links
- name

View File

@ -0,0 +1,83 @@
---
- name: Cleanup before tests
block:
- openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: absent
name: "{{ role_name }}"
- block:
- name: Delete unexistent role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: absent
name: "{{ role_name }}"
register: role
- name: Assert role didn't change
assert:
that: role is not changed
- block:
- name: Create keystone role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: present
name: "{{ role_name }}"
register: role
- name: Try to get role
openstack.cloud.identity_role_info:
cloud: "{{ cloud }}"
name: "{{ role_name }}"
register: roles
- name: Assert role found
assert:
that:
- roles.openstack_roles | length == 1
- name: Assert role changed
assert:
that: role is changed
- name: Assert return fields
assert:
that: item in role['role']
loop: "{{ expected_fields }}"
- name: Assert return value
assert:
that: role['role']['name'] == role_name
- name: Assert retrieved values
assert:
that: roles.openstack_roles[0].name == role_name
- block:
- name: Create existing keystone role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: present
name: "{{ role_name }}"
register: role
- name: Assert role not changed
assert:
that: role is not changed
- name: Assert return fields
assert:
that: item in role['role']
loop: "{{ expected_fields }}"
- block:
- name: Delete keystone role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: absent
name: "{{ role_name }}"
register: role
- name: Assert role changed
assert:
that: role is changed
- name: Try to get role
openstack.cloud.identity_role_info:
cloud: "{{ cloud }}"
name: "{{ role_name }}"
register: roles
- name: Assert no role found
assert:
that:
- roles.openstack_roles | length == 0

View File

@ -1 +0,0 @@
role_name: ansible_keystone_role

View File

@ -1,35 +0,0 @@
---
- name: Create keystone role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: present
name: "{{ role_name }}"
- name: List keystone roles
openstack.cloud.identity_role_info:
cloud: "{{ cloud }}"
register: roles
- name: Check roles
assert:
that:
- roles.openstack_roles | length > 0
- "'{{ role_name }}' in (roles.openstack_roles | map(attribute='name') | list)"
- name: List keystone roles by name
openstack.cloud.identity_role_info:
cloud: "{{ cloud }}"
name: "{{ role_name}}"
register: roles1
- name: Check roles
assert:
that:
- roles1.openstack_roles | length == 1
- roles1.openstack_roles[0]['name'] == role_name
- name: Delete keystone role
openstack.cloud.identity_role:
cloud: "{{ cloud }}"
state: absent
name: "{{ role_name }}"

View File

@ -16,6 +16,7 @@
tags: dns
when: sdk_version is version(0.28, '>=')
- { role: floating_ip_info, tags: floating_ip_info }
- { role: identity_role, tags: identity_role }
- { role: image, tags: image }
- { role: keypair, tags: keypair }
- { role: keystone_domain, tags: keystone_domain }
@ -28,7 +29,6 @@
- role: keystone_federation_protocol
tags: keystone_federation_protocol
when: sdk_version is version(0.44, '>=')
- { role: keystone_role, tags: keystone_role }
- { role: network, tags: network }
- role: neutron_rbac
tags:

View File

@ -47,12 +47,24 @@ RETURN = '''
role:
description: Dictionary describing the role.
returned: On success when I(state) is 'present'.
type: complex
type: list
elements: dict
contains:
description:
description: Description of the role resource
type: str
sample: role description
domain_id:
description: Domain to which the role belongs
type: str
sample: default
id:
description: Unique role ID.
type: str
sample: "677bfab34c844a01b88a217aa12ec4c2"
links:
description: Links for the role resource
type: list
name:
description: Role name.
type: str
@ -83,25 +95,22 @@ class IdentityRoleModule(OpenStackModule):
name = self.params.get('name')
state = self.params.get('state')
role = self.conn.get_role(name)
role = self.conn.identity.find_role(name)
if self.ansible.check_mode:
self.exit_json(changed=self._system_state_change(state, role))
changed = False
if state == 'present':
if role is None:
role = self.conn.create_role(name)
role = self.conn.identity.create_role(name=name)
changed = True
else:
changed = False
role = role.to_dict(computed=False)
self.exit_json(changed=changed, role=role)
elif state == 'absent':
if role is None:
changed = False
else:
self.conn.delete_role(name)
changed = True
self.exit_json(changed=changed)
elif state == 'absent' and role is not None:
self.conn.identity.delete_role(role['id'])
changed = True
self.exit_json(changed=changed)
def main():