Add controller-token role
This patch adds this new role created from: - validations/controller-token.yaml Change-Id: Ifa1485a2c250078bdd88552ab4886bc53b988d5e Implements: blueprint validation-framework Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
This commit is contained in:
parent
1e671512c8
commit
ca09fe51ea
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- hosts: undercloud, Controller
|
||||
vars:
|
||||
metadata:
|
||||
name: Verify that keystone admin token is disabled
|
||||
description: >
|
||||
This validation checks that keystone admin token is disabled on both
|
||||
undercloud and overcloud controller after deployment.
|
||||
groups:
|
||||
- post-deployment
|
||||
keystone_conf_file: "/var/lib/config-data/puppet-generated/keystone/etc/keystone/keystone.conf"
|
||||
roles:
|
||||
- controller-token
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
keystone_conf_file: "/var/lib/config-data/puppet-generated/keystone/etc/keystone/keystone.conf"
|
|
@ -0,0 +1,27 @@
|
|||
galaxy_info:
|
||||
author: TripleO Validations Team
|
||||
company: Red Hat
|
||||
license: Apache
|
||||
min_ansible_version: 2.4
|
||||
|
||||
platforms:
|
||||
- name: CentOS
|
||||
versions:
|
||||
- 7
|
||||
- name: RHEL
|
||||
versions:
|
||||
- 7
|
||||
|
||||
categories:
|
||||
- cloud
|
||||
- baremetal
|
||||
- system
|
||||
galaxy_tags: []
|
||||
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||
# remove the '[]' above, if you add tags to this list.
|
||||
#
|
||||
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||
# Maximum 20 tags per role.
|
||||
|
||||
dependencies: []
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: Fetch token value
|
||||
become: true
|
||||
ini:
|
||||
path: "{{ keystone_conf_file }}"
|
||||
section: DEFAULT
|
||||
key: admin_token
|
||||
ignore_missing_file: True
|
||||
register: token_result
|
||||
|
||||
- name: Check if token value is disabled.
|
||||
fail: msg="Keystone admin token is not disabled."
|
||||
when: token_result.value != None
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
metadata:
|
||||
name: Verify that keystone admin token is disabled
|
||||
description: >
|
||||
This validation checks that keystone admin token is disabled on both
|
||||
undercloud and overcloud controller after deployment.
|
||||
groups:
|
||||
- post-deployment
|
Loading…
Reference in New Issue